HTTP Basic Autnetication - LDAP Realm

Similar Messages

• BASIC/LDAP Realm Authentication

  I am trying to protect access to my Web Application using BASIC
  Authentication based on an LDAPRealm that I have configured. I want all
  users that try to access anything in my Web App to have to log in first,
  based on their information in the LDAP server.
  My web.xml file looks as such.
  <web-app>
  <display-name>LDAPSpike</display-name>
  <servlet>
  <servlet-name>TestServlet</servlet-name>
  <servlet-class>test.TestServlet</servlet-class>
  </servlet>
  <servlet-mapping>
  <servlet-name>TestServlet</servlet-name>
  <url-pattern>/test</url-pattern>
  </servlet-mapping>
  <login-config>
  <auth-method>BASIC</auth-method>
  <realm-name>ActiveDirectoryCachingRealm</realm-name>
  </login-config>
  </web-app>
  Do I need to setup a <security-constraint> tag or a <security-role> tag? if
  so what role do I use? I just want ANY user the be authenticated by using
  the LDAP Realm (in this case ActiveDirectory as an LDAP Server)
  Thanks in advance for the help...
  Frank
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  Frank Febbraro
  Senior Software Engineer

  Plamen Petrov wrote:
  I am having similar problem. I managed to grant access
  to individual users and groups in the LDAP server, but
  what I want to do is to give access to everyone in
  the LDAP directory without explicitly specifiyng his
  name or group membership.Create a group "everyone" in LDAP as a workaround.
  Cheers,
  Alexander Petrushko
  mailto:[email protected]
  Consulting Services available
  Freemarker vs JSP:
  http://javaworld.com/javaworld/jw-01-2001/jw-0119-freemarker.html

• WL6.0 LDAP Realm problems

  I'm trying out WL6.0 (eval version) LDAP realm support and having trouble
  getting it to work - basic auth just keeps popping the window up 3 times and
  then giving up. Only pertinent message in the log is:
  ####<Mar 16, 2001 12:03:21 PM EST> <Info> <Security> <FOOBAR>
  <examplesServer> <ExecuteThread: '11' for queue: 'default'> <> <> <090021>
  <Locking account, user jdoe.>
  No obvious LDAP info or errors in the log, despite adding the following two
  to the startup script cmd line and restarting the server:
  -Dweblogic.security.realm.debug=true -Dweblogic.security.ldaprealm.verbose=t
  rue
  The HTTP basic-auth dialog box is correctly showing me that I'm trying to
  authenticate to: MyLDAPRealm
  Here's the config info for MyLDAPRealm
  <LDAPRealm AuthProtocol="simple"
  Credential="myserverpasswd"
  GroupDN="o=mycompany,c=us" GroupIsContext="false" GroupNameAttribute="cn"
  GroupUsernameAttribute="uniquemember"
  LDAPURL="ldap://tug:390"
  Name="MyLDAPRealm"
  Principal="cn=myserver,ou=myserverstuff,o=mycompany,c=US"
  UserAuthentication="local"
  UserDN="o=mycompany,c=us" UserNameAttribute="uid"/>
  It's a Netscape 4.1 Directory server, and I've verified that the above
  server account exists AND can authenticate and retrieve account
  userpasswords (yes, the server account is "cn=" while the user accounts are
  "uid=" - don't ask :-)....
  I've tried both "bind" and "local" and get the same results both ways.
  Any ideas???

