SOAP User ID/Password  - Authoraization

Similar Messages

• SOAP Envelope with user id password

  Hi Everyone,
  I want to authenticate the sender with user id/password in soap envelope. Does anybody know the xml format for SAP PI7.11.
  Regards
  Inder

  Ths for responding Baskar.
  I already provided wsdl to them. They are still asking me about how can they  can authenticate themseleve,
  Even if i am using SSL, they still need to provide userid/pswd with appluser role to be able to send data to PI. Only thing with ssl will be that everything will be encrypted.
  I dont want to switch off Basic authentication for all soap adapters. Can we switch off authentication for particular soap interface in enterprise repository.
  Is it possible that when i use ssl certificate, Pi dnt ask for any user id or password. ?
  Regards
  Inder

• URL in sender SOAP channel with user and password

  Hi Expert,
  I have developed SOAP to proxy scenario.The serder WSDL is generated by using sender agreement. In the WSDL we are using default below URL.
  http://host:port/XISOAPAdapter/MessageServlet?channel=party:service:channel
  But the client requirement is that he want SAP user and password also in above url.
  Is this possible in sender SOAP channel?
  Any body can please help me for above issue?
  Thanks.
  Edited by: darshana-PI on Feb 1, 2012 5:26 PM

  Thanks prateek,
  we have used HTTP plain adapter for this and used below link to call that interface in PI. And its working.
  http://server:port/sap/xi/adapter_plain?service=<xxx>&namespace=<xxx>&interface=<xxx>&sap-user=<xxx>&sap-password=<xxx>&qos=BE
  I can understand the security related problem, but that was the requirement for end application.
  Thanks,
  Darshana.

• External Web Service - User and password in HTTP header

  Hi!
  How is it possible to add user and password in the HTTP header in a external web service call? 
  I have created a "Portal Service from WSDL file - Client side" with the wizard in SAP Developer Studio.  I following the Java Development Guide - Web Service Security, and use the <i>secured service connection</i>.  I have also created a new <i>System Landscape</i>, but should the new system be based on HTTP, my own PAR or what?
  How can I check that the user and password is added to the HTTP header or the SOAP envelope? Do I have to scan http traffic with a proxy as Paros or can I find the request sent from SAP EP in the logs?
  Cheers
  Asle

  Hello All,
  I have been struggling a bit while putting a reasonable security framework on a jax-rpc style web service. I'm using JWSDP1.2 to set up the webservice. I've tried to outline my problem below. Please correct me where I'm wrong.
  I've been through the Sun's WS tutorials, but they are not really clear on security. However, from them I surmised that there are two decent authentication techniques. HTTP Basic and mutual authentication (MA) . Both have their drawbacks though. HTTP Basic suffers from poor encryption while MA is a bit difficult to set up on both client and server sides. Another problem with MA is that there is no central repository for users/passwords.
  OK, what I would really like to do is use my own user database to verify users/passwords i.e. use a HTTP Basic like authentication (but at application level) but run it over SSL for encryption. It seems simple, but is it possible?
  Also, I have noted that when I use HTTP Basic on the service side, and use a java client, then setting username/password has no effect. In other words, I can always access the web-service, even with wrong username/password.
  Sorry for the long post. Hope someone can help. Thanks.

