SOAP SAP user credentials
Hi
we have an INBOUND SAP PROXY in PI 7.11 calling our SAP BACKEND. We want our partner to call this ws in PI. What user credentials must the user in PI have in order to complete the SOAP call?
thx in advance
Cheers
Edited by: bohamo on Dec 13, 2010 3:21 PM
HI,
Your question is not fully clear. Looks like you are planning to do Soap to proxy i.e webservice to proxy.
To provide end users to access your web service, you can go with many options.
a) User credentials login and password. Talk to basis to create one user for accessing the web service. Something very similar to end user profile.
b) certificate authentication. We can generate a certificate and maintain in the Netweaver side. Provide that information to the client.
To know more about user credentials or certificate authentication please use the below link.
http://help.sap.com/saphelp_nwpi711/helpdata/en/48/3555240bea31c3e10000000a42189d/content.htm
Thanks
Baskar
Similar Messages
-
Error while scheduling report for SAP users
Hi All,
We have SAP authentication enabled in our BO environment. (BO XI 3.1 sp2 FP 2.6 on windows 2003 server).
There are some webi reports based on BW Bex queries that we are trying to run on behalf of certain SAP end users. This we are doing using "schedule for" option.
Now what is happening here is if the end user has logged in once in BO system ,it runs fine. But in case user has not logged in to BO (using infoview etc.) ,it throws error saying "incomplete logon data" . Also if user changes or reset his password in BW and if he doesn't login to infoview after that ,system throws another error "Name or password incorrect (repeat logon)".
Based on these observation, we are suspecting if BO system uses stored SAP users credentials while scheduling report for them based on their last login.
Would like to mention here that we have checked option "automatically import users".
Please advice if this behavior is normal or we are missing some setting.
Thanks in advance,
ChandraHi All,
Any pointers or suggestions for this issue ??
Is there a setting/option avialable in CMC which could resolve these errors.
Or, user has to login once to infoview in all circumstances to avoid these errors.
Thanks,
Chandra -
SAP WS Navigator is asking for User Credentials
Hi all,
When i am trying to test a web service in SAP Transaction SOAMANAGER->WS Navigator , it is displaying a popup to provide Username and Password. I tried giving my User credentials but no luck.
Can anyone please help me in this issue, of what credentials i should pass through it.
At least let me know how i can test webservice from SOAPUI, my question is , will it still ask me for user credentials from SOAPUI too.
Appreciate your help.
Regards,
Praveen Kambala.Hi Praveen,
You can also test web service using WSADMIN transaction. In that expand SOAP application for Web serivces. there you can find your web serivce name. Select it and click on Web serivce hompage button or WSDL button in the above.
Regards,
Shravan Kumar N -
SAP PI problem: User credentials are invalid or user is denied access
Hi!
I am about to configure SAP PI.
Therefore I have run post installation wizard step PI_00 and get the following errors:
Error: Not able to load Function SWF_XI_BPM_AUTO_CUSTOMIZE
(cause:Name or password is incorrect (repeat logon)).
Step: Execute SWF_XI_BPM_AUTO_CUSTOMIZE
Error: User credentials are invalid or user is denied access
Step: Add Installed Product2
Questions:
How can I identify which user/password makes problems here?
P.S.
My further problems are:
2) It is not possible to work with XI tools, such as:
Integration Directory, Integration Repository, Runtime Workbench
When I try to execute some action in these tools I get the following error:
Cannot connect to Repository
Error during communication with System Landscape Directory: User credentials are invalid or user is denied access.
2) When I try to access the NetWeaver configuration wizard (http://localhost:50000/nwa)
I get the followign warnig:
System Landscape Directory is not available
Only local systems can be maintened
Thank you very much
ThomHi,
Check the similar discussion Error in PI postinstallation wizard
Wrong password PISUPER in PI_00 wizard
Thanks!
Edited by: Sudhir Tiwari on Nov 26, 2008 10:29 AM -
How do you stop BSPs on WebSEAL for asking for user-credentials?
Hi
We are currently having an issue with BSP Pages. When we test the BSP pages on the R/3 system they work OK. When we test them directly on the Portal then they too also work. The problem is that they are not working properly on our Intranet.
The intranet that we use is an IBM Tivoli product (also known as WebSEAL). We currently have WebSEAL SSO to our SAP Portal. This is working OK. When we use WebSEAL to access the portal we are prompted to enter our user-id and password so that the BSP page can be displayed. This should not be happening and it defeats the purpose of SSO. I have attached a screen shot document to demonstate this.
