Web service - Passing along NTLM authenticated user

Similar Messages

• Invoking a Web Service that Requests NTLM Authentication in BPEL Process

  Hi,
  I am trying to invoke a webservice which requires NTLM Authentication.able to test the service through SOAP ui .
  Followed the steps memntioned in the oracle doc in order to invoke the same service through BPEL Process, some how I am facing issue when BPEL invokes the service. Here is the error message
  oracle.fabric.common.FabricException: oracle.fabric.common.FabricException: Error in getting XML input stream: Response: '401: Unauthorized' for url:
  Oracle doc link  :-
  http://docs.oracle.com/cd/E28280_01/admin.1111/e10226/soacompapp_secure.htm#BABJEBIF
  http://www.albinsblog.com/2014/04/oraclewebservicespreemptivebasicauth.html#.VK5UEiuUeFM
  The above link discuss about the properties that need to be set in composite.xml file in order to invoke the service.
  I am using SOA 11.1.1.6,  tried to implement the same steps but i could see the error message "Unauthorized for url ********** "
  Could you please help me on this.
  Thanks

  Hi Guys ,
  Got to kow that this is a bug. Some how following link helps in sending the payload to webservice which requires NTLM authentication thru JAVA.
  Thoughts Oracle SOA OSB: NTML Authentication - Oracle SOA suite
  Thanks

• Web service for SAP R/3 user authentication

  Hi Experts,
     We are searching for any standard web service/ Bapi to authenicate an SAP user from an external system which needs WSDL to check this . External system will be providing the SAP user ID and password and expects an acknowledgemnt that whether the user is authenticated or not .
  Is there any webservice/Bapi available for this purpose? if not how we can achieve this?
  Thanks in advance
  Sanu

  Hi,
  I don't think there is any web service to just check authentication but the work around is simple :
  Call any web service which just display some information (for example call STFC_CONNECTION function module as a web service).
  As you need to authenticate to call the web service, send the user/password.
  If you get the release information, the user/password is OK.
  If you get HTTP 401 error, the user/password is KO.
  Of course the user needs the authorisation to execute the STFC_CONNECTION function module.
  Regards,
  Olivier

• WebLogic Web Services Home Page and authentication

  I've generated a set of web services using a session bean and have secured
  my EJB methods. I'd like to enable testing of these methods via the WebLogic
  Web Services Home Page service, but I can't figure out how to pass along the
  authentication parameters. I've tried appending
  '&username=myUser&password=myPassword' to the URL and this doesn't appear to
  work (yeah, I know, but you can't blame me for trying).
  Any ideas on how I might do this?
  Thanks,
  Rob

  Looks like a bug. filed CR086448.
  Contact support for patch.
  regards,
  -manoj
  "Rob Moore" <[email protected]> wrote in message
  news:[email protected]..
  Hi, Manoj,
  We're using WLS 7.0.0.1.
  Thanks,
  Rob
  "manoj cheenath" <[email protected]> wrote in message
  news:[email protected]..
  The browser should pop up the user name/passwd dialog,
  if the WS is secured. Which version of WLS are you using?
  This could be a bug.
  regards,
  -manoj
  "Rob Moore" <[email protected]> wrote in message
  news:[email protected]..
  I've generated a set of web services using a session bean and have
  secured
  my EJB methods. I'd like to enable testing of these methods via theWebLogic
  Web Services Home Page service, but I can't figure out how to pass
  along
  the
  authentication parameters. I've tried appending
  '&username=myUser&password=myPassword' to the URL and this doesn't
  appear
  to
  work (yeah, I know, but you can't blame me for trying).
  Any ideas on how I might do this?
  Thanks,
  Rob

• Web Service, SSL and Client Authentication

  I tried to enable SSL with client authentication over a web service. I am using App Server 10.1.3.4.
  The test page requires my certificate (firefox asks me to choose the certificate) the response page of the web service returns this error:
  java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Bad response: 405 Method Not Allowed
  Has anyone used web services with SSL client authentication?
  Any clue why?
  Regards

  Any comment?
  Thank you.

• JDeveloper Web Service Client/Proxy Basic Authentication

  Hi I recently migrated a 10g Web Service to an 11g Web Service that uses basic authentication.
  I then generated the client/proxy using the WSDL for my consumer application in JDeveloper 11g. however I cannot find any functions that will allow me to set the username and password to access the web service.
  For instance, in 10g Client, I simply had to this:
  myPort = new SoapHttpPortClient();
  myPort.setUsername("username");
  myPort.setPassword("password");
  I am not sure how I do the same in the generated Web Service client in 11g.
  Thanks in advance.