  Did you use the most recent ldap patch? I could not get it to work fine
  with the default wls6.0sp1, but with the ldap-patch it works fine.
  AND probably even more important... change
  <Realm FileRealm="..." Name=".....">
  to
  <Realm CachingRealm"MyCachingRealm" FileRealm="..." Name=".....">
  Hope this helps...
  Ronald
  Sushil Pulikkal wrote:
  Hi Tom,
  I am using iPlanet Directory server with WL6.0 (which I presume is supported as
  Netscape's is) and facing the same problem as Mike was i.e account locking after
  three attempts(bottom of the message). I have created my own caching realm with
  the basic realm being MyLDAPRealm.
  The log gives no info other than the one about account locking.
  My config.xml looks something like this -
  <CachingRealm BasicRealm="MyLDAPRealm" CacheCaseSensitive="true" Name="MyCachingRealm"/>
  <PasswordPolicy Name="wl_default_password_policy"/>
  <LDAPRealm AuthProtocol="simple" Credential="enslaved"
  GroupDN="ou=Aussies,dc=timerasolutions,dc=com"
  GroupUsernameAttribute="uniquemember"
  LDAPURL="ldap://DJ-SUSHILP.timerasolutions.com:389"
  Name="MyLDAPRealm"
  Principal="uid=admin, ou=Administrators,
  ou=TopologyManagement, o=NetscapeRoot"
  UserAuthentication="bind"
  UserDN="ou=Aussies,dc=timerasolutions,dc=com"
  UserNameAttribute="uid"/>
  The browser window does pop up, but the user id doesn't get authenticated. Is
  there a way to know whether WLS is actually going to the LDAP server for authentication?
  Any insight into this?
  Thanks in advance,
  Sushil
  "Tom Moreau" <[email protected]> wrote:
  Mike,
  I haven't had any trouble getting the LDAPRealm to work
  in WLS 6.0. Could it be that while you've created the LDAPRealmMBean,
  you haven't told WLS to use it?
  In other words, you can create many realm configurations then
  you need to activate the one you want. If you haven't, the
  we just use the file realm. The file realm won't be able
  to authenticate you (since you put the info in LDAP!) and
  after 3 failures, will lock out the account.
  The instructions for selecting the realm are at:
  http://e-docs.bea.com/wls/docs60/adminguide/index.html
  See:
  12. Managing Security
  Specifying a Security Realm
  Configuring the Caching Realm
  The basic idea is:
  1) create your LDAP Realm (you've already done this)
  2) create a CachingRealm
  3) set the CachingRealm's BasicRealm to your LDAP Realm
  4) set the Security Realm's CachingRealm to your Caching Realm
  5) reboot
  It's pretty easy to do this through the admin console.
  Otherwise, you can edit config.xml by hand.
  Here's how:
  <Domain>
  <Security
  Name="mydomain"
  Realm="myRealm"
  />
  <Realm
  Name="myRealm"
  FileRealm="myFileRealm"
  CachingRealm="myCachingRealm"
  />
  <FileRealm
  Name="myFileRealm"
  />
  <CachingRealm
  Name="myCachingRealm"
  BasicRealm="myLDAPRealm"
  />
  <LDAPRealm
  Name="myLDAPRealm"
  />
  -Tom
  "Mike" <[email protected]> wrote:
  BTW, before someone suggests it, I found Tom Moreau's
  suggestion to use:
  <ServerDebug Name="examplesServer" DebugSecurityRealm="true"
  />
  under the <Server> element in config.xml and restarted
  with this and still
  no additional
  info from the LDAP realm printed about why it's not working
  (nothing but the
  same