Some time ago we had a similar issue where the transactions on the portal (when executed from WebSEAL) were giving us a Webdynpro time-out error. I later determined that the cookie information was not being passed to WebSEAL. To fix this, I went to the Visual Administrator and went to server >> services >> web container and for the web container "sap.com/irj" I went to the cookie configuration to add a session cookie. By doing this I fixed my previous problem.
Coming back to my problem, I had a junction created in WebSEAL to point to the bsp directory (sap/bc/sap/bsp/*) on the host concerned. I had both a SSL and TCP junction created both resulted in error messages - stating that the client (SAP) is asking for user credentials.
Hoping that I have provided enough information above my question is as follows:
(1) How can I get the BSP messages to work on WebSEAL such that it will not ask for user credentials to be entered? Would this involve making a further change to a Web Container? If so - which container also needs a session cookie to be generated?
Thanks
Kind Regards
Rajdeep KumarHi Peter
I am having an issue with the re-direct and am hoping you might be able to provide a little assistance. If not then not to worry.
My security department have logged a call with IBM 2 days ago yet have not received any response.
In your document you mention that you need to have a junction to AS-JAVA and a junction to AS-ABAP.
We have created the junctions "/sapep" (for AS-JAVA) and "saphr1" (for AS-ABAP).
The junction /sapep" also contains the junction mapping entries "/irj/" and "/SSOTicket/".
The direct URL to the hidden image is : https://uadsfi01.auiag.corp:53001/SSOTicket/1x1.gif. I have tested this (using my user id and password) and it works OK.
When testing the image through TAM (https://test.insideiaghome.iaglimited.net/sapep/SSOTicket/1x1.gif) we get an "unexpected authentication challenge"
I have reviewed the log below and it seems that we are having an authentication issue with the image:
==(START OF LOG)==
2008-06-16-19:59:58.365+10:00I----- thread(136) trace.pdweb.debug:2 /sand/cholt/laura_amweb510_11LA/src/pdweb/wand/wand/log.c:309: -
PD ===> BackEnd -
Thread_ID:52943
GET /SSOTicket/1x1.gif HTTP/1.1
via: HTTP/1.1 uattam01:443
host: uadsfi01.auiag.corp:53001
user-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; MS-RTC LM 8; .NET CLR 2.0.50727)
iv_server_name: uatin1-webseald-uattam01
accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, /
iagsapid: 52975
accept-language: en-au
referer: https://test.insideiaghome.iaglimited.net/sapabap.html
connection: close
iv-user: s52975
2008-06-16-19:59:58.373+10:00I----- thread(136) trace.pdweb.debug:2 /sand/cholt/laura_amweb510_11LA/src/pdweb/wand/wand/log.c:309: -
PD <=== BackEnd -
Thread_ID:52943
HTTP/1.1 401 Unauthorized
content-type: text/html
date: Mon, 16 Jun 2008 09:59:58 GMT
cache-control: no-cache
content-length: 1787
www-authenticate: Basic realm="Upload Protected Area"
server: SAP J2EE Engine/7.00
expires: 0
pragma: no-cache
connection: close
==(END OF LOG)==
When logging into the SAP Portal directly general user ids have no problem accessing this (Non-Administrator portal users), however through Tivoli it is causing an issue.
Do you know what may be causing this issue?
Thanks in advance for any assistance you can offer.
Kind Regards
Rajdeep Kumar -
Not able to pass user credentials in a full trust proxy to call web service in Sandbox solution
Hello,
I am trying to build a sandbox webpart that calls a windows authenticated webservice to fetch some data. I tried to pass the DefaultCredentials to the webservice proxy but The credentials passed are that of the
usercodeserviceproxy process ( in my case it is network service) . I see that the user account trying to authenticate is Domain\machinname$ which is the network service.
My question is - is there a way to pass the logged in user credentials to the web service from sandbox proxy ?' in Host Names is not allowed. Our hosname has '_'.
http://help.sap.com/saphelp_nw70ehp1/helpdata/en/67/be9442572e1231e10000000a1550b0/frameset.htm -
Dynamic user credentials for XI receiver communication channel
Hi Experts,
I am working on File(XML ) to ABAP proxy scenario. I want to know if I get the user-id and password information to login to R/3 system as part of the XML payload, can I use this information to connect to R/3 system in my XI Receiver communication channel?
Using a generic user credentials either in RFC destination or specifying it in communication channel configuration will not work. This is because the requirement is that the objects that will be created in inbound ABAP proxy (for ex Material Master) should be created with the user information that is coming from payload rather than a generic user.
Any pointers how to acheive this?
