User authentication for webservices

Similar Messages

• User Authentication for subfolder not working in Web Browser

  We are using Oracle Application Server 10.1.2.3 and Database Server 10.2.0.5 for our application.
  One of the functionalities of the Application is to send emails with attachments.
  The logic is that the Application would generate the attachment file on the Application Server.
  Then a database package uses Oracle's utl_http package/procedures(more specifically utl_http.request_pieces where the single argument is a URL) to pick up the file from the Application Server via URL, attach the file and send the email.
  Exchange and Relay Server is also set in the Application.
  The problem is that the folder containing the folder which stores the attachments is having user authentication set.
  Example : The main folder is /apps/interface, this folder requires a valid user when it is accessed via URL on a web browser.
  Alias created in httpd.conf
  Alias /int-dir/ "/apps/interface/"
  The folder /apps/interface/email/ is the folder where the attachment files are generated and stored.
  Application Server : 10.12.213.21
  Database Server : 10.12.213.22
  Email Server : 10.12.213.44
  Configuration as per httpd.conf
  Alias /int-dir/ "/apps/interface/"
  <Location /int-dir/>
  AuthName "Interface folder"
  AuthType Basic
  AuthUserFile "/u01/app/oracle/as10g/oasmid/Apache/Apache/conf/.htpasswd"
  require user scott
  </Location>
  <Location /int-dir/email>
  Options Indexes Multiviews IncludesNoExec
       Order deny,allow
       Deny from all
       Allow from 10.12.213.21
       Allow from 10.12.213.22
       Allow from 10.12.213.44
  </Location>
  Using the above configuration the Application is able to attach the files and send the email, however, when we access the following URL :
  http://10.12.213.21:7778/int-dir/ - it prompts for user authentication
  However if we use the following URL :
  http://10.12.213.21:7778/int-dir/email/ - it does not prompt for user authentication, and all the files in the folder are displayed in the browser.
  I have tried so many things including AllowOverride, .htaccess, but i am not able to get user authentication for the email folder.
  Please help me if you can.
  Thanking you in advance,
  GLad to give any more information that i can.
  dxbrocky

  Thanks for your response.  I fixed the problem by selecting "full site" or "full website" at bottom of the web page.  After making this selection the zoom function returned.  Thanks again for your interest.

• OSB: HTTP digest authentication for WebServices

  Hi,
  How do I configure HTTP digest authentication for WebServices offered by the OSB (Proxy Services with WS as transport)?
  Best regards
  Dimo

  Did you figure out how to do it.?

• User Authentication for Web Services

  Hi,
  I am developing a web services that resides in Intranet. Thus, would like to implement application layer of user authetication, i.e. to match the input user name and password against Database record through a web service logon() method. If authentication is passed, the client program is allowed to call subsequence web service methods, else exception needs to be thrown when calling subsequence methods.
  As understand that each method call to web services is treated seperately. Thus, how can we implement the authentication so that the client program only passes in the user name and password at once through logon() method, instead of perfoming the authentication for each method?
  Appreciate the advice. Thanks.

  Hi,
  But, I need to develop the web services logon method using WSDL which generated the LogonBindingImpl.java, instead of web services using EJB bean.
  Besides, the Web Service logon method (LogonBindingImpl.java) need to accept the input user name and password to check with the user name and password that stored in database table through the EJB bean. If checking successful, client program is allowed to invoke other WebServices method, else login failed exception need to be thrown when client calling other web services methods.
  Appreciate the advice here on how to achieve that. Thanks.

• Authentication for Webservice

  Hi All,
  I have exposed my outbound interface as a webservice sucessfully
  But the problem is I need to provide a User Id  to contact XI SOAP adapter. I dont require any authentication for this webservice client. How can I disable the authentication check for this particular webservice.
  I have seen some forum posts, which suggested me to make some modification in web.xml which will disable auth for all webservices. Is it possible for me to disable the authentication check only for this particular webservice?
  Regards,
  Jai Shankar

  Jai,
  ><i>How can I disable the authentication check for this particular webservice.</i>
  Check this thread. But this will turn of Authentication for all SOAP Sender Adapters.
  User Names and Passwords in SOAP adapter
  ><i>I have seen some forum posts, which suggested me to make some modification in web.xml which will disable auth for all webservices. Is it possible for me to disable the authentication check only for this particular webservice?</i>
  Its either for all SOAP adapters or for none . there is no middle ground.
  Better way is to use Access Control List.
  Regards
  Bhavesh

• "Sharepoint 2013" is giving error that prevents local domain users authentication for "Team Foundation Server"

