UCM 11g web services with HTTP authentication

Is it possible to setup UCM 11g web services with HTTP authentication?
I did setup UCM 11g web services using OWSM policies and are working well.
But my development team wants to consume web services with only HTTP authentication (simple user name and password), do not want to use Keystore files and encryption.
Please help me guys.
Thank you in advance

Hi ,
If you are looking to use the WSDL to execute ucm services then use SoapUI IDE on development , there it requires only the http authentication method .
Let me know if this is the actual requirement which you were looking for or if I have missed the point .
I use this to quickly test WSDL and verify if the service being invoked is actually correct or not .
Thanks,
Srinath
Edited by: Srinath Menon on Apr 26, 2013 11:32 AM

Similar Messages

Calling UCM 11g web services with SSO

Hello, I have read the documentation about Single Sign-On in UCM 11G but I haven't understood how I could use SSO on UCM 11g web services calls.
The document I have read is
[http://docs.oracle.com/cd/E15586_01/doc.1111/e10792/c03_security.htm]
and I only see info about SSO when using "Windows Native Authentication" (WNA).
I have to send soap calls from applications deployed in other application servers and use the SSO mechanism.
Does anyone knows how can I configure UCM and weblogic?
Thank you very much in advance!
Regards.

Hi ,
If you are looking to use the WSDL to execute ucm services then use SoapUI IDE on development , there it requires only the http authentication method .
Let me know if this is the actual requirement which you were looking for or if I have missed the point .
I use this to quickly test WSDL and verify if the service being invoked is actually correct or not .
Thanks,
Srinath
Edited by: Srinath Menon on Apr 26, 2013 11:32 AM

Invoking web service with HTTP authentication using OdiInvokeWebService

I did all configurations in OdiInvokeWebService Advanced Editor. When I press "Invoke web service" there are no errors. But when I try to execute this step there is an error:
java.lang.IllegalArgumentException: Bad password format. Make sure that it's an encrypted password.
Text of the command:
OdiInvokeWebService "-URL=http://sapk02:8080/sap/bc/srt/rfc/sap/ZODI_FILE_SER?sap-client=800&wsdl=1.1" "-PORT_TYPE=ZODI_FILE_SER" "-OPERATION=ZODI_FILE" "-HTTP_USER=user" "-HTTP_PASS=_321321_"
*<?xml version = '1.0' encoding = 'UTF8'?>*
*<ZODI_FILERequest>*
*<ZODI_FILE>*
*<FILE>/tmp/temp1.txt</FILE>*
*</ZODI_FILE>*
*</ZODI_FILERequest>*
When I fill HTTP password edit manually and try to execute there is another error:
*com.sunopsis.wsinvocation.SnpsWSInvocationException: AxisFault*
*faultCode: {http://xml.apache.org/axis/}HTTP*
*faultSubcode:*
*faultString: (401)Unauthorized*
Text of the command:
*OdiInvokeWebService "-URL=http://sapk02:8080/sap/bc/srt/rfc/sap/ZODI_FILE_SER?sap-client=800&wsdl=1.1" "-PORT_TYPE=ZODI_FILE_SER" "-OPERATION=ZODI_FILE" "-HTTP_USER=user" "-HTTP_PASS=*aIyHMmFSmTzVm1V08nTf"
*<?xml version = '1.0' encoding = 'UTF8'?>*
*<ZODI_FILERequest>*
*<ZODI_FILE>*
*<FILE>/tmp/temp1.txt</FILE>*
*</ZODI_FILE>*
*</ZODI_FILERequest>*
ODI Version 11.1.1.3.0

I've gotten past the original error by importing the security certificate of the Web service into my keystore/truststore. I'm also running the process on SOA 10.1.3.1.0. Now when I invoke the Web service from the BPEL process I get this error:
exception on JaxRpc invoke: HTTP transport error:
javax.xml.soap.SOAPException: java.security.PrivilegedActionException:
javax.xml.soap.SOAPException: Bad response: 403 Forbidden
I've tried passing the credentials every way I can -- partner link properties, Oracle Web Services Manager, whatever -- and still get the same error. I would expect to see a 401 error for problems with credentials, not a 403.
Any suggestions?
Thanks for your time.
Paul Camann