  locking account message mentioend below).
  Is the source for the LDAP realm available so I can debug
  it myself or has
  anybody
  written their own LDAP realm that they'd be willing to
  share with the group?
  Thanks again,
  ...Mike
  "Mike" <[email protected]> wrote in message
  news:[email protected]...
  Ok I've verified that the -Dweblogic.security.ldaprealm.verbose
  probably
  won't
  work with 6.0 (old 5.x and previous style property),
  but I can't figure
  out
  what
  replaced it, to figure out why the LDAP realm isn't
  working for me...
  The property mapping guide at:
  http://e-docs.bea.com/wls/docs60///////config_xml/properties.html
  shows that things like weblogic.security.ldaprealm.url
  changed to LDAPURL in config.xml (without telling
  you that this resides as an XML attribute of
  <Domain><LDAPRealm ... /></Domain> although that's
  easy enough to find by looking through the example
  LDAP realm.
  It then says that weblogic.security.ldaprealm.verbose
  has changed to "Debug" in config.xml, but doesn't
  say whether that's a "Debug" XML attribute on one
  of the XML elements in there, or whether it's an
  XML node itself, or where in the config.xml doc
  it goes... It doesn't work as an attribute of
  <LDAPRealm ...> (server won't start with it there)
  and it doesn't show up at all in the DTD for config.xml
  so I'm assuming the mapping doc at the above url is
  wrong. Anybody know what this really became in 6.0?
  I've tried setting StdoutDebugEnabled="true" in config.xml
  and turning the logging level all the way up to see
  everything, but even
  then all I
  get is the account locked message, not why it's failing
  to authenticate
  via
  LDAP...
  Any other ideas?
  "Mike" <[email protected]> wrote in message
  news:[email protected]...
  I'm trying out WL6.0 (eval version) LDAP realm support
  and having
  trouble
  getting it to work - basic auth just keeps popping
  the window up 3 times
  and
  then giving up. Only pertinent message in the log
  is:
  ####<Mar 16, 2001 12:03:21 PM EST> <Info> <Security>
  <FOOBAR>
  <examplesServer> <ExecuteThread: '11' for queue: 'default'>
  <> <>
  <090021>
  <Locking account, user jdoe.>
  No obvious LDAP info or errors in the log, despite
  adding the following
  two
  to the startup script cmd line and restarting the
  server:
  -Dweblogic.security.realm.debug=true -Dweblogic.security.ldaprealm.verbose
  =t
  rue
  The HTTP basic-auth dialog box is correctly showing
  me that I'm trying
  to
  authenticate to: MyLDAPRealm
  Here's the config info for MyLDAPRealm
  <LDAPRealm AuthProtocol="simple"
  Credential="myserverpasswd"
  GroupDN="o=mycompany,c=us" GroupIsContext="false"
  GroupNameAttribute="cn"
  GroupUsernameAttribute="uniquemember"
  LDAPURL="ldap://tug:390"
  Name="MyLDAPRealm"
  Principal="cn=myserver,ou=myserverstuff,o=mycompany,c=US"
  UserAuthentication="local"
  UserDN="o=mycompany,c=us" UserNameAttribute="uid"/>
  It's a Netscape 4.1 Directory server, and I've verified
  that the above
  server account exists AND can authenticate and retrieve
  account
  userpasswords (yes, the server account is "cn=" while
  the user accounts
  are
  "uid=" - don't ask :-)....
  I've tried both "bind" and "local" and get the same
  results both ways.
  Any ideas???