  I am getting 2 errors through the event viewer that prevents TFS 2013 authentication for local domain users, also this error started appearing after having TFS upgraded to [ 12.0.30723.0 (Tfs2013.Update3) ].
  1st Error (from administrative events):
  The Execute method of job definition Microsoft.SharePoint.Administration.SPUsageImportJobDefinition (ID a51a0244-765d-433b-8502-0bb0540ad1fd) threw an exception. More information is included below.
  Access to the path 'C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\LOGS' is denied.
  Tried so far:-
  - changed the path to another folder from "Diagnostic Logging" in another drive, but still getting the same error.
  2nd Error (from application server):
  DistributedCOM error
  The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
  {000C101C-0000-0000-C000-000000000046}
   and APPID 
  {000C101C-0000-0000-C000-000000000046}
   to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
  Which I already got fixed using the following steps on a thread I opened before (but still getting the same error).
  https://social.technet.microsoft.com/Forums/windows/en-US/3896e35c-b99a-4d30-b662-f92d337c8d6f/windows-servers-components-services-and-regedit-permissions-are-grayed-out-for-my-admin-account?forum=winservergen
  Other Fixes I tried
  - Found on another topic that it is not sharepoint that is causing the problem, but it is the generated ASP.NET web pages used for testing is causing the memory to fill up due to cashing on RAM, the fix suggested to change IIS cashing from RAM to HD to prevent
  loading up using w3wp.exe from processes. 
  Concern
  - by checking other topics for people having the same problem, it was mentioned that this error appeared after the lastest TFS update, is there is a fix for it ?

  Hi Kpdn, 
  Thanks for your post.
  All your participation and support are very important to build such harmonious/ pleasant / learning environment for MSDN community.
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• User Authentication for Internet access

  Hi,
  Is it possible to configure authentication for internal (LAN) users to Authenticate (local/RADIUS/LDAP) for any kind of internet access through the ISA550/570? (like cut-through authentication proxy in ASA.)
  And Can the ISA550/570 act as a Web proxy?
  Thanks in advance.

  HI Sulu,
  You can configure captive portal for internal LAN users to authenticate (local/Radius/LDAP) for internet
  access through ISA500. (see attached screenshot)
  ISA500 cannot act as a web proxy. what is your use case ?
  Regards,
  Wei

• SUP user authentication for web services

  Hi there.
  Has anyone in the comunity had any experience with building Web Service based Mobile Business Object (MBO) in SUP 1.5.2. We have built a mobile application for a blackberry device which consumes two ERP web services. The application deploys successfully and runs on the blackberry device just fine. However, untill now the user credentials needed to authenticate a consumer to a web service has been hard-coded into the mobile business object. This, from an accountability point of view, is not an acceptible model (i.e. all mobile users would be logging in to the ERP backend with 1 common user ID).
  Has anyone had any experience and could suggest an an alternative solution to this that would support accountability i.e. map SUP users to ERP users, trusted connections etc. and is this possible with SUP 1.5.2?
  S

  Actually, SUP 1.5.2 just provides the HTTP basic authentication for WS-MBO. It is enable that to create 'username' and 'password' on the WS-MBO as two input parameters. Thus, you can design your device app in SUP to prompt the dialog to accpet the username and password before you access your WS-MBO. Similar, if your web-service has input argument for username and password, you also can design a dialog like above.

• Regarding Kerberos authentication for webservices.

  Hi,
        I need to use kerberos authentication for my receiver webservice.  I am working in PI7.1 . Which adapter I can use for this ( WS-RM adapter or SOAP adapter) and How to configure it for kerberos. I mean, which value of authentication parameter refers to kerberos authentication.
  Regards,
  Reyaz hussain

  Hi Reyaz,
  To tell you frankly i never come across this kerberos protocol but since you would like to use there is certainly a chance after the launch of PI 7.1. The launch has Opened the Door to the World of Web Services Reliable Messaging.  "The Integration Directory enables you to easily configure scenarios where the Integration Server acts as a message hub between WS-RM-enabled applications and any other application or technical system. Thus, you can configure scenarios where either a Web Service client calls the Integration Server and the message is then routed to any other application, or the other way around where any application calls a Web Service provider via the Integration Server. In the Integration Directory you can do the complete configuration of the Integration Server inbound or outbound processing."
  https://www.sdn.sap.com/irj/scn/wiki?path=/display/profile/2007/07/25/new+news&focusedcommentid=44360
  Regards
  joel

• User authentication for menus..

  Hi Everyone,
  I am doing a project for my office to maintain inventory, I want to implement user rights for the menus..
  I would appreciate if any help me out...
  Thanks in advance..
  Regards,
  Irsath Ahamed.

