Webservice with HTTP authentication

Similar Messages

• UCM 11g web services with HTTP authentication

  Is it possible to setup UCM 11g web services with HTTP authentication?
  I did setup UCM 11g web services using OWSM policies and are working well.
  But my development team wants to consume web services with only HTTP authentication (simple user name and password), do not want to use Keystore files and encryption.
  Please help me guys.
  Thank you in advance

  Hi ,
  If you are looking to use the WSDL to execute ucm services then use SoapUI IDE on development , there it requires only the http authentication method .
  Let me know if this is the actual requirement which you were looking for or if I have missed the point .
  I use this to quickly test WSDL and verify if the service being invoked is actually correct or not .
  Thanks,
  Srinath
  Edited by: Srinath Menon on Apr 26, 2013 11:32 AM

• Issue with HTTP Authentication

  I am trying to implement an authentication/timeout
            system whereby the initial login is done by a standard
            HTML form (posted). When the session times out and the
            user requests a service, the session is "revived" by
            custom HTTP Authentication. In this way, a complex set
            of frames and multiple windows is not disrupted by a
            new window.
            The problem is that one a user HTTP Authenticates, the
            AUTHORIZATION header value stays until the browser is
            closed. Consequently, the user never has to
            authenticate again, even when the session times out,
            because when the servlet requests authorization, it is
            right there in the servlet request.
            So my question is, how do I clear or remove the
            AUTHORIZATION header item from the client ?
            Thanks.
            //Nicholas
            

  Hi,
  Opened a TAC and he confirmed that 8.2.1 supports the SDI for http/asdm authentication.
  http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.html#wp340497
  Regards
  Amar

• Restful webservice with basic authentication

  Hi, i am running the following:
  Oracle: 11.2....
  ApexListener: 2.....
  Glassfish: 3.0...
  Apex: 4.2.1
  I have successfully established some restful webservices. Now i want to add a basic authentication to them against an APEX Authentication Scheme which is used in one of my APEX Applications. I cannot find any documentation related to Glassfish or ApexListener or APEX to do that.
  Or are the RESTful Service Privileges which belong to APEX User Goups intent to do a basic authentication ?
  Thanks for your help !
  -- Klaus

  OK got it solved by my self.
  Solution:
  Define a RESTFUL (POST, PLSQL) Service with the following HEADER parameters:
  authorization          authorization     IN     STRING
  X-APEX-STATUS-CODE     status          OUT     INTEGER
  As per RFC 1945, the Authorization header value should contain the username:password
  as encoded (base64) string. That is what the RESTclient send (over https)
  In the PLSQL i decode :authorization and validate it against APEX Authentication Scheme.
  The result of the validation drives the response header (:status) in PLSQL with 200 (ok) or 401 (Not Authorized)
  -- Klaus

• Webservice without HTTP Authentication

  Dear people,
  I need to create a webservice using a function module (SE80 --> webservice wizard).
  But when I create this webservice it has a username and password so I need to create it without a username and password.
  How can I create it without any authentication?
  Thanks!!!

  [more info|http://help.sap.com/saphelp_erp2004/helpdata/EN/a0/da0710b6560a4e80fb94f3f712dfc0/content.htm]
  [more and more info|http://help.sap.com/saphelp_erp2004/helpdata/EN/13/bcd0f61583be4a9cd835918e5673e1/content.htm]

• Webservice with HTTPS in PI 7.1

  Hello,
  I am doing a scenario where the an sender application will publish the data to webservice at PI. It will use HTTPS without client authantication. I generated the WSDL from the sender agrrement and tried testing the interface using Altova. Though the URL seems correct (tested it by putting in IE), while sending SOAP request through HTTPS, I am getting an error "SOAP data cannot be sent".  Any possible reason for this behaviour? I have tested the configuration in IB and it is fine.
  Thanks
  Tushar

  Hi,
  Do you have Microsoft Infopath 2007(Bundled in Office Package),
  it can also be used to check your SOAP scenario(Sender).
  regards
  Dragon