• LDAP realm in Weblogic

  I am using Netscape Directory Service 4.2. I want to use LDAP realm for authentication from Weblogic 5.1. I have created a principal(kevink - username and cambridge - group) in NDS. I have created a servlet and registered in Weblogic giving permission to execute the servlet to the above username and group. I have the following entry in my weblogic properties file weblogic.allow.execute.weblogic.servlet.helloWorld=\ kevink, cambridge
  I have also created the LDAPRealm.properties file in my weblogic home directory.
  When I start weblogic with the LDAP debug mode on, I get the following messages
  Mon May 01 14:38:52 EDT 2000:<W> <CachingRealm> ACL "weblogic.servlet.helloWorld" contains non existent principal "kevink" - ignoring principal ******** Error: ACL "weblogic.servlet.helloWorld" contains non-existent principal "kevink" - i noring principal
  Mon May 01 14:38:52 EDT 2000:<W> <CachingRealm> ACL "weblogic.servlet.helloWorld" contains non- existent principal "cambridge" - ignoring principal ******** Error: ACL "weblogic.servlet.helloWorld" contains non-existent principal "cambridge" - ignoring principal
  Any ideas to solve this problem are welcome Ram

  Yep. And if your LDAP realm is hooked up correctly, you'll see groups from your ldap realm
  in the weblogic console, under the Security->Groups tab on the frame to the left.
  Keep in mind that you will not see users from your LDAP server under the Security->Users
  tab. This is expected behavior. But if you see the groups, then you've most likely hooked
  up the LDAP realm the right way ...
  Joe Jerry
  Vishwanath Kumar wrote:
  Hello Kumar,
  I am attaching a small portion of config.xml which contains LDAP settings . Please change
  this according to your LDAP server configuration and test it . I hope this should help
  you out.
  You also need to create a caching realm and then hook up that caching realm to this LDAP
  realm .
  For more information this URL should be helpful:
  http://e-docs.bea.com/wls/docs61/adminguide/cnfgsec.html#1071872
  here is portion of config.xml
  <LDAPRealm AuthProtocol="simple" Credential="dropdead"
  GroupDN="o=beasys.com,ou=Groups" GroupIsContext="false"
  GroupNameAttribute="cn" GroupUsernameAttribute="uniquemember"
  LDAPURL="ldap://mmanson:389"
  Name="defaultLDAPRealmForNetscapeDirectoryServer"
  Notes="This is provided as an example. Before enabling this Realm, you must edit
  the configuration parameters as appropriate for your environment."
  Principal="uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot"
  UserAuthentication="bind" UserDN="o=beasys.com,ou=People"
  UserNameAttribute="uid" UserPasswordAttribute="userpassword"/>
  kumar wrote:
  Hi,
  I have tried to configure LDAP realm in weblogic, but I think it is not configured
  correctly. And I don't know how to test it. Can anybody send me the sample config.xml
  having LDAP realm configured correctly. Please send me a sample program to access
  LDAP realm via weblogic.
  Thx--
  Vishwanath Kumar
  Developer Relations Engineer
  BEA Systems, Inc.

• LDAP realm with Active Directory

  Hello,
  In the sun one app server admin console i have set the security role to LDAP.
  I have set up security roles in my web.xml such as this:
  <security-role>
  <description>This role represents administrators of the system, see actor administrators</description>
  <role-name>administrators</role-name>
  </security-role>
  ..and mapped the roles to groups in sun-application as follows:
  <security-role-mapping>
  <role-name>administrators</role-name>
  <group-name>CMS_PM</group-name>
  <principal-name>rlancett</principal-name>
  </security-role-mapping>
  My user and group information is stored in Active Directory so I have tried to configure the ldap realm in the admin console to get it working. These are the settings i have put in:
  directory: ldap://earth.tier2consulting.com:389
  base-dn: cn=Users,dc=tier2consulting,dc=com
  jaas-context: ldapRealm
  search-bind-dn: cn=administrator,cn=Users,dc=domain,dc=com
  search-bind-password: ******
  search-filter: sAMAccountName=%s
  I get the error message :javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 525, v893
  WARNING: va:850)
  FINEST: JAAS authentication aborted.
  INFO: SEC5046: Audit: Authentication refused for [administrator].
  I am pretty stuck on this having looked arounds all the forums:
  Has anyone got sun one app server using Active Directory to get user/group information for security roles?
  Thanks.

  Howdy,
  I don't have a solution to your problem, but maybe this tid-bit will help in debugging with Active Directory error messages. I'm new to AD, so excuse me if everyone already knows this, but...
  The error message you get back from the directory contains an error code in hexidecimal:
  LDAP: error code 49 - 80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 525, v893
  If you translate '525' from hex to decimal you get '1317' which is the error message you can look up here:
  http://msdn.microsoft.com/library/default.asp?url=/library/en-us/debug/base/system_error_codes.asp
  1317 - ERROR_NO_SUCH_USER - The specified user does not exist.
  It took me a while to find this tip, so I thought I'd share it. Oh, and the easy way to get decimal from hexidecimal is:
  System.out.println( "Here is 525 in decimal: " + Integer.parseInt("525", 16));
  Okay, hope this helps somebody.
  Now it's up to you to find out why it can't find the administrator!
  Craig

• UDDI inquiry service HTTP-Basic authentication in BPEL (10.1.3.1)

  Hi Gurus,
  I'd like to know how we can setup BPEL server for Oracle Service Registry UDDI with HTTP-BASIC authentication for inquiry service (apart of OWSM solution)?
  Imagine that in Service Registry I have defined HTTP-BASIC authentication (REGISTRY_HOME/app/uddi/services/Wasp-inf/package.xml) for inquiry service used in BPEL domain (uddiLocation key in BPEL domain configuration). And now I'd like to provide credentials. In package.xml I have this
  <service-endpoint path="/inquiry" version="3.0" name="UDDIInquiryV3Endpoint"
  service-instance="tns:UDDIInquiryV3" processing="tns:UDDIv1v2v3InquiryProcessing"
  accepting-security-providers="HttpBasic">
  <wsdl uri="uddi_api_v3.wsdl" service="uddi_api_v3:UDDI_Inquiry_SoapService"/>
  <envelopePrefix xmlns="arbitraryNamespace" value=""/>
  <namespaceOptimization xmlns="arbitraryNamespace">false</namespaceOptimization>
  </service-endpoint>
  I don't see any field with username or password. Is it automaticaly taken from security provider configured for Service Registry (for example LDAP)? If yes then it is clear.
  But what about BPEL engine, where can I provide those credentials? Is it some secret configuration file? Or only supported way is to configure it through OWSM component in order to enrich request by credentials (what about license, when customer doesn't want to use OWSM)?
  Do I miss something in this concept?
  Thanks
  Peter