Thanks and regards,
Prasad
Edited by: Prasad MLN on Nov 16, 2009 4:00 PMHi,
You might want to learn more about Principal Propagation in sap XI:
http://www.sdn.sap.com/irj/scn/weblogs;jsessionid=(J2EE3417300)ID2039785750DB21057082877817322485End?blog=/pub/wlg/7068%3Fpage%3Dlast%26x-order%3Ddate
http://help.sap.com/saphelp_nwpi71/helpdata/en/45/0f16bef65c7249e10000000a155369/content.htm
Regards,
Ravi Kanth Talagana -
How to disable web service authentication by sap-user string in url
Hi Experts,
I am publish some RFC function as webservice for my SAP AS ABAP, i set the authentication as basic. I can using http basic authentication to call the service and get the result. But it also accept passing user/password through the url string: http://localhost:8001/sap/bc/soap/wsdl11?services=BAPI_PO_CHANGE&sap-client=100&sap-user=myId&sap-password=myPassword
I want to disable this, make it no user/password through url string. Can anyone tell me how to do it, thanks.
Best regards,
PeterWell, it's not a backdoor - but (extremely) bad style: an URL should never contain any authentication data (like UID & PWD) nor should it ever contain any (security) session ID (which, if valid, would allow to skip authentication).
So, I agree with you / your customer: it should be (made) possible to configure the system to discard / ignore any authentication data which is contained in the URL.
I recommend to submit a customer message to SAP (using message component BC-MID-ICF). You might refer to this SDN posting (by providing the URL) in the support ticket.
PS: Basic Authentication is not much better but at least the information (UID & PWD) is not sent in the clear (although simply Base64-encoded) and not in the URL (but in the http header). Sending cleartext data in the URL is really the worst. The best is: use stronger authentication mechanisms (e.g. X.509 client certificates, Kerberos, Biometric authentication mechanisms, etc.). -
CR prompts for user credentials after refresh even though I'm using SSO
Hello Experts,
We have a problem with a customeru2019s project concerning Crystal Reportu2019s Single Sign On feature:
Even though weu2019re using SSO, Crystal Reports prompts for user credentials every time a refresh is performed manually in the browser.
We already checked SAP note [1214594 - How to avoid database login prompts when refreshing reports in Crystal Reports|http://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/oss_notes_boj/sdn_oss_boj_bi/sap%28bd1lbizjptawmq==%29/bc/bsp/spn/scn_bosap/notes%7B6163636573733d36393736354636443646363436353344333933393338323636393736354637333631373036453646373436353733354636453735364436323635373233443330333033303331333233313334333533393334%7D.do]. The note suggests using Microsoft Windows authentication (trusted connection or operating system authentication) u2013 unfortunately we cannot use this kind of authentication in our project.
Do you have any hint, idea or suggestions?
Thank you in advance!Hello,
What kind of Project are you developing? Search for Post Back in the SDK forum and Kbase system so you can keep the log on token active. Likely what is happening is the Token or connection times out after 20 minutes, which is IIS's default timeout. Using the postback method is one way of keeping the SSO connection active.
Thank you
Don -
Using SAP User name without system/client name
Hello,
How to display and use i9d3719 instead of db1~100/i9d3719?
So if I want to lon on to designer, I want to enter i9d3719 in username instead of db1~100/i9d3719. Same goes for wneh an user logs to Webi, their username should be displayed without the SAP system and client id.
Thanks,
NikhilAkhil,
I hope this will never work. Think about your requirement for a second....
This would mean an application is able to see my user credentials without my knowledge. It's bad enough the know my IP if I'm not using TOR.
To get your requirement to work you have to redefine it a bit. The user have to log in to your application. The application holds the name together with an ID of the session to know the user in further requests.
Thats a basic security theme, described in the dos [Adding Security to a Fusion Web Application|http://download.oracle.com/docs/cd/E12839_01/web.1111/b31974/adding_security.htm] .
Timo -
SAP user authentication in ABAP program
We are building a custom application in SAP.
One of the functionality required is - Before printing a certificate ,we need to verify SAP user ID and password.
Is there any FM in SAP which I can use or any other way by which I can ask user to enter his user ID and password and then autheticate it against actual SAP credentials.Hi,
try using FM SUSR_CHECK_LOGON_DATA
with import parameters
AUTH_METHOD = 'P'
USERID = <userid>
PASSWORD= <password>
Roy -
How to excute workitem in outlook with out entering SAP Logon Credentials
Hi Gurus,
is it possible for excute the work item in out look with out enteing sap logon credentials of the user ?
If possible .
Please guide me how to do ?