Calling web service with basic authentication from EP "unauthorized"

Hello,
I need to call a .NET web service with basic authentication on the IIS from my portal application (no http proxy between portal and IIS). But always I get the following exception:
com.sap.engine. services.webservices.jaxm.soap.accessor. NestedSOAPException:
Problem in server response: [Unauthorized].
I'm using the following code for calling the .NET web service:
...Licence_GetList lParameter = new Licence_GetList();
lParameter.setStatus(CEnvironment.TransformStatus_WebService(search));
ILicenceManager lLicMan = (ILicenceManager) PortalRuntime.getRuntimeResources().getService("LicenceManager");
ILicenceManager lLicManSecure = lLicMan.getSecurisedServiceConnection(request.getUser());
Licence_GetListResponse lGetListResponse = lLicManSecure.Licence_GetList(lParameter);...
I've also configured a http system in the portal system landscape using the following parameters:
Authentication Method : Basic Authentication
Authentication Type : Server
User Mapping Type : admin,user
The user mapping is also personalized for this system!
What's wrong? Please help! This is really urgent!
Kind Regards
Joerg Loechner

Hello Renjith,
here is a small cutout of my "portapp.xml";
<services>
<service alias="LicenceManager" name="LicenceManager">
 <service-config>
 <property name="className" value="de.camelotidpro.
 pct.xi.scm.webservice.LicenceManager"/>
 <property name="startup" value="false"/>
 <property name="WebEnable" value="false"/>
 <property name="WebProxy" value="true"/>
 <property name="SecurityZone" value="de.camelotidpro.
 pct.xi.scm.webservice.LicenceManager/
 DefaultSecurity"/>
 </service-config>
 <service-profile>
 <property name="SystemAlias" value="LicMan_NET"/
 </service-profile>
</service>
</services>
I'm using a http system created in the system landscape (alias LicMan_NET). But it seems that this system is not used by the web service call (No error, even if I delete this system!). The code used to call this web service can be found at the top of this threat...
Regards
Joerg Loechner

Problem consuming web service with basic authentication

Hello,
I've set up a web service with basic authentication. Although I have to log in before being able to open the overview page of the web service in the Web Service Navigator, the response I get after sending a request is:
Authority check failed
I get this response in the Web Service Navigator as well as when consuming the web service via standalone proxy classes.
The following is strange, too: It is not possible to change authentication in the generated logical port. It is set to "none". I changed it via the XML file where I added the properties "AuthenticationMethod" (value "BasicAuth") and "AuthenticationMechanism" (value "HTTP"). But I got the above response anyway.
Thanks for your help!
Regards

I used basic authentication for my web service.
I was able to obtain a hardcopy of the logfiles in the meantime. The invocation of the web service is stored there with the following error messages:
SOAP Runtime: Exception message: Schwerer Prozessierungsfehler macht eine SOAP-Fault-Behandlung erforderlich
SOAP Runtime: SOAP Fault exception occurred in program CL_SOAP_RUNTIME_SERVER========CP in include CL_SOAP_RU NTIME_SERVER... [the picture is cut here]
In addition to that I found a thread in SDN that dealt with exactly the same problem:
Web Service Homepage: Authority check failed
But I have the same problem like Kimberly Carmack (the last post on the second page). We do not have that role in our system.

SSL Certificate necessary for web Service with HTTPS encoding?

Hi experts,
I wanna create a Web Service with HTTPS. Now when I create an endpoint in Transaction SOAMANAGER, I use "Transport Guarantee Type" HTTPS. I'm a little bit confused, becuase at "Authentication Method I have different options which I don't understand.
At Authentication Method, there are some check boxes.
Whats the difference between HTTP Authentication and Message Authentication?
(Why) can I use User ID/Password as Authentication Method with HTTPS? I think I need X.509 SSL Client Certificate.
What is a Logon Ticket?
Is there a good Documentation in the web, who explains the meaning of the different options and when to use which option?
Thanks and regards,
Sebastian

Hi,
>>>WSDL in Integration Directoryb but that WSDL containt a like staring with the HTTP instead of HTTPS! My question is how to generate a wsdl file with an HTTPS url tot he web service,
you don't use the URL from ID - you need to create one yourself and put it there in the generator
Regards,
Michal Krawczyk

Securing SOA 11g Web Services with OWSM AD authentication

I have SOA 11g with Weblogic 10.3.5 installed and running a Web Service and a Client I want to protect with Active Directory auth and perhaps some other access rules. As I read, I can use OWSM policies to do that. Most guides I found concern OWSM 10g.
How can I make WL use AD authentication? Do I have to use Access Manager?