  Thanks Frank. I was able to get it to work!
  I did google it but I always add "jdeveloper 11g" in my searches so that must be why this did not come up. :) Thanks again!

• How  Stateless Web services requests can be authenticated using HTTP Login

  Hi All,
  How Stateless Web services requests can be authenticated using HTTP Login (with Oracle CRM On Demand Single Sign On (SSO) Token in HTTP Header).
  If there is any code regarding stateless Web services requests to CRMOD please send it to me that will be helpful for me.
  Please help me.
  Thanks,
  Jaysing
  Edited by: 883663 on Sep 19, 2011 12:06 AM

  You cant use stateless web services when you're using SSO. It's called out in the documentation.

• Integrating Oracle EBS with web services which use SAML authentication

  Hi,
  I have a requirement to invoke web service using PL/SQL from a Custom Form of EBS.
  The web Service is configured to use SAML as authentication mechanism.
  Coming to question!
  1) How do I make my EBS integrate with a SAML provider preferably (Oracle Identity Federation) ?
  2) How do i get the SAML token in my PL/SQL and pass it on to the web service?
  Regards
  Dharmvir

  user1983888 wrote:
  Hi ,
  We have Oracle EBS R12 (12.1.2) with Oracle Database 11gR2 (11.2.0.2) Database on Linux env.
  We want to implement Oracle Database Vault 11gR2. We are referring to Note: Integrating Oracle E-Business Suite Release 12 with Oracle Database Vault 11gR2 [ID 1091083.1].
  Do we need to install Oracle Database 11gR2 (s/w only) again on the Oracle Database Server or can we use the existing Oracle EBS Database 11gR2 Home which is already on 11.2?
  Regards,
  ThiruAs mentioned in the doc "If your E-Business Suite R12 is already integrated with 11gR2 database, you just need to enable Database Vault 11gR2 & register it with the database as per Task 3", so no installation of ORACLE_HOME is required and you just need to "Register Oracle Database Vault".
  Thanks,
  Hussein

• From CC&B, consume web service with Integrated Windows Authentication

  Most of the web services to be consumed from CC&B are exposed by external applications under Integrated Windows Authenticaton. Our CC&B 2.3 is running on Bea Weblogic on AIX 6.1.
  We need to find out, how CC&B can obtain a ticket (kerberos) in this context. Already checked documentation : XAI Best Practices, OUAF Framework Security Overview.Thanks.

  For the system to function properly you would need to configure both your Web Server and your Application (CC&B) Server. Since the authentication is done by your webLogic, you would first need to configure your Windows AD to recognise the WebLogic Server to accept the communication and transfer of tokens (TGS, TGT) betwen user,weblogic and AD.
  Kerberos authentication in a Microsoft AD enviroronment is dependant on a SPN (Service Principal Name). Therefore your Weglogic host must have a user account and enabled for Kerberos within your AD.
  The following link provides detailed steps for SSO for Weblogic (Windows & Unix) with AD
  [http://download-llnw.oracle.com/docs/cd/E13222_01/wls/docs81/secmanage/sso.html]
  Secondly, since the authroization is done by your application server, you will need to import the user accounts using LDAP and configure their rghts.

• Web Service Call with Basic Authentication does not work

  If I try to use Basic Authentication in my Web Service Client with the automatically created methods
  setUsername(inUserName)
  setPassword(inPassword)
  setAddress(inAddress)
  the application does not make a call. Did I forget something?
  Is it possible to use "Test Method" with Basic Authentication?
  Thank you.

  Thank you for your answer.
  But: I already read this article. And it doesn't help me.
  I use the following code:
              getMyServiceClient1().setUsername(inUserName);
              getMyServiceClient1().setPassword(inPassword);With this code I always get a java.lang.NullPointerException.
  The methods setUsername and setPassword are definded as follows:
  public void setUsername(String inUserName) {
          myStub._setProperty(Stub.USERNAME_PROPERTY, inUserName);
    public void setPassword(String inPassword) {
          myStub._setProperty(Stub.PASSWORD_PROPERTY, inPassword);
    }But if I look at the methods which are generated automatically by Sun Java Studio Creator I cannot find _setProperty.
  I also found this thread in your forum:
  http://swforum.sun.com/jive/thread.jspa?forumID=123&threadID=54773

