User Authentication for Web Services

Similar Messages

• SUP user authentication for web services

  Hi there.
  Has anyone in the comunity had any experience with building Web Service based Mobile Business Object (MBO) in SUP 1.5.2. We have built a mobile application for a blackberry device which consumes two ERP web services. The application deploys successfully and runs on the blackberry device just fine. However, untill now the user credentials needed to authenticate a consumer to a web service has been hard-coded into the mobile business object. This, from an accountability point of view, is not an acceptible model (i.e. all mobile users would be logging in to the ERP backend with 1 common user ID).
  Has anyone had any experience and could suggest an an alternative solution to this that would support accountability i.e. map SUP users to ERP users, trusted connections etc. and is this possible with SUP 1.5.2?
  S

  Actually, SUP 1.5.2 just provides the HTTP basic authentication for WS-MBO. It is enable that to create 'username' and 'password' on the WS-MBO as two input parameters. Thus, you can design your device app in SUP to prompt the dialog to accpet the username and password before you access your WS-MBO. Similar, if your web-service has input argument for username and password, you also can design a dialog like above.

• Server-side authentication for web services

  I was hoping to use Azure's server-side authentication for a HTML/JS web app. Some things are a bit unclear. For example, if a new user authenticates via Facebook, I want to create an associated record on the server-side and associate extra data with the
  user, irrespective of the service used to log in. If they log in again, I want the client to be able to get this extra data (eg preferences) from the server. On the back-end, I also want to be able to update particular fields of this record that the user cannot
  change themselves. I know how to go about this in a plain Node.js backend, but not sure how some of these basic things map to using Azure's services.

  Once the user logs in, you will have their information available to your server scripts. So one option is to use a custom API (or a Mobile Services Table) to insert/read/update the user data. You would protect this endpoint so that only logged-in users can
  access it, and then access the
  user object to obtain an ID an associate it in a table row. Lookups could be performed by similarly querying for the ID.
  In terms of some fields being restricted, you could remove these from the update request itself.
  Some pointers that might be helpful:
  http://azure.microsoft.com/en-us/documentation/articles/mobile-services-html-get-started-data/
  http://azure.microsoft.com/en-us/documentation/articles/mobile-services-html-call-custom-api/
  http://azure.microsoft.com/en-us/documentation/articles/mobile-services-html-authorize-users-in-scripts/

• Implementing authentication for web services

  Hi all,
  I'm struggling trying to guess how to implement basic HTTP authentication as well as using certificates in order to apply HTTPS, for some web services we've created, running on the Oracle Application Server 10.1.12. The web services were implemented using JDeveloper 9.0.4. Any help would be very appreciated.
  Thanks in advanced and regards,
  Luis

  Hi,
  But, I need to develop the web services logon method using WSDL which generated the LogonBindingImpl.java, instead of web services using EJB bean.
  Besides, the Web Service logon method (LogonBindingImpl.java) need to accept the input user name and password to check with the user name and password that stored in database table through the EJB bean. If checking successful, client program is allowed to invoke other WebServices method, else login failed exception need to be thrown when client calling other web services methods.
  Appreciate the advice here on how to achieve that. Thanks.

• Configure User Authentication in Web Service

  Hi,
  I have a receiver soap channel that consume a web service with user authentication. I am setting the user/password in Connection Parameters section, but I'm getting the error from the web service:
  Incoming message does not contain required Security header
  Any ideas about what's wrong in my channel?
  Regards,
  Ismael

  Hi,
  It doesn't work in my case (It's said in the first post).
  I have tested it using PI 7.1 using:
  - "Message Protocol=SOAP 1.1." and filling user/password in "Configure User Authentification" and I get the error:
  soap fault: WSDoAllReceiver: Incoming message does not contain required Security header
  - "Message Protocol=Axis ." I get the error:
  com.sap.engine.interfaces.messaging.api.exception.MessagingException:
  javax.ejb.EJBException: Exception in getMethodReady() for stateless bean sap.com/com.sap.aii.axis.app*xml|com.sap.aii.adapter.axis.ejb.jar*xml|AFAdapterBean;
  nested exception is: com.sap.engine.services.ejb3.util.pool.PoolException: javax.ejb.EJBException:
  Exception raised from invocation of public void com.sap.aii.adapter.axis.modules.AFAdapterBean.ejbCreate() throws javax.ejb.CreateException method on bean instance com.sap.aii.adapter.axis.modules.AFAdapterBean@5902bd4b for bean sap.com/com.sap.aii.axis.app*xml|com.sap.aii.adapter.axis.ejb.jar*xml|AFAdapterBean; nested exception is: javax.ejb.CreateException: java.lang.NoClassDefFoundError: org/apache/axis/AxisFault
  Regards,