Regards
RameshGi have scheduled this program its working fine .
iam getting attachment to my outlook inbox but when i click on that attachment its asking SAP credentials.
here problem is client don't want enter sap credentials here and client wants to excute the work item with out entering sap credentiols .
is there any possibiity on this requirment ?
Thanks in advance.
RameshG -
BizTalk User Credentials, Certificates in transport header
BizTalk handles user credentials in Enterprise Single Sign on and the certificates are stored in Certificate store. I have been asked a general question, Is it possible that user credentials & certificates in a transport header? I am not exactly
sure on this.
VijayYou were asked this? The problem is that the question really doesn't make sense because SSO & the Cert Store and any transport header really have nothing to do with each other.
Also, in the scope of (assuming) an HTTP/SOAP header, it would be highly unusual to have both user credentials and a Certificate because they both exist, in that context, for authentication.
So, to clarify, yes, you can have user credentials or a certificate in a header (there's more than one) for authentication.
The credentials can come from SSO, but don't have to. The certificate would come from the Cert Store. -
CUP 5.2 - LDAP Authentication error - "User credentials not valid."
Hi Experts ,
I have set up LDAP "SUN ONE" as a authentication source for our CUP 5.2 SP11 Patch1 (Build-62316). But when I try to logon with my network id,I receive error "User credentials not valid."
Please find the log below.
Thank you for your help,
Regards,
Abderrahim
2011-03-01 12:07:57,232 [SAPEngine_Application_Thread[impl:3]_27] ERROR Failed to log in a867168
com.virsa.ae.service.umi.AuthenticationFailureException: No user details found
at com.virsa.ae.service.umi.ldap.LDAPAuthenticator.validate(LDAPAuthenticator.java:140)
at com.virsa.ae.actions.LoginAction.requestorLoginHandler(LoginAction.java:847)
at com.virsa.ae.actions.LoginAction.execute(LoginAction.java:82)
at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:256)
at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:423)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(AccessController.java:207)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
Caused by:
com.virsa.ae.service.umi.UMIException: SUNONE error reading search results
at com.virsa.ae.service.umi.ldap.LDAPSearchUser.getUsers(LDAPSearchUser.java:698)
at com.virsa.ae.service.umi.ldap.LDAPSearchUser.getUserById(LDAPSearchUser.java:760)
at com.virsa.ae.service.umi.ldap.LDAPAuthenticator.validate(LDAPAuthenticator.java:131)
at com.virsa.ae.actions.LoginAction.requestorLoginHandler(LoginAction.java:847)
at com.virsa.ae.actions.LoginAction.execute(LoginAction.java:82)
at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:256)
at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:423)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(AccessController.java:207)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
Caused by:
javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name ''
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3030)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2951)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2757)
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1828)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1751)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:386)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:347)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:332)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:252)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:252)
at com.virsa.ae.service.umi.ldap.LDAPSearchUser.getUsers(LDAPSearchUser.java:518)
at com.virsa.ae.service.umi.ldap.LDAPSearchUser.getUserById(LDAPSearchUser.java:760)
at com.virsa.ae.service.umi.ldap.LDAPAuthenticator.validate(LDAPAuthenticator.java:131)
at com.virsa.ae.actions.LoginAction.requestorLoginHandler(LoginAction.java:847)
at com.virsa.ae.actions.LoginAction.execute(LoginAction.java:82)
at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:256)
at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:423)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(AccessController.java:207)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)My issue is stil not received, i hav send a document to the system team to follow for the integration. The AD configuration for QM shud be very expicit or else integration will not work. I am attachin the doc here. Let me knw if that helps.
-
Propagating user credentials to Web Services in WebLogic 6.1
Hi All,
Does anybody provide me some information about propagating client
credentials to the Web Service. Agree with documentation I have tried as in
code below, but it doesn't work. On a server i still have a guest user.
Thanks in advance for any help.
Properties h = new Properties();
h.put(Context.INITIAL_CONTEXT_FACTORY,
"weblogic.soap.http.SoapInitialContextFactory");
h.put("weblogic.soap.wsdl.interface",
RaServices.class.getName() );
h.put(Context.SECURITY_AUTHENTICATION,"simple");
h.put(Context.SECURITY_PRINCIPAL,"user");
h.put(Context.SECURITY_CREDENTIALS,"password");
Context context = new InitialContext(h);Hi Jerzy,
Were you actually able to achieve what you wanted? I'm not exactly sure, because
you said "it began to work", but you also said I "wasted much of your time". If
you still are not satisfied, I'm sure the folks in our tech support area can help
you.
Regards,
Mike Wooten
"Jerzy Nawrot" <[email protected]> wrote:
Hi Mike,
Thank you for comprehensive explanation how to resolve my problem. I
have
done all work exactly
as you wrote and then it began to work, both for static and dynamic
client.