  as said internally - file an ER for it pls - and I will take care of it, depending on the demand - either for 10.1.3.1 GA or 10.1.3.1 patchset ..
  we will support only HTTP Basic Auth - rest will follow per customer demand ..
  /clemens

• JDev3: http basic auth

  Can the web-to-go(?) httpd in JDev3 be configured to support http basic auth? How do I configure it to setup my realms? thnx.

  Please note that I am able to do some basic programmatic configuration of the JDev3 httpd , such as doing:
  oracle.jdeveloper.debugger.ServletDebugger dbg = new oracle.jdeveloper.debugger.ServletDebugger();
  dbg.setRootDir("D:/JDev3/");
  But I have been unsuccessful in other tasks
  such as:
  dbg.setDocumentRootDir("D:/myDir");
  dbg.setServerPort("9090");
  Compiler tells me these two methods are not supported by class oracle.jdeveloper.debugger.ServletDebugger
  Info on how to configure the JDev3 httpd for - the doc root
  -listen port,
  - and realms for http basic auth
  would be greatly appreciated. If correct documentation exists please point me to them (the JDev3 Help documentation contains erroneous information on some of these topics). thnx

• HTTP Basic authentication on EJB 3.0 based web service

  How do I enable HTTP Basic authentication on EJB 3.0 based web services for OAS? Does any one have a sample solution ?
  I manually updated oracle-webservices.xml file to include the following:
  <ejb-transport-security-constraint>
  <soap-port/>
  <role-name>users</role-name>
  <transport-guarantee>NONE</transport-guarantee>
  </ejb-transport-security-constraint>
  <ejb-transport-login-config>
  <auth-method>BASIC</auth-method>
  <realm-name>jazn.com</realm-name>
  </ejb-transport-login-config>
  When I use SOAP UI to test the web service I get the following error.
  403 Forbidden
  Error initializing security, security-role not found: users

  I still get the 403 forbidden error message. I do not get the second part of the error message though.

• LDAP Realm & ACLs

  i'm using WL510sp8 with a Netscape Dir Server...
  when i start weblogic with the LDAP Realm configured it takes forever (20+ minutes) to start up because weblogic goes to the realm and ldap to check other acls in weblogic.properties like "everyone" and "system"...
  how can i get around having these other acls checked in the ldap server??? subclass LDAPRealm and stop it manually? delegating realm with both ldap and wlproperties???
  thanks
  mal

  "Mike Westaway" <[email protected]> wrote in message
  news:[email protected]..
  >
  My weblogic web application is configured to authenticate against a groupin an ldap
  realm using basic authentication.
  This all works just fine.
  But now I want to query the LDAP server in the context of the current userto find
  out what directory entries I have read/write acecss to.
  I don't believe there is any method in the LDAP realm that would allow you
  to do your own
  queries against the LDAP server.

• Selecting LDAP Realm V2

  My environment is WL 6.1 SP2.
  I am currently using the LDAP Realm V1 (deprecated) and would like to switch to LDAP
  Realm V2. The problem is that my WL console does not give me the option to configure
  a LDAP Realm V2 when creating a new security realm. The only options I get are: LDAP
  Realm V1, NT Realm, UNIX Realm, RDBMS Realm and Custom Realm.
  I would appreciate it if anybody can tell me what needs to be done to get the configure
  LDAP Realm V2 option.
  Thanks
  Charl