I finally figured it out. The nullpointer exception is related to the SAML assertion. The SAML assertion in my requests is signed with embedded signature and this seems to be not supported with the used OWSM policy. Without the signature is the exception gone.
Marian

Problem invoking UCM 11g Web services from ODI 11g

We have a running UCM 11g instance with its web services (GenericRequest) properly configurated.
The wsdl is published in the url http://ucmt:16200/idcws/GenericSoapPort?WSDL and reacheble from any web browser.
The service can be easily invoked from external applications such as soapUI 4.5.1 returning the correct SOAP response. Here is a sample request returning correct results:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ucm="http://www.oracle.com/UCM">
<soapenv:Header/>
<soapenv:Body>
<ucm:GenericRequest webKey="cs">
<ucm:Service IdcService="DOC_INFO">
<ucm:User></ucm:User>
<ucm:Document><ucm:Field name="dID">27099</ucm:Field></ucm:Document>
</ucm:Service>
</ucm:GenericRequest>
</soapenv:Body>
</soapenv:Envelope>
The problem occurs when we invoke it from the ODI assistant, when we type the WSDL URL and click in "Connect to WSDL" button,
we get the following error in the middle pane : Invalid Request : java.lang.NullPointerException+
The port combo and the operation pane are correctly populated
UCM version is: 11gR1-11.1.1.6.0-idcprod1-121115T130554 (Versión Interna:7.3.3.183)
ODI version is: 11.1.1.6.0
Java(TM) Platform 1.6.0_30

I would suggest contacting support channel to analyze such NPE if there is a product bug causing it.

Invoking Web Service with PKI Authentication from BPEL process

Hello --
I am trying to test calling a Web service utilizing PKI-based authentication from BPEL running under the 10.1.2.0.2 Process Manager. When I access the service from a browser I am prompted for Username and Password the first time. When I attempt to access it from BPEL I receive this error:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found
Is it possible to access this service from BPEL in 10.1.2.0.2? How can I pass the service the required credentials?
Thank you for your time,
Paul Camann

I've gotten past the original error by importing the security certificate of the Web service into my keystore/truststore. I'm also running the process on SOA 10.1.3.1.0. Now when I invoke the Web service from the BPEL process I get this error:
exception on JaxRpc invoke: HTTP transport error:
javax.xml.soap.SOAPException: java.security.PrivilegedActionException:
javax.xml.soap.SOAPException: Bad response: 403 Forbidden
I've tried passing the credentials every way I can -- partner link properties, Oracle Web Services Manager, whatever -- and still get the same error. I would expect to see a 401 error for problems with credentials, not a 403.
Any suggestions?
Thanks for your time.
Paul Camann

Consuming a Web Service with PasswordDigest Authentication in ABAP

Hello,
I need to consume a web service in ABAP from a non-SAP application. The web service uses wsse:UsernameToken with PasswordDigest in the SOAP Header for authentication. However, I havent seen any documentation for using Password Digest in ABAP.
Is it possible to use Password Digest in ABAP?
Thanks
Ajay