• Basic Authentication for Web Services

  I have build Web Service according to the weblogic 6.1 examples
  successfully deploying the .ear file etc.
  Now I want to add security to the WebService uri.
  I have added a <web-resource-collection> tag to the web.xml file, but
  what should I put for the <url-pattern> ?
  Am I obliged to 'manually' add <servlet> tags to the web.xml file in
  order to add a security constraint to a WebService deployed thru a
  .ear ?
  Taking WebLogic's own statelessSession.Weather example, what is the
  minimum I need to add to the web.xml file to have basic authentication
  on the weatheruri ?
  Thanks,
  Adam

  Ok, now I'm confused.  Is this a Flex app (runs in the browser) or an AIR app?  This makes a difference because in the browser, Flash Player/Flex uses the browser's http mechanism for transport, while AIR implements it directly.  The original posted indicated some difference between Firefox and IE, which led me to believe it was a Flex browser app.  Difference between these two would make me think something was wrong with the server response, and the two browsers were passing it (the problem) back to Flash Player differently.
  Mark

• Setting Basic Authentication for Web Service in WLS 6.1

  Hi,
  I am trying to set-up a Basic Username/Password authentication for a Web Service
  that is hosted in WLS 6.1.
  How do I go about doing that? Also once I get the username and password, how do
  I pass that info
  to the SOAP servlet to do the authentication? Can you give me some pointers on
  this?
  Thanks
  Madhu

  How do you want to do it? Through use of client.jar for the service or
  directly? Here is how I do it directly:
  String auth = "guest", pwd = "guest";
  URL url = new URL("http://localhost:7001");
  URL cmdURL = new URL(url.toString()+"/systemtest/TestWebService");
  HttpURLConnection conn = (HttpURLConnection) cmdURL.openConnection();
  String encAuth =
  new BASE64Encoder().encode((auth + ":" + pwd).getBytes());
  // BASE64Encode distributes long strings on multiple
  // lines; we don't like that, no siree
  int it = 0;
  while ((it = encAuth.indexOf('\n')) != -1
  || (it = encAuth.indexOf('\r')) != -1) {
  encAuth = encAuth.substring(0, it) +
  encAuth.substring(it + 1);
  conn.setRequestProperty("Authorization", "Basic " + encAuth);
  conn.setRequestProperty("Content-Type", "text/xml");
  conn.setRequestProperty("SOAPAction", cmdURL.toString());
  conn.setDoOutput(true);
  conn.setDoInput(true);
  conn.setUseCaches(false);
  OutputStream oStr = conn.getOutputStream();
  String cmd =
  "<?xml version=\"1.0\" ?>\n"
  + "<soap:Envelope xmlns:soap=\"http://schemas.xmls"
       + "oap.org/soap/envelope/\"><soap:Body>"
  + "<ping><arg0>false</arg0></ping>"
  + "</soap:Body></soap:Envelope>";
  oStr.write(cmd.getBytes());
  oStr.close();
  InputStream iStr = conn.getInputStream();
  byte[] buffer = new byte[1024];
  while (true) {
  int size = iStr.read(buffer);
  if (size == -1)
  break;
  System.out.println(new String(buffer, 0, size));
  ThorAAge

• Mutual authentication for Web services in BPEL

  Hi Guys,
  We have to call a few web services in bpel and our partners would want us to mutually authenticate the data that is exchanged.
  So that mean they provide us with a certificate file and we provide them with a certificate file.
  We have been using client certificates in our cacerts file and encrypting the request we send using that but we are not too sure how to set up a key in bpel so that we can decrypt the responses of the webservices.
  Does anybody have any idea how to do it. It would be a great help.
  Cheers
  Sandeep

  I would suggets to read the online tutorial:
  http://www.oracle.com/technology/products/ias/bpel/index.html
  and try one of the tutorials:
  2-Minute Product Tour
  BPEL: Learn by Example (PDF)
  Quick Start Tutorial - JDeveloper 10g (PDF)
  Quick Start Tutorial - Eclipse (PDF)