As is written in WebLogic documentation
I only restricted access to the stateless session bean that implements
my
Web Service, not the SOAP servlet.
It seams that in this case user credentials are not propagated from servlet
to ejb.
Thanks once again you wasted much time for me.
Regards ,
Jerzy Nawrot
"Michael Wooten" <[email protected]> wrote in message
news:[email protected]...
Hi Jerzy,
This does indeed work, because I just verified it. Let's go througheverything
to make sure you have all the pieces.
1. You need client code that looks something like
proxy.setUserName(userName);
proxy.setPassword(password);
where "userName" has been assigned the value of the user and "password"is
a clear-text
representation of their password.
2. You need to use the Admin console to add the user to the system.I add
mlwooten
as a user, and employees as a group. Then I put mlwooten in the employeesgroup.
3. The web.xml file for your web service should contain lines similarto
this:
<security-constraint>
<web-resource-collection>
<web-resource-name>PhoneBookService</web-resource-name>
<url-pattern>/examples/webservices/security/PhoneBookService</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>AuthorizedUsers</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
<security-role>
<role-name>AuthorizedUsers</role-name>
</security-role>
4. The weblogic.xml for your web service should look something like:
<weblogic-web-app>
<security-role-assignment>
<role-name>AuthorizedUsers</role-name>
<principal-name>employees</principal-name>
</security-role-assignment>
<reference-descriptor>
<ejb-reference-description>
<ejb-ref-name>examples.webservices.security.PhoneBookService</ejb-ref-name>
<jndi-name>examples.webservices.security.PhoneBookService</jndi-name>
</ejb-reference-description>
</reference-descriptor>
</weblogic-web-app>
6. That's all I did to get it to work.
NOTE: wsgen does not add the stuff in 4 and 5, above. You must addit
manually.
Regards,
Mike Wooten
"Jerzy Nawrot" <[email protected]> wrote:
Hi Michael,
Thanks for your advice.
The way you have proposed I've tested earlier and unfortunately this
method
does'nt work properly too.
It seams that session bean used as a Web Service knows nothing about
user
credentials passed from a client aplication.
Maybe, there is a bug in servlet
weblogic.soap.server.servlet.StatelessBeanAdapter wchich does'nt
propagate
credentials to a session bean implementing a Web Service, or some
configuration tasks are required on the WebLogic Web Server Components
Jerzy Nawrot
"Michael Wooten" <[email protected]> wrote in message
news:[email protected]...
Hi Jerzy,
You must do this through the WebServiceProxy object. The methods
you
want
are:
setUserName(String userName);
setPassword(String password);
The internals of WebServiceProxy will Base64 encode the password
before
it
invokes
the target web service.
Regards,
Mike Wooten
"Jerzy Nawrot" <[email protected]> wrote:
Hi All,
Does anybody provide me some information about propagating client
credentials to the Web Service. Agree with documentation I have
tried
as in
code below, but it doesn't work. On a server i still have a guestuser.
Thanks in advance for any help.
Properties h = new Properties();
h.put(Context.INITIAL_CONTEXT_FACTORY,
"weblogic.soap.http.SoapInitialContextFactory");
h.put("weblogic.soap.wsdl.interface",
RaServices.class.getName() );
h.put(Context.SECURITY_AUTHENTICATION,"simple");
h.put(Context.SECURITY_PRINCIPAL,"user");
h.put(Context.SECURITY_CREDENTIALS,"password");
Context context = new InitialContext(h);
Maybe you are looking for
-
Printing problem with InDesign CS6 Trial version
I have the trial CS6 InDesign. Began printing my doc but when I got to page 81 I got an error: "Printing Error: The Adobe Print Engine has failed to output your data due to an unknown problem". Have NO issues in preflight check.It printed fine but su
-
Opening a tab (right click on a url) and I get an empty/blank window. If I copy the url from the emty/blank tab and then open a new private browsing window and do a paste and go, everything works.
-
Hi Gurus, for last 2 days, no Jobs are being started in my BI system. Whenever I schedule or start any job.. it says job started.. But when I check in SM37, I find the start column empty. And the delay(secs) column has the number of seconds increasin
-
Decentral Adapter engine or Local adapter engine requires separate databse?
I'm installing De-central/Local adapter engine in my landscape. Does it requires a separate databse?? My OS is AIX and Database is Oracle. Can someone give me the installation document for Decentral adapter engine. Thanks Sagar
-
Nikon Capture NX or Camera Raw
Using Nikon Capture NX, Camera Raw best for photos?