• Calling Web Service passing xml from Oracle Forms

  Hello,
  I need to call a .net web service from Oracle Forms that passes in xml data and returns xml data.
  I have seen several examples of how to create a wrapper in jdev and then to import the code
  into forms. I just have not seen any examples that are passing parmameters especially not xml
  as a parameter and that have an active wsdl that I can see how it relates to the code created.
  I have a wrapper but cannot figure out where and what notation to use to include passing in
  an xml object.
  Does anyone have an example passing in xml where the wsdl is still available to see?'
  Forms version 10.1.2.0.2. Jdev 10.1.3.4
  Thanks,
  Linda
  Edited by: lboyce on Jan 5, 2009 2:30 PM

  Also here you have several options...
  1. you can make a PJC (bean) which include a webservice stub generated with axis (you can make a stub and also test a webservice with this tool: www.soapui.org)..
  2. you can make a database webservice with JPublisher and then just call a pl/sql wrapper for this webservice
  4. you can call a webservice with java api (HttpsURLConnection, HttpURLConnection or with apache HTTPClient api) from your PJC for example:
  the code below is used as java stored procedure to call a .net webservice on https
  ====================================
  public static int getPStopnja(String polica, String reg_oznaka,
  String ime_osiguranika,
  String naziv_osiguranika,
  String leasing,
  String[] doc) {
  String l_polica="";
  String l_reg_oznaka="";
  String l_ime_osiguranika="";
  String l_naziv_osiguranika="";
  String l_leasing ="";
  URL url = null;
  HttpsURLConnection conn = null;
  BufferedReader br = null;
  String lineIn = null;
  StringBuffer sb = new StringBuffer();
  OutputStream os = null;
  int rc = 0;
  //kontrole
  l_polica = polica==null ? "":polica;
  l_reg_oznaka = reg_oznaka==null ? "": reg_oznaka;
  l_ime_osiguranika = ime_osiguranika==null ? "": ime_osiguranika;
  l_naziv_osiguranika = naziv_osiguranika==null ? "": naziv_osiguranika;
  l_leasing = leasing==null ? "": leasing;
  String body = "&lt;?xml version=\"1.0\" encoding=\"utf-8\"?&gt;";
  body += "&lt;soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:web=\"https://services.huo.hr/web_ao/\"&gt;";
  body += "&lt;soapenv:Header/&gt;";
  body += "&lt;soapenv:Body&gt;";
  body += "&lt;web:get_pstupanj&gt;";
  body += "&lt;web:param_in&gt;";
  body += "&lt;web:polica&gt;"+l_polica+"&lt;/web:polica&gt;";
  body += "&lt;web:reg_oznaka&gt;"+l_reg_oznaka+"&lt;/web:reg_oznaka&gt;";
  body += "&lt;web:ime_osiguranika&gt;"+l_ime_osiguranika+"&lt;/web:ime_osiguranika&gt;";
  body += "&lt;web:naziv_osiguranika&gt;"+l_naziv_osiguranika+"&lt;/web:naziv_osiguranika&gt;";
  body += "&lt;web:leasing&gt;"+l_leasing+"&lt;/web:leasing&gt;";
  body += "&lt;/web:param_in&gt;";
  body += "&lt;/web:get_pstupanj&gt;";
  body += "&lt;/soapenv:Body&gt;";
  body += "&lt;/soapenv:Envelope&gt;";
  SSLContext sslContext = null;
  try {
  sslContext = SSLContext.getInstance("TLS");
  X509TrustManager[] xtmArray = new X509TrustManager[|http://forums.oracle.com/forums/] { xtm };
  sslContext.init(null, xtmArray, new java.security.SecureRandom());
  } catch (GeneralSecurityException gse) {
  doc[0] = gse.toString();
  return -1;
  if (sslContext != null) {
  conn.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
  try {
  conn.setDefaultHostnameVerifier(hnv);
  } catch (Exception ex) {
  doc[0] = ex.toString();
  return -1;
  try {
  URL st = new URL("https://services.huo.hr/web_ao/web_ao.asmx");
  conn = (HttpsURLConnection)st.openConnection();
  conn.setRequestMethod("POST");
  conn.setRequestProperty("Host", "services.huo.hr");
  conn.setRequestProperty("Content-Length", "" + body.length());
  conn.setRequestProperty("SOAPAction",
  "\"https://services.huo.hr/web_ao/get_pstupanj\"");
  conn.setRequestProperty("Content-Type", "text/xml;charset=UTF-8");
  conn.setDoOutput(true);
  OutputStreamWriter wr =
  new OutputStreamWriter(conn.getOutputStream());
  wr.write(body);
  wr.flush();
  BufferedReader in =
  new BufferedReader(new InputStreamReader(conn.getInputStream()));
  String inputLine;
  while ((inputLine = in.readLine()) != null) {
  sb.append(new String(inputLine.getBytes(),"UTF-8"));
  in.close();
  //System.out.println(new String(sb.toString().getBytes(),"ISO8559_2"));
  doc[0] = sb.toString();
  return 0;
  } catch (Exception e) {
  doc[0] = e.toString() + " ===&gt; " + body + " ==&gt;length= " + body.length();
  return -1;
  ====================================
  best regards
  Edited by: Peterv6i on Jan 6, 2009 8:34 AM
  Edited by: Peterv6i on Jan 6, 2009 8:40 AM