• Authenticating the web service

  Hi
      i am using a web service but not able there i have hard coded the username and password to access the web service i don't want that i want user should enter the user name and password used in UME authentication or it should call separate HTTP Authentication but i am not able to do that so please guide me in this regards
  Thanks in advance

  Hi,
  Run through the following links to know about authentication for web service:
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/aed49d0d-0301-0010-6d84-e3e104dc1644
  http://help.sap.com/saphelp_nw04/helpdata/en/7c/a6d13f83a14d21e10000000a1550b0/frameset.htm
  Hope this helps,
  Regards,
  Srinivasan T

• User Authentication for subfolder not working in Web Browser

  We are using Oracle Application Server 10.1.2.3 and Database Server 10.2.0.5 for our application.
  One of the functionalities of the Application is to send emails with attachments.
  The logic is that the Application would generate the attachment file on the Application Server.
  Then a database package uses Oracle's utl_http package/procedures(more specifically utl_http.request_pieces where the single argument is a URL) to pick up the file from the Application Server via URL, attach the file and send the email.
  Exchange and Relay Server is also set in the Application.
  The problem is that the folder containing the folder which stores the attachments is having user authentication set.
  Example : The main folder is /apps/interface, this folder requires a valid user when it is accessed via URL on a web browser.
  Alias created in httpd.conf
  Alias /int-dir/ "/apps/interface/"
  The folder /apps/interface/email/ is the folder where the attachment files are generated and stored.
  Application Server : 10.12.213.21
  Database Server : 10.12.213.22
  Email Server : 10.12.213.44
  Configuration as per httpd.conf
  Alias /int-dir/ "/apps/interface/"
  <Location /int-dir/>
  AuthName "Interface folder"
  AuthType Basic
  AuthUserFile "/u01/app/oracle/as10g/oasmid/Apache/Apache/conf/.htpasswd"
  require user scott
  </Location>
  <Location /int-dir/email>
  Options Indexes Multiviews IncludesNoExec
       Order deny,allow
       Deny from all
       Allow from 10.12.213.21
       Allow from 10.12.213.22
       Allow from 10.12.213.44
  </Location>
  Using the above configuration the Application is able to attach the files and send the email, however, when we access the following URL :
  http://10.12.213.21:7778/int-dir/ - it prompts for user authentication
  However if we use the following URL :
  http://10.12.213.21:7778/int-dir/email/ - it does not prompt for user authentication, and all the files in the folder are displayed in the browser.
  I have tried so many things including AllowOverride, .htaccess, but i am not able to get user authentication for the email folder.
  Please help me if you can.
  Thanking you in advance,
  GLad to give any more information that i can.
  dxbrocky

  Thanks for your response.  I fixed the problem by selecting "full site" or "full website" at bottom of the web page.  After making this selection the zoom function returned.  Thanks again for your interest.

• User Authentication in Web Dynpro Java

  Hi guys,
  I was just wondering how user authentication can be achieved in WDJ? In Web Dynpro ABAP this comes for free when you launch an application. However, in WDJ we can deploy and call the URL without any authentication at all. Is there a way to configure this or do we really have to code this? Thanks! Generous points will be awarded!

  Hi Alex,
  check this links,
  Re: User Authentication in Web Dynpro Application
  Authentication of Web Dynpro
  Using Web Dynpro authentication for a Web Service call
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/dd48d990-0201-0010-92a3-c3ed7e9fd244
  http://help.sap.com/saphelp_nw04s/helpdata/en/04/ee8b8b0d23b746854897adc5611c1d/frameset.htm
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/8304e990-0201-0010-ed8b-d978f1e67b1e
  Regards,
  vino

• (261936172) Q general Are there seperate logs for web services?

  Q<general> Are there seperate logs for web services?
  A<general> It does not appear that there are any separate logs for web services.
  There is knex.log file that records the errors that occur during deployment of
  your .jws files. There is also the standard server log that provides information
  about server status - you can write to this programmatically if you wish. There
  is also the access.log file which record all the HTTP requests so this might cover
  some of your web service requests that are transmitted over HTTP.