  Al-Salamu Alikum ya Ahmed...
  1. Create your menu.
  2. Think of your security concept and create the resulting DB-Roles. Grant
  the roles to the users.
  3. Choose Menu-Property MENU MODULE ROLES
    and enter the names of the DB-Roles you created.
  4. Choose Menu-Property USE SECURITY and set to TRUE.
  The command to grant a role to a dbuser is
  GRANT <ROLENAME> TO <USERNAME>;
  5. Choose a Menu Item (or Submenu Item)
  choose MENU ITEM ROLES Property and highlight (blue) the
      Roles you want to give access to the menu item.
  (you can highlight more than one with Shift-Key)
  Grant roles access to individual menu items (using the Menu Item Roles property).
  6. Compile  and Generate the menu module.
  7. Compile and Generate  the form module.and then forms checks which roles are assigned to the connected user & which menuitems (forms & parameter forms of reports) should be shown to the user.
  If u Google u will find many...
  Pls have a look here
  http://www.orafaq.com/forum/t/157310/0/
  http://www.orafaq.com/forum/t/62786/2/
  Runtime Forms .FMX
  http://download.oracle.com/docs/cd/B25329_01/doc/admin.102/b25107/users_secure.htm
  Hope this helps...
  Regards,
  Amatu Allah.

• How to remove user authentication for SAP Web Service?

  Hi there,
  I am using SAP Web Services in my flex application. Every time wsdl url is called, the username\password window pops up. I want to remove this.
  I searched in the forum and based on the discussions, I tried giving the user name password under Web Service Administration using SOAMANAGER, by selecting No Authentication option. But this did not work. I still get that pop up.
  I also tried giving the credentials in SICF, under Logon Data tab of the service. This too failed. I kept getting the pop up.
  Can someone pls let me know how can I remove this? If username password in mandatory to be passed, I can create a temporary username which will be used to access all of my webservices and use it. But I want to remove this authentication part when I am using the flex application ang calling the web service url from within it.
  Appreciate your help.....
  -Deepak

  Hi,
  It is a little bit tricky, because the interface has changed several times in different releases. I know that it is possible without authentification.
  I remember that i defined somewhere the default client, the username and password in the ERP system to use by this web service.
  Maybe it helps if you try the old transactions WSADMIN, WSCONFIG or WSADMIN2 ?
  Sorry that I cannot help you more. I hope it helps.
  Best regards,
  Joern

• User Authentication for AppleScript

  Is there a way to authenticate an AppleScript with admin privileges?
  I have a script that messes with a certain application and admin authentication may be needed for standard users.
  Thanks for any input.

  For shell scripts there is a way
  <pre style="margin: 0px; border: 1px solid #aaa; color:#000; background-color: #ccc; overflow: auto; font-family: Verdana, Monaco, monospace;"> do shell script "blafasel" password "yourpassword" user name "youradminusername" with administrator privileges</pre>
  perhaps you can open another script app then like:
  <pre style="margin: 0px; border: 1px solid #aaa; color:#000; background-color: #ccc; overflow: auto; font-family: Verdana, Monaco, monospace;"> do shell script "open ~/myscriptapp.app" password "yourpassword" user name "youradminusername" with administrator privileges</pre>
  or you run the script via the osascript-command. Type +*man osascript*+ in your terminal for more information

• 10.3.9 - Mobile Users Authenticating for SMTP Relay.

  I hope I get my thoughts together and this question comes out right.
  I have a small shop, where most of my users are in-house. They're using Entourage clients, and my couple of PC folks are using Outlook 2003. From in-house, everyone works just fine. Relay filters are setup to allow people inside the network to send fine. I have 127.0.0.1/32 and 192.168.1.1/32 in the Mail/Settings/Filters/SMTP Relay settings.
  However, I have a couple of mobile users, the Director being one of them, who want/need to send email when outside of the office, or from a mobile device, like their Treo.
  What I'm running into is that my mobile users are having authentication issues when trying to send email while outside the office. Even when they indicate they need to authenticate SMTP from their client, I get different issues with different users.
  The Director's Treo, using Versamail, recieves email normally via IMAP. However, when sending, even though she's set to ESMTP Authentication, I get a 502 error. Without ESMTP Authentication turned on, I get a relay error.
  Mail/Settings/Advanced has LOGIN and Plain checked for SMTP Authentication, and IMAP has LOGIN, Plain and Clear checked, while POP has APOP and Clear slected.
  I'm at a loss for how to proceed with correcting this issue to allow mobile users to authenticate reliably from where ever they are. Can someone provide me some straightforward guidence on how this should be correctly configured?
  Thanks.
  PowerBook G4 17   Mac OS X (10.4.9)   1.5G RAM