Hi Marc,
Here is the ABAP Code to build the SOAP header.
FUNCTION Z_GET_SOAP_REQUEST_HEADER.
*"*"Local Interface:
*" EXPORTING
*" VALUE(ER_SECURITY_ELEMENT) TYPE REF TO IF_IXML_ELEMENT
*date and time data
data: lv_sys_date like sy-datum,
 lv_sys_time like sy-uzeit,
 lv_year(4) type c,
 lv_month(2) type c,
 lv_date(2) type c,
 lv_hour(2) type c,
 lv_min(2) type c,
 lv_sec(2) type c.
data : lv_created type string,
 lv_snonce type string,
 lv_b64nonce type string,
 lv_webservice_password type string,
 lv_webservice_userid type string,
 lv_spassword type string,
 lv_xpassword type xstring,
 lv_hpassword type hash160x,
 lv_b64password(255) type c,
 lv_xpasslen type i,
 lv_hpasslen type i.
*xml declartions
data : lv_sheader type string,
 lv_xheader type xstring,
 xml_document TYPE REF TO if_ixml_document,
 xml_root TYPE REF TO if_ixml_element,
 xml_element TYPE REF TO if_ixml_element,
 xml_node TYPE REF TO if_ixml_node.
*get the c-link password.
CALL METHOD ZCL_CDB_SYNC_CFG_READER=>GET_USERID_PASSWORD
IMPORTING
 EV_USER_ID = lv_webservice_userid
 EV_PASSWORD = lv_webservice_password
*Evaluate created date time
lv_sys_date = sy-datum.
lv_sys_time = sy-uzeit.
lv_year = lv_sys_date(4).
lv_month = lv_sys_date+4(2).
lv_date = lv_sys_date+6(2).
lv_hour = lv_sys_time(2).
lv_min = lv_sys_time+2(2).
lv_sec = lv_sys_time+4(2).
CONCATENATE lv_year '-' lv_month '-' lv_date 'T' lv_hour ':' lv_min ':' lv_sec '.000Z' into lv_created.
*Create and encode the nonce
CALL FUNCTION 'GENERAL_GET_RANDOM_STRING'
 EXPORTING
 NUMBER_CHARS = 24
 IMPORTING
 RANDOM_STRING = lv_snonce.
CALL METHOD cl_http_utility=>ENCODE_BASE64
 EXPORTING
 UNENCODED = lv_snonce
 RECEIVING
 ENCODED = lv_b64nonce.
*create the password to be sent to web service
CONCATENATE lv_snonce lv_created lv_webservice_password into lv_spassword.
*encode password to xstring
CALL FUNCTION 'SCMS_STRING_TO_XSTRING'
 EXPORTING
 TEXT = lv_spassword
 IMPORTING
 BUFFER = lv_xpassword.
lv_xpasslen = xstrlen( lv_xpassword ).
CALL FUNCTION 'CALCULATE_HASH_FOR_RAW'
 EXPORTING
 ALG = 'SHA1'
 DATA = lv_xpassword
 LENGTH = lv_xpasslen
 IMPORTING
 HASHX = lv_hpassword
 HASHXLEN = lv_hpasslen.
CALL FUNCTION 'SCMS_BASE64_ENCODE'
 EXPORTING
 INPUT = lv_hpassword
 INPUT_LENGTH = lv_hpasslen
 IMPORTING
 OUTPUT = lv_b64password
 EXCEPTIONS
 OUTPUT_TOO_SMALL = 1
 OTHERS = 2.
IF SY-SUBRC <> 0.
* MESSAGE ID SY-MSGID TYPE SY-MSGTY NUMBER SY-MSGNO
* WITH SY-MSGV1 SY-MSGV2 SY-MSGV3 SY-MSGV4.
ENDIF.
* build the header
CONCATENATE
'<soap-env:Header xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/">'
'<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">'
'<wsse:UsernameToken wsu:Id="########" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">'
'<wsse:Username>'
lv_webservice_userid
'</wsse:Username>'
'<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">'
lv_b64password
'</wsse:Password>'
'<wsse:Nonce>'
lv_b64nonce
'</wsse:Nonce>'
'<wsu:Created>'
lv_created
'</wsu:Created>'
'</wsse:UsernameToken>'
'</wsse:Security>'
'</soap-env:Header>'
INTO lv_sheader.
*Build the xml header element
lv_xheader = cl_proxy_service=>cstring2xstring( lv_sheader ).
TRY.
 CALL FUNCTION 'SDIXML_XML_TO_DOM'
 EXPORTING
 xml = lv_xheader
 IMPORTING
 document = xml_document
 EXCEPTIONS
 invalid_input = 1
 OTHERS = 2.
 IF sy-subrc = 0 AND NOT xml_document IS INITIAL.
 xml_root = xml_document->get_root_element( ).
 er_security_element ?= xml_root->get_first_child( ).
 gr_soap_security_header = er_security_element.
 ENDIF.
 CATCH cx_ai_system_fault .
ENDTRY.
ENDFUNCTION.