• How to change SSO user's password: Get LDAP URL

  Hi,
  I would like to add a 'change user SSO password' form to my BC4J application. The form's submit button fires an action that calls a PL/SQL package. This package receives 7 parameters, and uses de dbms_ldap package to change the user's password.
  Parameters:
  - LDAP Host
  - LDAP Port
  - User DN
  - SSO Username
  - Old Password
  - New Password
  - Retyped New Password (for confirmation)
  I'm trying with a DataForwardAction event whose purpose is to get the user's account information and the LDAP location, but I can't get the LDAP Location (ClassCastException) and the SSOUsername (NullPointerException).
  I'm using JDeveloper 10.1.2.0.0 (Build 1811)
  My question is: ¿What am I doing wrong? ¿Is there any easier way to do this?
  The code is below:
  import javax.servlet.http.HttpServletRequest;
  import oracle.adf.controller.struts.actions.DataActionContext;
  import oracle.adf.controller.struts.actions.DataForwardAction;
  import oracle.security.jazn.JAZNConfig;
  import oracle.security.jazn.spi.ldap.LDAPJAZNProvider;
  public class ChgPwdAction extends DataForwardAction
    public void onChange(DataActionContext ctx) throws Exception
      HttpServletRequest request = ctx.getHttpServletRequest();
      String host                = null;
      String port                = null;
      String userDN              = null;
      String SSOUsername         = null;
      String oldPwd              = null;
      String newPwd              = null;
      String confirmNewPwd       = null;
      try
        LDAPJAZNProvider ldapProvider = (LDAPJAZNProvider)JAZNConfig.getJAZNConfig().getJAZNProvider();
        host = ldapProvider.getJAZNConfig().getLocationURL().getHost();
        port = "" + ldapProvider.getJAZNConfig().getLocationURL().getPort();
      catch (ClassCastException e)
        //System.out.println(e);
        throw new Exception("Missing LDAP location");
      try
        userDN = request.getHeader("Osso-User-Dn");
      catch (NullPointerException e)
        //System.out.println(e);
        throw new Exception("Missing User DN.");
      SSOUsername   = request.getRemoteUser();
      oldPwd        = (String)request.getParameter("oldPwd");
      newPwd        = (String)request.getParameter("newPwd");
      confirmNewPwd = (String)request.getParameter("confirmNewPwd");
      request.setAttribute("Host", host);
      request.setAttribute("Port", port);
      request.setAttribute("UserDN", userDN);
      request.setAttribute("SSOUsername", SSOUsername);
      request.setAttribute("OldPwd", (String)ctx.getHttpServletRequest().getParameter("oldPwd"));
      request.setAttribute("NewPwd", (String)ctx.getHttpServletRequest().getParameter("newPwd"));
      request.setAttribute("ConfirmNewPwd", (String)ctx.getHttpServletRequest().getParameter("confirmNewPwd"));
      //System.out.println (userDN + "-" + SSOUsername);
    // To override a method of the lifecycle, go to
    // the main menu "Tools/Override Methods...".
  }Thanks in advance.

  Hi again,
  First of all, thanks for your reply.
  Yes, I know I can use JNDI instead of a call to a PL/SQL package (I visited this link: http://forum.java.sun.com/thread.jspa?threadID=592611&start=0 that explains how to do it), but in both cases I have the same problem: I don't know if it's possible to get the LDAP's environment specifications (PROVIDER_URL, SECURITY_PROTOCOL) dynamically.
  Our production environment's LDAP is not the same as our development environment's LDAP. This is why I want to get this information dynamically.
  I think that this information is stored in the jazn.xml file: Is there any way to get this information?
  Thanks a lot.

• Question on how to Hide the User Name, Password, and Domain fields in the MDT Wizard

  MDT 2012 U1
  Deploying Windows 7 via Offline Media (ISO) to MS Virtual PC's
  I am looking on how to Hide the User Name, Password, and Domain fields which are prepopulated in the MDT wizard via the CS.ini (Not so concerned about the Domain field as I am User Name and Password)
  We do need the Computer Name and OU fields to be seen, so skipping the wizard is not a option
  The client just does not want these fields to be seen by the end users, they dont want them to even know the account name used for adding the machine to the domain, of course the password is not displayed but it must not be displayed either.
  But since we use the fields they must still  be fuctional just not seen.
  Thanks.....
  If this post is helpful please click "Mark for answer", thanks! Kind regards

  You shouldn't have to edit DeployWiz_Definition_ENU.xml. You should only need to add "SkipAdminPassword=YES" to the CS.ini file and your authentication information.
  Example:
  [Settings]
  Priority=Default
  Properties=MyCustomProperty
  [Default]
  OSInstall=Y
  SkipCapture=NO
  SkipAdminPassword=YES
  UserID=<MyUserID>
  UserPassword=<MyPassword>
  UserDomain=<MyDomain.com>
  SkipProductKey=NO
  SkipComputerBackup=YES
  SkipBitLocker=NO
  -Nick O.
  Nick,
  SkipAdminPassword=YES is for:
  You can skip the Administrator Password wizard page by using this property in the
  customsettings.ini.
  I am hidding the Username/Password/and domain field in the computer name Wizard pane which is read from the cs.iniDomainAdmin=xxxxx
  DomainAdminPassword=xxxxx
  DomainAdminDomain=xxxxxx
  JoinDomain=xxxxxx
  If this post is helpful please click "Mark for answer", thanks! Kind regards