  Thanks for the response.
  I've seen the posts about adding alternate ports, but it doesn't seem to matter what the ISP source is, they get Relay denied messages and our mailer shows the denial traffic.
  There are additional relay exceptions in this, but here is the postconf file you requested:
  always_bcc =
  command_directory = /usr/sbin
  config_directory = /etc/postfix
  daemon_directory = /usr/libexec/postfix
  debugpeerlevel = 2
  enableserveroptions = yes
  inet_interfaces = all
  luser_relay =
  mail_owner = postfix
  mailbox_transport = cyrus
  mailq_path = /usr/bin/mailq
  manpage_directory = /usr/share/man
  mapsrbldomains = sbl-xbl.spamhaus.org,bl.spamcop.net
  messagesizelimit = 15728640
  mydestination = $myhostname,localhost.$mydomain,kemperart.org
  mydomain_fallback = localhost
  myhostname = mail.kemperart.org
  mynetworks = 127.0.0.1/32,192.168.200.99/32,192.168.200.1/32,rr.com,68.25.136.123/32
  mynetworks_style = host
  newaliases_path = /usr/bin/newaliases
  queue_directory = /private/var/spool/postfix
  readme_directory = /usr/share/doc/postfix
  relayhost =
  sample_directory = /usr/share/doc/postfix/examples
  sendmail_path = /usr/sbin/sendmail
  setgid_group = postdrop
  smtpdclientrestrictions = rejectmapsrbl
  smtpdenforcetls = no
  smtpdpw_server_securityoptions = plain,login,cram-md5
  smtpdrecipientrestrictions = permitsasl_authenticated,permit_mynetworks,reject_unauthdestination,permit
  smtpdsasl_authenable = yes
  smtpdtls_certfile = /etc/postfix/server.pem
  smtpdtlsloglevel = 0
  smtpduse_pwserver = yes
  smtpdusetls = no
  unknownlocal_recipient_rejectcode = 450
  Remember, be gentle, while I'm able to get around the Terminal Window, I am, by no means, an expert.
  Thanks again!
  PowerBook G4 17   Mac OS X (10.4.9)   1.5G RAM

• User Authentication for CUIC co-resident with UCCX

  We are running UCCX 9.0.2 and have been using the HRC for reporting, but I'd like to switch us over to the version of CUIC that is built-in to UCCX.  I flipped us over to that after hours to take a look through it and get an idea what I'll need to do to get things working before permanently switching us off of HRC.
  One thing I'm having trouble with is that the authentication doesn't appear to be AD based like UCCX is.  It automatically imported all of the supervisors and administrators that have access to UCCX (including me), but I'm not able to log in with anything other than the platform admin user name and password.  I used the platform admin user name and password to get in and view everything and make a few changes.  I added my account to the admin group and assigned the System Configuration Administrator and Security Administrator roles to myself.  (see screenshot)
  I noticed the format it shows for my user name is CCX\tyson.shroyer and it doesn't show a field for a password anywhere.  I tried logging in using CCX\tyson.shroyer as my user name and the password for my AD account (which is what I use to log in to UCCX) and it doesn't work.  I tried it without CCX\ in the user name and it still didn't work.  I tried leaving the password blank...no dice.  No combination of user name and password gets me in.
  I've looked all over trying to find some info and documentation specifically for the version of CUIC that's built-in with CCX 9.x and above, but everything I find (SRNC, Admin Guide, etc) is specific to CUIC Premium which I know would be on a separate server and appears to have a different method of administration.  That documentation mentions accessing an OAMP page for all of the system administration tasks.  I tried going to the path for the OAMP page as specified in the documentation and it doesn't appear to be available.  I'm not sure if it just isn't part of this version or not.
  Anyway, I'd greatly appreciate any info you could provide on making this switch.  I'd prefer to get it integrated with AD just like the rest of the UC environment is, but at this point I'd settle for at least being able to get logged in with a user account.  Thanks in advance everyone!

  Hi
  Are you able to try the LDAP option in the login page
  https://<IPAddress>:8444/cuic/Login.htmx;jsessionid=BB18708EA5C507AD7CF6512898C6FC5F

• No User Authentication for support pages

  While testing I notice that entering the full URL's in the browser address bar for
  Support Tickets ( SupportPage.aspx)
  KnowledgeBase (support/default.aspx, SolutionDetail.aspx and Search.aspx)
  Takes a user straight to those pages without forcing a login.
  Is there a way of forcing a login to access these pages?
  The Knowledge Base is perhaps less import but the current environment allows Support Tickets to entered without a UserID which does not make sense.

  Jay,
  Went in as manager I cleared the Cache (- it still reports 5 items in the cache though ) and cleaned memory
  I logged out. and then typed in the URL's
  There I was back in support again and this time in the support ticket page the userID and BP ID were showing as manager and internal
  Seems something is still being held in memory - but surely this shouldn't happen if I'd properly logged out.
  I closed the site and re-opened - this time although I could get back to support using the URLs again without logging in , no UserID and BP Id were displayed on the support ticket page.
  I wonder if there is anything in the settings causing this?