• Invoking web service with HTTP authentication using OdiInvokeWebService

  I did all configurations in OdiInvokeWebService Advanced Editor. When I press "Invoke web service" there are no errors. But when I try to execute this step there is an error:
  java.lang.IllegalArgumentException: Bad password format. Make sure that it's an encrypted password.
  Text of the command:
  OdiInvokeWebService "-URL=http://sapk02:8080/sap/bc/srt/rfc/sap/ZODI_FILE_SER?sap-client=800&wsdl=1.1" "-PORT_TYPE=ZODI_FILE_SER" "-OPERATION=ZODI_FILE" "-HTTP_USER=user" "-HTTP_PASS=_321321_"
  *<?xml version = '1.0' encoding = 'UTF8'?>*
  *<ZODI_FILERequest>*
  *<ZODI_FILE>*
  *<FILE>/tmp/temp1.txt</FILE>*
  *</ZODI_FILE>*
  *</ZODI_FILERequest>*
  When I fill HTTP password edit manually and try to execute there is another error:
  *com.sunopsis.wsinvocation.SnpsWSInvocationException: AxisFault*
  *faultCode: {http://xml.apache.org/axis/}HTTP*
  *faultSubcode:*
  *faultString: (401)Unauthorized*
  Text of the command:
  *OdiInvokeWebService "-URL=http://sapk02:8080/sap/bc/srt/rfc/sap/ZODI_FILE_SER?sap-client=800&wsdl=1.1" "-PORT_TYPE=ZODI_FILE_SER" "-OPERATION=ZODI_FILE" "-HTTP_USER=user" "-HTTP_PASS=*aIyHMmFSmTzVm1V08nTf"
  *<?xml version = '1.0' encoding = 'UTF8'?>*
  *<ZODI_FILERequest>*
  *<ZODI_FILE>*
  *<FILE>/tmp/temp1.txt</FILE>*
  *</ZODI_FILE>*
  *</ZODI_FILERequest>*
  ODI Version 11.1.1.3.0

  I've gotten past the original error by importing the security certificate of the Web service into my keystore/truststore. I'm also running the process on SOA 10.1.3.1.0. Now when I invoke the Web service from the BPEL process I get this error:
  exception on JaxRpc invoke: HTTP transport error:
  javax.xml.soap.SOAPException: java.security.PrivilegedActionException:
  javax.xml.soap.SOAPException: Bad response: 403 Forbidden
  I've tried passing the credentials every way I can -- partner link properties, Oracle Web Services Manager, whatever -- and still get the same error. I would expect to see a 401 error for problems with credentials, not a 403.
  Any suggestions?
  Thanks for your time.
  Paul Camann

• Weblogic HTTP Authentication on 11g webservice

  Hi all
  We are recently migrating webservice from 10g to 11g, but keep 10g client use for connecting the new 11g interface. Due to previous technical limitation, the 10g client is found failed to connect 11g and thus we built a middleware between them. The webservice server side (11g) is protected with HTTP authentication on weblogic and we found that both 11g client and the middleware can connect the server side successfully authenticated. Only when we use the 10g to connect the middleware, server side blocks the transaction with error code 401 unauthorized. Can everybody know any tricks behind, thanks.
  11g ws client -----> [HTTP AUTH] --------> 11g server side [ OK ]
  Middleware -> 11g ws client ------> [HTTP AUTH] -------> 11g server side [ OK ]
  10g client --------> Middleware -> 11g ws client ------> [HTTP AUTH] -------> 11g server side [ FAILED ]
  Cheers
  Chris
  Edited by: Nexus Chris on Dec 17, 2012 10:13 AM
  Edited by: Nexus Chris on Dec 17, 2012 10:13 AM

  Hi,
  guess this is the wrong forum and you should post this question on the WLS or SOA forum here on OTN. I imagine that the two services a different in the way that 10g is JAX-RCP and 11g uses JAX-WS. Anyway, the two forums I mentioned may be best to get this sorted
  Frank

• How do i use r/3 webservice with sneak preview (7.0.9) of developer studio.

  Hi,
      I am having a problem importing an r/3 webservice using adaptive rfc in the sneak preview edition of java NW2004s (7.0.9).
  the webservice requries http authentication to get the wsdl file. so i have to use webservice destinations when creating my adaptive rfc model (to get the username and password boxes on the URL )
  So the steps i take are :-
  1. New Model
  2. import adaptive webservice model
  3. enter model name and package
  4. local file system or url
  5. Use destinations for metadata and execution & enter web service destinations (in my case 'meta' and 'exec')
  6. enter wsdl location (http://-hostname-/sap/bc/srt/rfc/sap/Z_DSKTP_USR?sap-client=200&wsdl=1.1&mode=sap_wsdl)
  7. enter username and password. & click next
  ... at this point i get 'Error loading the WSDL file'. the log shows that this due to a 401(unauthorized) error.
  when i follow the same steps in 6.0.19IDE  (instead of 7.0.9 IDE) it works fine.
  i used a packet sniffer (ethereal) to record the network traffic and can see the Authorization header is not sent from the 7.0.9 IDE  but is sent in the 6.0.19 IDE .
  so i think this is a bug in the sneak preview version of the 7.0 IDE. and i am just wondering what other people think? has anyone else seen this? anyone know of a patch or work around? or seen any sap notes about it?
  i am just using this to evaluate webservices and am not really worried about authentication anyway so i guess the other option is to try to make r/3 not use http authentication for the webservice app? does anyone know how to do this?
  any help greatly appreciated.
  regards,
  rob munro.
  Message was edited by:
          robert munro