• Linking to an OBIEE report without showing the user and password

  Hi!
  we are trying to access to an obiee report from an external portal (coded with php).
  The idea is that the user clicks on a link an gets the report in pdf format. For that purpose we are using this url:
  http://ttivobiee01:7001/analytics/saw.dll?Go&Path=/shared/Prueba/ogp_obi&Action=Print&P0=1&P1=eq&P2="Criteria"."Key"&P3=1402&NQuser=user&NQPassword=pass&format=pdf
  But this url is expossing OBIEE's user and password.
  In order to avoid this security issue we tried to do an wget of the url but it doesn't return the report. Instead we get an html, which seams to download the report chunk by chunk (using javaScript).
  The question is, is there any way that we could let our portal ussers access to an obbie report without expossing the user and password?
  I have been looking into oracle forums and have found this: OBIEE Go URL with password protected
  but we couldn't use this aproach due to security issues.
  Thanks!
  Nuria

  Hi!
  We have finally done this (and it works!)
  <?php
  $urlInforme='http://obi:7001/analytics/saw.dll?Go&Path=/shared/Prueba/ogp_obi&Action=Print&P0=1&P1=eq&P2="Criterios"."Clave oficial"&P3=1402&NQuser=user&NQPassword=pass&format=pdf';
  $ch = curl_init($urlInforme);
  $ckfile = tempnam ("./", "CURLCOOKIE");
  $ch = curl_init ($urlInforme);
  curl_setopt ($ch, CURLOPT_COOKIEJAR, $ckfile);
  curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
  $output = curl_exec ($ch);
  $ch = curl_init ($urlInforme);
  curl_setopt ($ch, CURLOPT_COOKIEFILE, $ckfile);
  curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
  $fp = fopen("salida.pdf", "w");
  curl_setopt($ch, CURLOPT_FILE, $fp);
  $output = curl_exec ($ch);
  curl_close($ch);
  fclose($fp);

• I tried to upgrade the ios on the phone and I was asked for my icloud user and password. I don't remember these exactly and I tried several times with different options but unsuccessfully. I also forget my email used to configurate the phone.

  How i said on the question. I tried to upgrade the ios on the phone and I was asked for my icloud user and password. I don’t remember these exactly and I tried several times with different options but unsuccessfully. I also forget my email used to configurate the phone. I have the phone box and the bill. I sent you an email with my problem and attachments with the box informations, the bill and the reset request. What to do? You said to me:
  Your request comes from an unrecognized email domain. Apple accepts email requests only from email domains for Apple-authorized carriers.
  Please re-submit your request using your official carrier domain.
  but this email is authorized, what to do??
                                                                                                            respectfully, Beba

  If you have forgotten then these links are the only way to resolve
  http://www.apple.com/support/appleid/
  As long as you have owned the iPhone from new and your Apple id is the one used to activate when new
  OR have you recently purchased the iPhone secondhand ?

• I'm trying to get into game center to download some things. Enter user id/password then keep getting a "you are not part of this/the administrator group" then a cancel or retry command. What do I do? (I am using a friends wi-fi) What d

  I am trying to get into the Game Center and download some apps. I enter my user id/password the keep getting a "you are not part of the/this administrators group" message then a cancel/retry command. What do I do to become part of this/the administrators group? I am using a friend's wi-fi...Help!

  I am trying to get into the Game Center and download some apps. I enter my user id/password the keep getting a "you are not part of the/this administrators group" message then a cancel/retry command. What do I do to become part of this/the administrators group? I am using a friend's wi-fi...Help!

• How can I Change a User's password remotely

  Hi all
  I setup an iChat Server. I need to allow the users the ability to change their password without physically accessing the server (including via Remote Managment)
  Thow some iChat(jabber) Clients support changing the password, the iChat Server does not appear to have this option.
  Is there any way to remotely change a user's password ?
  A possible solution would be to setup a Webpage allowing the user to logon and change the Password.
  Is there any web managment tool on OS X Server for this ?
  Any other sugestions?
  Thanks,
  Best regards

  This is getting depressing. I've just speand most of a day getting the OID to support ldaps SSL protocol, since I read that a number of active directory services only allow password change if the connection is encrypted. Finally got my ldaps connection, but the NoPermissionException is still there. The user I'm signing on as is definitely has user security management permissions. I can't seem to modify attributes at all. I added my own optional attribute to the schema, but JNDI can't set it.
  Perhaps the oracle LDAP library in jpdk might help, but I'm not hopeful. If I could find any API documentation I might be more moved to try, but I see no setPassword methods in the relavant classes. This just looks like a fairly thin wrapper for JNDI anyway.
  Does anyone know where the API doc for oracle.ldap.* is? Has anyone got a password to change other than by the SSO's built in change password dialog?
  I'm not hopeful. On these boards I've found many questions along these lines but, thus far, no answers.