Web Services with HTTP Basic Auth

Hi,
I am having a problem connecting to web services which
require HTTP Basic Authentication from a Flex application. I have
useProxy set to true and call setRemoteCredentials prior to
attempting the call, but the credentials do not appear to be set on
the request (the request fails with fault.faultString = "HTTP
request error", faultCode = "Server.Error.Request". The messages on
the server indicate that the user name and password were not
specified.
I do have the proxy-config.xml file set up properly (I think
-- I followed the example in the mx.rpc.soap.mxml.WebService class
description, at least).
I can verify that the WSDL (which doesn't require BASIC auth
to access) is being loaded properly, but when I make the request,
it fails. Is this a known problem?
I am using Flex Builder 2.0.1 to build my SWF files.
Thanks,
Brendan

Thanks for the pointer, I did try it, but it didn't help.
As I said in the original post, the problem is with HTTP
Basic Authentication, so adding a header for WSSE to the service
request didn't help. It needs to be an HTTP Authorization header,
not a SOAP Security header.
Brnedan

Need JDeveloper Web Service with HTTP POST method

Hello all,
I am creating a Web Service from a java class using JDeveloper. The wsdl created uses a SOAP binding. When I test the web service, either through JDeveloper or by deploying to OAS, the HTTP request created uses the HTTP GET protocol. I am assuming that this would be the same for anybody doing this.
I need to know how to change it to be an HTTP POST protocol instead.
The reason that I need to try and use the POST method is that the xml needed by the service holds a lot of data and the http server is giving me a "URI too long" error. I have read and been told that using POST instead of GET would help this, but I can't figure out what to change to make this happen. I am not sure if I have to make a change in the generated wsdl or somewhere else. Or if it just won't work that way.
Any help you can provide would be appreciated.
Thanks,
rob

Hi Ayush,
Please refer -
http://biemond.blogspot.com/2010/08/http-basic-authentication-with-soa.html
Regards,
Anuj

Get a URL for web service with HTTPS

Hi,
After deploying all required configuration for secure WS, I'm trying to generate a wsdl to give to the third party. I m using the Despay WSDL in Integration Directoryb but that WSDL containt a like staring with the HTTP instead of HTTPS! My question is how to generate a wsdl file with an HTTPS url tot he web service,
Thanks in advance,
Fred.

Hi,
>>>WSDL in Integration Directoryb but that WSDL containt a like staring with the HTTP instead of HTTPS! My question is how to generate a wsdl file with an HTTPS url tot he web service,
you don't use the URL from ID - you need to create one yourself and put it there in the generator
Regards,
Michal Krawczyk

Web Services with https Security without PI

Hi experts,
We wanna create Web Services in SAP CRM 7.0 without using the PI. The Requirement is, that we have to use https. I haven't found much (and no clear) Information about this isue.
Does anybody know if it is possible to use https and can you provide information how to do so?
Thanks and regards,
Sebastian

yes its possible.
http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/d0d0a250-ccd1-2c10-9e9f-b9d5cf259a6d?QuickLink=index&overridelayout=true
http://help.sap.com/saphelp_nw70ehp1/Helpdata/EN/e9/ae1b9a5d2cef4ea4b579f19d902871/content.htm
Way you create webservice from function module is same in ECC and CRM so if you google, you would find all required information.
Regards,
BJ

Calling Web Service with Http Basic authentication in SOA 11g

I am calling a webservice which has http basic authentication attached to it. Thus i am adding 'oracle/wss_http_token_client_policy' OWSM policy to the WS refrence in my composite in Jdeveloper,but it doesn't showme the option of providing the http Username and http Password. The only key it is showing me is cf.key.
Am i missing some steps?
Please let me know.
Note - I am working on SOA 11.1.1.4.
Regards
Ayush

Hi Ayush,
Please refer -
http://biemond.blogspot.com/2010/08/http-basic-authentication-with-soa.html
Regards,
Anuj

UCM 11g web services with HTTP authentication

Similar Messages

Maybe you are looking for