  Sorry, but i do not understand this post at all... Can anyone explain it to me? Is he saying my IDE is running on something other than Unicode?
  PS: I tried one of the Scanner constructors that takes a charset parameter. That fixed the odd output! However, every Chinese character has been replaced with a question mark. (It was a series of weird characters before i used the constructor with a charset parameter.)

• XML error when Crystal report calling Webservice with Rampart (ws-security)

  Could you please advise me where I am doing wrong -
  I have designed the report using CR 2008 following a SAP document instructions but getting error. -
  1. Created a Class file and put it in the class folder -
  public class PasswordHandler implements CallbackHandler { public void handle(Callback[] callbacks) throws IOException,UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { WSPasswordCallback pwcb = (WSPasswordCallback)callbacks<i>; pwcb.setPassword("clientPassword"); return; } } -
  2. created wse_policy.xml with below content clientName com.rockalltech.action.reports.PasswordHandler -
  3.Also modified CRConfig.xml with below data com.PasswordHandler -
  Still I am getting Rampart error like below -
  [2009-06-02 18:04:26,977,,FATAL,com.crystaldecisions.data.xml] org.apache.axis2.AxisFault: org.apache.rampart.Rampart at org.apache.axis2.deployment.URLBasedAxisConfigurator.getAxisConfiguration(URLBasedAxisConfigurator.java:77) at org.apache.axis2.context.ConfigurationContextFactory.createConfigurationContext(ConfigurationContextFactory.java:64) at org.apache.axis2.context.ConfigurationContextFactory.createConfigurationContextFromURIs(ConfigurationContextFactory.java:190) at com.crystaldecisions.data.xml.a.b.a(Unknown Source) at com.crystaldecisions.data.xml.a.a.a(Unknown Source) at com.crystaldecisions.data.xml.f.a(Unknown Source) at com.crystaldecisions.data.xml.f.int(Unknown Source) at com.crystaldecisions.data.xml.CRDB_XMLImpl.DbExecuteQuery(Unknown Source) at com.crystaldecisions.reports.queryengine.driverImpl.xml.XMLQueryDefinition.Execute(Unknown Source) Thomas Edited by: thomasjv on Jun 2, 2009 7:15 PM Edited by: thomasjv on Jun 3, 2009 10:45 AM Edited by: thomasjv on Jun 3, 2009 10:45 AM Edited by: thomasjv on Jun 3, 2009 10:46 AM

  Hi!
  Thanks for the help:
  - I give all proxy details. In HTTP and HTTPS proxy tabs too.
  one interesting thing:
  - We publicate the same WebService with HTTP and HTTPS prefix.
  - If I create a proxy for the WS with HTTP, everything is correct and works well.
  - If I create a proxy for the WS with HTTPS, gives the error written the previous posts. (And can't create the logical port with SOAMANAGER)
  I compare the 2 WSDL. It is the same, except the links. (HTTP and HTTPS) all others are same.
  - And why it is possible in both case (HTTP, HTTPS) to create the proxy with SE80 from the WSDL URL? (And after the logical port was failed)

• OfficialFile.asmx The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Negotiate,NTLM'. ERROR

  We are getting an error on the authentication piece when trying to submit a file to the OfficialFile.asmx web service to submit a document to the Drop-Off Library. Here is the code snippet -
  public string FileUpload(HttpPostedFile FileInput, RecordsRepositoryProperty[] properties)
  string strFileUrl = string.Empty;
  RecordsRepositorySoapClient repository = new RecordsRepositorySoapClient();
  BinaryReader b = new BinaryReader(FileInput.InputStream);
  byte[] binData = b.ReadBytes(FileInput.ContentLength);
  repository.ClientCredentials.Windows.ClientCredential = new System.Net.NetworkCredential(iUserID, iUserPassword, iUserDomain);
  repository.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
  repository.SubmitFile(binData, properties, null, FileInput.FileName, HttpContext.Current.User.Identity.Name);
  strFileUrl = repository.GetFinalRoutingDestinationFolderUrl(properties, null, FileInput.FileName).Url;
  return strFileUrl;
  Although we are setting the network credential in the client call we still get the error
  - The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Negotiate,NTLM'.
  Ideas?
  Thanks in advance.