• I am trying to sign in to attend a session and it says 'Invalid user or password. Please try again.' I have reset my password and it still doesn't work. I created a new AdobeID and it still doesn't work. I need to attend this training. How can I get in?

  I am trying to sign in to attend a session and it says 'Invalid user or password. Please try again.' I have reset my password and it still doesn't work. I created a new AdobeID and it still doesn't work. I need to attend this training. How can I get in?

  Sorry to hear about this problem. What site are you trying to log in on? Is it a Mozilla site? Usually you don't need to register or sign in to a Mozilla site to use Firefox. Usually you can just go straight to where you want to go.

• HT1515 Will Airport Express work in hotels in China? They require user name/password to connect. Has anyone used one there?

  I will be traveling in China with my iPad2 and want to use hotel wireless. It requires a sign-in with user name/password.  Can I use an Airport Express for this purpose? How do I set it up for that? I have an old Express (pre-2007); can I use it or do I need to upgrade to the new model?

  OK - I have never been to China but the posts here say that it can be done - the cable from the hotel should be connected to the WAN port of the Express - the Express should be in bridge mode and set to create a wireless network with a name and password of your choice - you can do this with a computer before you leave for China or with the iPad if you have previously downloaded the Airport Utility app - you would then connect to your network and attempt to bring up a web page such as Google - the hotel should then intervene and ask you for the login info that they have provided.
  Charlie

• How to reset the forgotten Windows user account password

  I need Toshiba password reset! How do I reset Toshiba laptop? I would be appreciated if you help me Toshiba password recovery, etc. Well, so frequently to meet these problems in our lives. Today, we together share some ways to reset Toshiba password.
  Solution1: Toshiba recovery disks help reset lost password
  It only works if we created the recovery disks or CD before we forgot the password. The following listed are the steps to reset disk for Toshiba Windows 7 recovery:
  a. Start PC, log on Windows 7 and insert an USB flash drive into the driver.
  b. Start -> Control Panel -> User Accounts and Family Safety -> User Accounts -> Create a password reset disk.
  c. In welcome screen click Next and select the inserted USB flash drive, click Next.
  d. Input the login password in the password field and click Next. When progress indicator shows 100% complete, click Finish to exit. Remove the USB driver from PC.
  The method is similar to create a Toshiba recovery CD. Now, the Toshiba Windows 7 password recovery disk is ok. Put it in a safe place for people may use it to reset your password.
  Steps to recover password with created Toshiba password reset disk:
  e. Click Reset Password in the Windows 7 logon window,
  f. Insert the created Toshiba recovery USB disk into the USB driver interface, and click Reset password" to open Password Reset Wizard. Click Next to continue.
  g. Choose this USB disk recovery Toshiba from the drop down box. Click Next to continue.
  h. Input a new password and re-input it again to confirm. Click Next and then Finish to close the wizard.
  Solution2: Reset Toshiba laptop by accounts with administrator rights
  If there is default or built-in admin account or other accounts with administrator privileges and rights, we can use it for Toshiba password bypass. Take Toshiba XP recovery as example:
  A. Boot system from Safe Mode by pressing F8 when PC stars.
  B. Access PC with the available account with administrator rights and privileges.
  C. Start - Local Users and Groups lusrmgr.msc in the Search box ENTER - Local Users and Groups - choose Users.
  D. Right click the account with unlocked password, select Set Password and then input and confirm the new password.
  Solution3: Reset Toshiba password with burned ISO image file
  We can burn an .iso image file into a bootable USB disk or CD/DVD and reset the forgotten password easily and quickly. Take one of the most popular Windows password reset tool Ainorsoft Windows Password Recovery as example:
  a. Download the program from an accessible PC;
  b. Burn its .iso file to a blank CD/DVD or USB disk;
  c. Bypass the lost Toshiba password with the burned CD/DVD on the locked PC.
  Things will not be tricky if we know the methods for Toshiba password reset once we forgot Toshiba laptop password! Please also remember to share them with your friends!