• Securing SOA 11g Web Services with OWSM AD authentication

  I have SOA 11g with Weblogic 10.3.5 installed and running a Web Service and a Client I want to protect with Active Directory auth and perhaps some other access rules. As I read, I can use OWSM policies to do that. Most guides I found concern OWSM 10g.
  How can I make WL use AD authentication? Do I have to use Access Manager?

  I finally figured it out. The nullpointer exception is related to the SAML assertion. The SAML assertion in my requests is signed with embedded signature and this seems to be not supported with the used OWSM policy. Without the signature is the exception gone.
  Marian

• Web Services - This WSDL requires authentication credentials. Please supply

  I am trying to access a web service on our network. This is an open service and doesn't require you to log in. I can put the link into IE and the service homepage is shown however when I try to create a new service in APEX I get the error:
  This WSDL requires authentication credentials. Please supply the username and password below.
  I have tried entering my Windows Username and password (the web service is hosted on a windows VM on our network) however this didn't work.
  Anybody know what might be causing this?
  Thanks

  Hello,
  If you enter the name/location of that script in your browser, you'll see the contents (hopefully). Then you can see the name or IP address and port of your proxy. Try these ones first in the APEX setting.
  If that doesn't work, add your (windows) username/password also. The problem is (apart from the evident security issue) that you probably forced to change your windows password every now and then, and you'll forget to change that setting here. As far as I know you can't enter the URL to the script in the APEX proxy property - however...I never tried...
  Greetings,
  Roel
  http://roelhartman.blogspot.com/
  You can reward this reply by marking it as either Helpful or Correct ;-)

• Calling Web Service with Http Basic authentication in SOA 11g

  I am calling a webservice which has http basic authentication attached to it. Thus i am adding 'oracle/wss_http_token_client_policy' OWSM policy to the WS refrence in my composite in Jdeveloper,but it doesn't showme the option of providing the http Username and http Password. The only key it is showing me is cf.key.
  Am i missing some steps?
  Please let me know.
  Note - I am working on SOA 11.1.1.4.
  Regards
  Ayush

  Hi Ayush,
  Please refer -
  http://biemond.blogspot.com/2010/08/http-basic-authentication-with-soa.html
  Regards,
  Anuj

• WLS 10.3.3 - Web service - NTLM authentication

  Hi,
  We have generated web service proxy based on a wsld file for a .Net web service secured with NTLM authentication.
  Running the code that connects to the web service from a java class main method works fine, but when running the same code from a web application deployed on weblogic server (we have tried both integrated and standalone) we get the following error: com.sun.xml.ws.client.ClientTransportException: The server sent HTTP status code 401: Unauthorized.
  Is there something that we should set in weblogic?
  Regards,
  Delia

  Delia,
  We had exactly the same issue and it took ages to resolve! Oracle didn't have a solution so I knuckled down and eventually worked out a solution...
  When running your JAR under WLS you may have noticed that the exception looks like this:
  java.io.FileNotFoundException: Response: '401: Unauthorized' for url: 'http://+your.domain.here+/default.aspx'
  at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:474)
  Notice that it is not using the java.net.HttpURLConnection as you might have expected (and your Java code explicitly imports!), rather it employs weblogic.net.http.HttpURLConnection and there lies the rub.
  As it turns out, it is easy to have your code force the use of the handler you desire.
  Instead of:
  HttpURLConnection http = (HttpURLConnection) new URL(+yourURL+).openConnection();
  Use:
  URL url = new URL(null, yourURL, new sun.net.www.protocol.http.Handler());
  HttpURLConnection http = (HttpURLConnection) url.openConnection();
  Regards,
  Jerome