  Hi,
  Based on the error message, the issue is related to the authentication type.
  I suggest you can specify the credential type like the below:
  CredentialCache credentialCache = new CredentialCache();
  NetworkCredential credentials = new NetworkCredential(UserName, PassWord, sDomain);
  credentialCache.Add(new Uri(recordCenterUrl), "NTLM", credentials);
  Here is a detailed code demo for your reference:
  http://blogs.msdn.com/b/mcsnoiwb/archive/2011/06/06/sending-files-to-a-record-center-using-the-sp2010-webservice-officialfile-asmx.aspx
  Best Regards
  Forum Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Jerry Guo
  TechNet Community Support

• Enabling HTTPS with Client Authentication for Sender SOAP Adapter on PI7.1

  Hello All,
  We are currently building up a HTTPS message exchange with an external client.
  Our PI 7.1 recieved over HTTPS messages on an already configured Sender SOAP Adapter.
  The HTTPS (SSL) connectivity works fine and was completely configured on the ABAP Stack at Trust Manager (TC=STRUSTSSO2)
  Login to Message Servlet "com.sap.aii.adapter.soap.web.MessageServlet is required and works fine with user ID and password.
  Now we have to configure the addtional Client Authentication.
  At SOAP Adapter (Sender Communication Channel) under "HTTP Security Level"you are able to configure "HTTPS with Client Authentication".
  But what are the next steps to get this scenario successfully in place?
  Many thanks in advance!
  Jochen

  Hi Colleagues,
  following Steps still have to be done:
  - Mapping public key to technical user at Java Stack
    As preparation you have to activate value "ume.logon.allow.cert" with true under "com.sap.security.core.ume.service" under Config Tool. At NWA under Identity Management at for repecively technical user the public key certificate
  - Be sure CA root certivicate at Database under STRUSTSSO2
  - Import intermediate Certificate under Certificate List at Trast Manager for the Respecive Server Note
  - use Login Module "client_cert" which you have to configure under NWA\Configuration Management\Authentication for Components "sap.com/com.sap.aii.adapter.soap.app*XISOAPAdapter".
  Many thanks to all for support!
  Regards,
  Jochen

• Autoscaling Application block for Azure worker role console app not working. Get error as The HTTP request was forbidden with client authentication