  Thanks for sharing this but you are talking always about Toshiba passwordthis is wrong and I think this could be a little confusing this is a workaround for windows user account password.
  As far as I know there are no password set by Toshiba.
  The user can set the windows user account password if necessary so this workaround describes how to delete a Windows user account password which is common for all computers with preinstalled Windows OS.
  However, thanks for posting ;)

• File Adapter - anonymous login (or )User name ,password login - Efficient?

  Hi Folks,
  In File Adapter processing , anonymous login (or) proper user name password based login is recommended ?
  Because we have faced many issue while using username based login in File adapter  .
  Which one is best ?
  Regards.,
  Shiva

  Hi Shiva ,
  We will go one by one :
  You can go for the Anonymous login  but the problem is the any body can access the FTP server and it is not the secure one,that is why business generally don't allow the Anonymous login.
  Coming to Proper user name password login ,I would advice you to use this one as the connection is more secure in this case.But this also comes with a problem that the username password generally expires after some time as per security policy and you have to change the username password for the FTP server as well as in File adapter which you are using.But this problem can be solved by going for a permanent username and password.
  I would recommend you to go for Proper user name and password.
  Regards
  Ravi Anand
  Edited by: Ravi Anand@85 on Mar 12, 2010 7:56 AM

• Error: sql.SQLError: [-4008] (at 1) Unknown user name/password combination

  Hello Experts,
  After a Test refresh for SCM system, we restored Livecache. The database has been changed and starts using database manager, during registration (Register LCApps) it gives the following error:
  Logical Command: DBMRFC
  Parameter: exec_lcinit register
  Name and Server     : LCQ - dusepierp12
  DBMRFC Function     : DBM_EXECUTE
  Command             : exec_lcinit register
  Error               : DBM Error
  Return Code         :     -24964
  Error Message       : ERR_EXECUTE: error in program execution#
  0,sap\lcinit LCQ  register -uDBM , -uDBA , -uSQL ,
  liveCache LCQ (register)
  The liveCache state is ONLINE
  DBMServer 7.6.04   Build 009-123-182-193
  Creating liveCache application procedures
  ERROR : liveCache LCQ not registered (see "s:\sapdb\data\wrk\LCQ\lcinit.log").
  START *****************************
  liveCache LCQ (register)
  Thu 07/30/2009
  10:26 PM
  installation path = S:\sapdb\LCQ\db
  OK
  DBMServer 7.6.04   Build 009-123-182-193
  Creating liveCache application procedures
  ERR
  -24964,ERR_EXECUTE: error in program execution
  1,""S:\sapdb\LCQ\db\bin\x_python" "S:\sapdb\LCQ\db\env\lapps.py" -R "S:\sapdb\LCQ\db" -d LCQ -u DBADMIN,*"
  Traceback----
  Error----
  sql.SQLError: [-4008] (at 1) Unknown user name/password combination
  Traceback (most recent call last):
    File "S:\sapdb\LCQ\db\env\lapps.py", line 38, in ?
      connectAndInstall (install, install.__doc__)
    File "S:\sapdb\LCQ\db\env\installib.py", line 398, in connectAndInstall
      session = connect (options)
    File "S:\sapdb\LCQ\db\env\installib.py", line 350, in connect
      alterUserNotExclusive(options)
    File "S:\sapdb\LCQ\db\env\installib.py", line 338, in alterUserNotExclusive
      session.release()
  AttributeError: 'NoneType' object has no attribute 'release'
  ERROR : liveCache LCQ not registered
  Thu 07/30/2009
  10:26 PM
  END ******************************
  Many Thanks,
  TIA,
  Nisch

  Nischal Mahakal wrote:>
  > Hello Experts,
  >
  > After a Test refresh for SCM system, we restored Livecache. The database has been changed and starts using database manager, during registration (Register LCApps) it gives the following error:
  > -24964,ERR_EXECUTE: error in program execution
  > 1,""S:\sapdb\LCQ\db\bin\x_python" "S:\sapdb\LCQ\db\env\lapps.py" -R "S:\sapdb\LCQ\db" -d LCQ -u DBADMIN,*"
  > -
  Traceback----
  Hi there,
  looks like you entered "DBADMIN" when you created the liveCache instance in DBMGUI as the DBM Operator.
  For SAP installations, this user is always named "CONTROL".
  So, drop the instance again, recreate it with "CONTROL" and re-do the recovery of the liveCache backup.
  regards,
  Lars