  I have had a custom realm that handles ACLs since 5.1. My question is I want to
  mix it with the out-of-the box ldaprealm v2. I was hoping for a failover mechanism
  where I can supply a custom realm that knows how to authorize and leave it up
  to the canned ldaprealm to authenticate. The filerealm behaves in such a manner,
  does it not.
  I will try your idea about extending the ldaprealm. But, the challenge will be
  in dealing with the delegate.
  "Utpal" <[email protected]> wrote:
  If you extend the weblogic.security.ldaprealmv2.LDAPRealm and implements
  newAcl, deleteAcl, newPermission,
  setPermission etc, I think it's doable.
  =========
  public class weblogic.security.ldaprealmv2.LDAPRealm extends
  weblogic.security.a
  cl.AbstractListableRealm implements weblogic.security.acl.DebuggableRealm
  =========
  -utpal
  "Utpal" <[email protected]> wrote in message
  news:[email protected]..
  Why don't you use the Custom Security Realm? You can construct an ACLin a
  custom seecurity realm.
  http://edocs.beasys.com/wls/docs61/security/prog.html#1042361
  -utpal
  "Ziad Kurdi" <[email protected]> wrote in message
  news:3c9b4c80$[email protected]..
  Is there a way in 6.1 to use the supplied LDAP Realm V2 for
  authentication
  and
  managing groups, but enhance it with ACL's (stored in a database)
  for
  authorization?
  Obviously, I would like to take advantage of the server's caching
  realm
  capabilities.
  I currently running a custom realm (from 5.1 which works in 6.1)
  that
  mixes LDAP
  authentication, group management, and DB ACL's for authorization,
  but I
  no
  longer
  wish to capture the user's password (due to sorporate policies) and
  would
  like
  to avoid maitaining the authentication code.
  Thanks in advance for any assistance.

• LDAP Realm

  "Hi , I was able to connect to LDAP Netscape Directory Server 4.1 successfully,i was able to see the users

  Yep. And if your LDAP realm is hooked up correctly, you'll see groups from your ldap realm
  in the weblogic console, under the Security->Groups tab on the frame to the left.
  Keep in mind that you will not see users from your LDAP server under the Security->Users
  tab. This is expected behavior. But if you see the groups, then you've most likely hooked
  up the LDAP realm the right way ...
  Joe Jerry
  Vishwanath Kumar wrote:
  Hello Kumar,
  I am attaching a small portion of config.xml which contains LDAP settings . Please change
  this according to your LDAP server configuration and test it . I hope this should help
  you out.
  You also need to create a caching realm and then hook up that caching realm to this LDAP
  realm .
  For more information this URL should be helpful:
  http://e-docs.bea.com/wls/docs61/adminguide/cnfgsec.html#1071872
  here is portion of config.xml
  <LDAPRealm AuthProtocol="simple" Credential="dropdead"
  GroupDN="o=beasys.com,ou=Groups" GroupIsContext="false"
  GroupNameAttribute="cn" GroupUsernameAttribute="uniquemember"
  LDAPURL="ldap://mmanson:389"
  Name="defaultLDAPRealmForNetscapeDirectoryServer"
  Notes="This is provided as an example. Before enabling this Realm, you must edit
  the configuration parameters as appropriate for your environment."
  Principal="uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot"
  UserAuthentication="bind" UserDN="o=beasys.com,ou=People"
  UserNameAttribute="uid" UserPasswordAttribute="userpassword"/>
  kumar wrote:
  Hi,
  I have tried to configure LDAP realm in weblogic, but I think it is not configured
  correctly. And I don't know how to test it. Can anybody send me the sample config.xml
  having LDAP realm configured correctly. Please send me a sample program to access
  LDAP realm via weblogic.
  Thx--
  Vishwanath Kumar
  Developer Relations Engineer
  BEA Systems, Inc.

• How to access SOAP web service with authentication, HTTP basic Authentication

  Dear All
  i use Flash Builder 4.5, flex 4..1, i am developing a flex client to soap webservices hosted over Glassfish 2 Java server, the web services is protected by HTTP Basic Authentication, everythime i run my code , the prombt for username and password show up, i need to pass user name and password through action script, i followed the flollowing (but was for http web service, not soap) but really did not work.
  http://stackoverflow.com/questions/490806/http-basic-authentication-wi th-httpservice-objects-in-adobe-flex-air
  http://forums.adobe.com/message/4262868
  private function authAndSend(service:HTTPService):void
          var encoder:Base64Encoder = new Base64Encoder();
          encoder.insertNewLines = false; // see below for why you need to do this
          encoder.encode("someusername:somepassword");
          service.headers = {Authorization:"Basic " +encoder.toString()};                                               
          service.send();
  Also i noticed in debug mode, always that WARNNING raised up
  Warning: Ignoring 'secure' attribute in policy file from http://fpdownload.adobe.com/pub/swz/crossdomain.xml.  The 'secure' attribute is only permitted in HTTPS and socket policy files.  See http://www.adobe.com/go/strict_policy_files for details.
  any idea ?