  I have written a console application to test the WASABi(AutoScaling Application Block) for my worker role running in azure. The worker role processes the messages in the queue and I want to scale-up based on the queue length. I have configured and set the
  constraints and reactive rules properly. I get the following error when I run this application.
  [BEGIN DATA]{}
      DateTime=2013-12-11T21:30:02.5731267Z
  Autoscaling General Verbose: 1002 : Rule match.
  [BEGIN DATA]{"EvaluationId":"4f9f7cb0-fc0d-4276-826f-b6a5f3ea6801","MatchingRules":[{"RuleName":"default","RuleDescription":"The default constraint rule","Targets":["AutoscalingWebRole","AutoscalingWorkerRole"]},{"RuleName":"ScaleUpOnHighWebRole","RuleDescription":"Scale
  up the web role","Targets":[]},{"RuleName":"ScaleDownOnLowWebRole","RuleDescription":"Scale down the web role","Targets":[]},{"RuleName":"ScaleUpOnHighWorkerRole","RuleDescription":"Scale
  up the worker role","Targets":[]},{"RuleName":"ScaleDownOnLowWorkerRole","RuleDescription":"Scale down the worker role","Targets":[]},{"RuleName":"ScaleUpOnQueueMessages","RuleDescription":"Scale
  up the web role","Targets":[]},{"RuleName":"ScaleDownOnQueueMessages","RuleDescription":"Scale down the web role","Targets":[]}]}
      DateTime=2013-12-11T21:31:03.7516260Z
  Autoscaling General Warning: 1004 : Undefined target.
  [BEGIN DATA]{"EvaluationId":"4f9f7cb0-fc0d-4276-826f-b6a5f3ea6801","TargetName":"AutoscalingWebRole"}
      DateTime=2013-12-11T21:31:03.7516260Z
  Autoscaling Updates Verbose: 3001 : The current deployment configuration for a hosted service is about to be checked to determine if a change is required (for role scaling or changes to settings).
  [BEGIN DATA]{"EvaluationId":"4f9f7cb0-fc0d-4276-826f-b6a5f3ea6801","HostedServiceDetails":{"Subscription":"psicloud","HostedService":"rmsazure","DeploymentSlot":"Staging"},"ScaleRequests":{"AutoscalingWorkerRole":{"Min":1,"Max":2,"AbsoluteDelta":0,"RelativeDelta":0,"MatchingRules":"default"}},"SettingChangeRequests":{}}
      DateTime=2013-12-11T21:31:03.7516260Z
  Autoscaling Updates Error: 3010 : Microsoft.Practices.EnterpriseLibrary.WindowsAzure.Autoscaling.ServiceManagement.ServiceManagementClientException: The service configuration could not be retrieved from Windows Azure for hosted service with DNS prefix 'rmsazure'
  in subscription id 'af1e96ad-43aa-4d05-b3f1-0c9d752e6cbb' and deployment slot 'Staging'. ---> System.ServiceModel.Security.MessageSecurityException: The HTTP request was forbidden with client authentication scheme 'Anonymous'. ---> System.Net.WebException:
  The remote server returned an error: (403) Forbidden.
     at System.Net.HttpWebRequest.GetResponse()
     at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
     --- End of inner exception stack trace ---
  Server stack trace: 
     at System.ServiceModel.Channels.HttpChannelUtilities.ValidateAuthentication(HttpWebRequest request, HttpWebResponse response, WebException responseException, HttpChannelFactory`1 factory)
     at System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest request, HttpWebResponse response, HttpChannelFactory`1 factory, WebException responseException, ChannelBinding channelBinding)
     at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
     at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
     at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
     at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
     at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs)
     at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
     at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
  If anyone know why I am getting this anonymous access violation error. My webrole is secured site but worker role not.
  I appreciate any help.
  Thanks,
  ravi
    

  Hello,
  >>: The service configuration could not be retrieved from Windows Azure for hosted service with DNS prefix 'rmsazure' in subscription id **************
  Base on error message, I guess your azure service didn't get your certificate and other instances didn't have certificate to auto scale. Please check your upload the certificate on your portal management. Also, you could refer to same thread via link(
  http://stackoverflow.com/questions/12843401/azure-autoscaling-block-cannot-find-certificate ).
  Hope it helps.
  Any question or result, please let me know.
  Thanks
  Regards,
  Will 
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• HTTPS with Client Authentication not available in EHP1?

  Hi Guys,
  I am not seeing this option in PI 7.1 EHP1.
  At SOAP Adapter (Sender Communication Channel) under "HTTP Security Level"you are able to configure "HTTPS with Client Authentication".
  any help would be appreciated
  Thanks,
  Srini

  Hi Srinivas,
  I didnot use it personally. But when I see on SAP help I dont see that option anywhere. Please see this sap help:
  http://help.sap.com/saphelp_nwpi711/helpdata/en/48/3555240bea31c3e10000000a42189d/content.htm
  But you have an option sender agreeement for security. Please see this help:
  http://help.sap.com/saphelp_nwpi711/helpdata/en/48/ceb8cf18d3424be10000000a421937/content.htm
  Since we have the option to skip the adapter engine they have enabled this option in http adapter. So you can directly hit to integration engine skipping the adapter framework, which will help in improving the performance. Please see this help on this:
  http://help.sap.com/saphelp_nwpi711/helpdata/en/43/64db4daf9f30b4e10000000a11466f/frameset.htm
  Regards,
  ---Satish

• HTTPS with Client Authentication in SOAP sender Adapter

  Hi All,
  In SOAP Sender communication channel. When I generate WSDL with “HTTP Security Level = HTTP:” it works when third party tries to send data to XIwebservice.
  But when I tried with “HTTPS with Client Authentication” option its giving error
  “InfoPath either cannot connect to the data source, the service has timed out, or the server has an invalid certificate.”
  Please guide how to use “HTTPS with Client Authentication” option, and what all configuration need to apply in XI & in third party to use this.
  Regards

  Rohan,
  With spy you can trace the entire route, since you are using client authentication using certificate, it would be a better option to verify with the certificate.
  You also have the option of using a username/pwd combo though that is not advocated as it lowers security levels and is permeable to passive sniffing.
  So the answer to your question is yes, after importing the certificate with sender and third party reciever a test would reveal the complete scenario along with any issues that you could encounter..
  Regards
  Ravi Raman