  Maybe the user has deniad Access to the Runbook, check in Runbook Designer.
  Seidl Michael | http://www.techguy.at |
  twitter.com/techguyat | facebook.com/techguyat

• Invalid Content Type Error for Web Service

  Hi Experts,
  We have a XI / PI Web Service, and have created an Adaptive Web Service Model for the same. For using this web service model, we have created a HTTP destination of type WSDL.
  This configuration works great in our development and consolidation server.
  While working with our production server, with all the settings same as consolidation server, the following error is generated for Web Service call. using the AWS model
  java.io.IOException: Invalid content type while requesting http://<host>:<port>/webdynpro/resources/<application_package>/guicall.wsdl. Expected Content-type: text/xml, received Content-type: content/unknown, used user to connect: null
  The HTTP destination address is the one specified in bold above.
  Also, in later part of the stack trace we are bale to see this error:
  com.sap.tc.webdynpro.model.webservice.exception.WSModelRuntimeException: Exception on creation of service metadata for WS metadata destination
  Please guide us on this issue.
  Best Regards,
  Alka.

  Hi Alka,
  How did you configure the Webservice Destinations in Visual Admin for a webservice explosed by XI system.
  I mean what was the URL specified, did you specify XI SYSTEM userid password ???
  How was the webservice published to inspection.wsil in XI system ??
  Thanks,
  Regards,
  Aditya Metukul

• How to assign Tasks to other users using Exchange Web Service.

  How to assign Tasks to other users using Exchange Web Service.
  Any workaround also would help

  Hi Glen,
  I am trying to use ExtendedPropertyType and put in UpdaterItemType as in this code as below. Although it is not updating the Owner
  field.
  I have tried it both by Propertyname and PropertyID. Although new custom property's canbe
  added but to change an existing one like 'Owner' ? Would this be the right method.
  2. And Is ProprertyID a fixed value as 0x811f or does it need to be calculated.
  3. Is 'Owner' the right propertname for assigning a task ?
  Thanks a lot.
  Please see code below for reference.
   PathToExtendedFieldType pathExtended = new PathToExtendedFieldType();
              //pathExtended.DistinguishedPropertySetId = DistinguishedPropertySetType.PublicStrings;
              pathExtended.DistinguishedPropertySetId = DistinguishedPropertySetType.Task;
              pathExtended.DistinguishedPropertySetIdSpecified = true;
              pathExtended.PropertyId = 0x811f;
              pathExtended.PropertyIdSpecified = true;
              //pathExtended.PropertyName = "Owner";
              pathExtended.PropertyType = MapiPropertyTypeType.String;
              ciSetAT.ExtendedProperty = new ExtendedPropertyType[1];
              ciSetAT.ExtendedProperty[0] = new ExtendedPropertyType();
              ciSetAT.ExtendedProperty[0].ExtendedFieldURI = pathExtended;
              ciSetAT.ExtendedProperty[0].Item = "[email protected]";
              SetItemFieldType set1 = new SetItemFieldType();
              set1.Item = pathExtended;
              set1.Item1 = ciSetAT;
              UpdateItemType request = new UpdateItemType();
              request.ItemChanges = new ItemChangeType[1] { new ItemChangeType() };
              request.ItemChanges[0].Item = itemId;
              request.ItemChanges[0].Updates = new ItemChangeDescriptionType[2];
              request.ItemChanges[0].Updates[0] = setstart;
              request.ItemChanges[0].Updates[1] = set1;

• Portal Authentication from web service

  I would like to run a web service on a remote machine that checks if the user of the web service exists as a portal user.
  My initial thought was to just log the user in whenever they attempt to use the web service and then log them out at the end. I have researched the AuthContext class and attempted a test implementation however it errors looking for certain AM Property files.
  Perhaps I should just access the directory server directly? Basically, I just want to restrict usage of the web service to the existing portal users.
  If anyone could offer any suggestions it would be appreciated. (Code examples or snippets would be appreciated)
  Thanks in advance...
  Jason

  Hi,
  1) If your webservice is on the same network:
  - Just bind to LDAP (this is the fastes way)
  2) OR You can also use identity SDK to connect
  to your instance and receive AMUser object.
  3) If you are not on the same network( SRAP access):
  You can create a "stand alone" jsp or servlet which
  doing (1) or (2) and your webservice talks over https to this servlet.
  4) Logging user to portal is too much overhead and
  at the end you don't know if user is a portal user or
  just has login privilege to identityserver...
  Cheers,
  Alex :-)