  Hello,
  I don't know if this could help.
  Another way to connect to a web service by SOAP and WSDL is to click on the Data/Services panel, then click on "Connect to Data/Services" and then select the "Web Service" (WSDL) icon. This could help as well.

• How to call a web service from BPEL that requires HTTP basic authentication

  Hi All,
  I need to calling some Web Services from BPEL (SOA 10.1.3.1 production running on XP machine). The services require HTTP basic authentication.
  I have tried adding httpUsername and httpPassword properties to the ParnterLink, and I see in BPEL Console that they are deployed by checking the descriptor page. But I still get a SOAP fault, HTTP 401: Unathenticated.
  I have also tried using basicHeaders (from memory) = credentials, httpBasicUsername, and httpBasicPassword. Same result.
  I have done a packet trace using Ethereal, and the headers do not seem to contain the userid and password at all.
  Can anyone help?
  Thanks,
  Mark Nelson

  Thanks Bas,
  I have resolved the issue. The provider of the Web Service had not configured if for Basic Authentication. For some reason it worked when they tested, or maybe the did not test. The only thing I had to change was to use:
  <property name="basicHeaders">credentials</property>
  <property name="basicUsername">WMDATA</property>
  <property name="basicPassword">WMDATA</property>
  Instead of:
  <property name="httpUsername">WMDATA</property>
  <property name="httpPassword">WMDATA</property>
  I don’t know why this is, maybe because it is an Axis Web Service.
  Sorry for wasting your time.
  Regards Pete

• Securing Web Applications by HTTP Basic Authentication

  We are working on providing security for web applications in Webdynpro.We downloaded the material from net regarding this.In that it was mentioned to open the webdynpro project's web.xml file in the Netweaver Developer Studio.In the material,we are asked to click the General  TAb and check "Login Configuration".But there is no such checkbox in our general tab screen.Also many tabs are missing like Context,Resources,mapping,Environment,EJB's,Web objects.How to enable/display these tabs?Is there any means of setting properties in the server to get these tabs?
  regards,
  J.Iswaryal
  K.Brinda

  Hi J.Iswaryal,
  I guess two things based on your post.
  1. You have created one wer service and you want to make secure this web service using HTTP basic authentication.
  2. You have such wweb service and you want to consume this web service lets say in webdynpro application.
  <b>For, point one,</b>
  After creating web service goto webservice perspective in NWDS. there, choose your web service project.
  Now, open Web service configuration file recided in your project.
  Here, go under config1-> security and double click on it.
  It will display security options for this web service.
  Choose transport protocol as HTTP, Authentication mechanism as HTTP authentication and choose Basic radio button.
  Now, save this, rebuild this and deploy on server.
  <b>For point 2,</b>
  Make model for your web service.
  before calling your web service, set your username and password in code as shown below.
  wdContext.current<web service model node>element().modelobject()._setusername(<username>);
  wdContext.current<web service model node>element().modelobject()._setPassword(<password>);
  Rehards,
  Bhavik

• Calling Web Service with Http Basic authentication in SOA 11g

  I am calling a webservice which has http basic authentication attached to it. Thus i am adding 'oracle/wss_http_token_client_policy' OWSM policy to the WS refrence in my composite in Jdeveloper,but it doesn't showme the option of providing the http Username and http Password. The only key it is showing me is cf.key.
  Am i missing some steps?
  Please let me know.
  Note - I am working on SOA 11.1.1.4.
  Regards
  Ayush

  Hi Ayush,
  Please refer -
  http://biemond.blogspot.com/2010/08/http-basic-authentication-with-soa.html
  Regards,
  Anuj