Webservice without HTTP Authentication
Dear people,
I need to create a webservice using a function module (SE80 --> webservice wizard).
But when I create this webservice it has a username and password so I need to create it without a username and password.
How can I create it without any authentication?
Thanks!!!
[more info|http://help.sap.com/saphelp_erp2004/helpdata/EN/a0/da0710b6560a4e80fb94f3f712dfc0/content.htm]
[more and more info|http://help.sap.com/saphelp_erp2004/helpdata/EN/13/bcd0f61583be4a9cd835918e5673e1/content.htm]
Similar Messages
-
Webservice with HTTP authentication
Hi,
how do i supply the userid an password for a http authenticated webservice. I already choose the option for http authentication on the security tab on the logical port.
Alos tried to find it in the Visual Admin to the server but i am stuck.
Greetings Danny.There are two ways to do this
<b>Option 1: Hard code the Username/Password</b>
For this, use the method _setUser and _setPassword.
These are methods for your model class Request_<WebService>_PortType.... (the model class for the webservice). I invoked these methods in the wdDoInit method of the component controller class.
For example, i imported the WSDL for the RFC SXMB_GET_MESSAGE_LIST and used it like this:
Request_SXMB_GET_MESSAGE_LISTPortType_SXMB_GET_MESSAGE_LIST oRequest =
new Request_SXMB_GET_MESSAGE_LISTPortType_SXMB_GET_MESSAGE_LIST();
oRequest._setUser("bcuser");
oRequest._setPassword("password");
<b>Option 2: Use HTTP Destinations</b>
Open Visual Administrator and goto node Services, Destination Service. Create a HTTP destination with the URL of the webservice, maybe choose basic authentication and give the username / password. Now, you could use this HTTP destination in the component controller class. Even though there is a method _setHTTPDestinationName, this did not work for me. I had to write the following code to retrieve the URL, username, password from the HTTP destination
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import java.net.HttpURLConnection;
InitialContext ctx ;
Object obj;
DestinationService dstService;
Destination destination;
HTTPDestination httpDestination ;
HttpURLConnection httpurlconnection = null;
Properties destprop = null;
String url = "";
String username = "";
String password = "";
ctx = new InitialContext();
obj = ctx.lookup(DestinationService.JNDI_KEY);
dstService = (DestinationService) obj;
destination = dstService.getDestination("HTTP","NC_IS");
destprop = destination.getDestinationProperties();
httpDestination = (HTTPDestination) destination;
url = httpDestination.getUrl();
username = destprop.getProperty("USERNAME");
password = destprop.getProperty("PASSWORD");
(I know the java code sucks and the purists will hang me; nevertheless it works)
Besides the code, you need to do the following as well:
(1) In the Package explorer, select your project, right click, cick on "Set Additional Libraries.."
(2) Select security.class and tc/sec/destinations/interface
(3) Click on menu Project > Properties, goto Webdynpro refereces node in the tree and add the following
(a) Interface References: tcsecdestinations~interface
(b) Service References: tcsecdestinations~service
All the best, try option 1 first before you embark on the second one.
Regards, Parag. -
HTTPs without client authentication, error while posting through Altova
Hi Experts
I am doing a SOAP- XI-Proxy synchronous scenario where i have to use HTTPs without client authentication for the first time in my system.
I have made the scenario and WSDL out of it.
When i am trying to test it through Altova, i am getting the following error:
<?xml version="1.0"?>
<!-- see the documentation -->
<SOAP:Envelope xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP:Body>
<SOAP:Fault>
<faultcode>SOAP:Server</faultcode>
<faultstring>Server Error</faultstring>
<detail>
<s:SystemError xmlns:s="http://sap.com/xi/WebService/xi2.0">
<context>XIAdapter</context>
<code>ADAPTER.JAVA_EXCEPTION</code>
<text><![CDATA[
java.security.AccessControlException: https scheme required
at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.process(XISOAPAdapterBean.java:918)
at com.sap.aii.af.mp.module.ModuleLocalLocalObjectImpl0_3.process(ModuleLocalLocalObjectImpl0_3.java:103)
at com.sap.aii.af.mp.ejb.ModuleProcessorBean.process(ModuleProcessorBean.java:296)
at com.sap.aii.af.mp.processor.ModuleProcessorLocalLocalObjectImpl0_0.process(ModuleProcessorLocalLocalObjectImpl0_0.java:103)
at com.sap.aii.af.mp.soap.web.MessageServlet.callModuleProcessor(MessageServlet.java:187)
at com.sap.aii.af.mp.soap.web.MessageServlet.doPost(MessageServlet.java:496)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1060)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
]]></text>
</s:SystemError>
</detail>
</SOAP:Fault>
</SOAP:Body>
</SOAP:Envelope>
i saw a few discussion on web but nowhere the solution was provided.
the url is
http://abc.sap.point:1234/XISOAPAdapter/MessageServlet?channel=:system:communicationchannel&version=3.0&Sender.Service=x&Interface=x%5Ex
i changed it to https also but in that case it was not even posting the request.
i have set the sender adapter like this
is there any setting that i am missing.
What is the setting the i need to do in SM59.
Please help me getting through this.
Your help is highly appreciated. Thanks in advance.
NehaHI Neha,
1. Enable the https service in the ICM: you can follow the way to do it like is pointed out in the page 4 of this document (PI 7.1 and PI 7.0 has the same smicm abap transaction) http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/60ff2883-70c5-2c10-f090-a744def2ba66?overridelayout=t…
2. Generate the certificate. Use the STRUST transaction. Chech this document SSL Configuration in SAP ABAP AS and JAVA AS – Step-by-step procedure
Hope this helps.
Regards. -
HTTPS Without client authentication shows error of Certificate
Hi Experts,
I am trying to develop a SOAP to RFC scenario where in SOAP sender HTTP security level - HTTPS Without Client Authentication is selected.
I have downloaded WSDL from Sender agreement and trying to test web service from SOAPUI. Now as per my understanding simply placing request to HTTPS:<host>:<port>:XISOAPAdapter/.... with correct user should work and this scenario shouldn't need any certificates.
However in SOAPUI and even in RWB SOAP Sender, I am receiving error that - Client Certificate required.
Any comments on why would it be happening ? In fact whatever option in HTTP Security level I select, error remains same. In NWA is there any other configuration to be done to make this work ?
Is below understanding right ?
-- >> HTTPS Without client authentication will not need certificate exchange and simply user authentication will do
Thanks..
regards,
Omkar.Hello Omkar,
What you are trying to do is Consume a SOAP->RFC scenario (synchronous) from SOAP UI and you want that to be secure. With this requirement, just having the certificates alone is not sufficient (sorry for late response..i just came across this post when i was searching something else )
1)How did you generate the certificate and the private key? Because Key Generation plays a Big Part in it. The Key should have been signed by a CA. Though its not signed by a CA, a trick which would work is, at the time of Key generation, provide the Organization Name as SAP Trust Community and Country as DE.
2) At the time of Key Generation definitely it shall ask for a password. You remember that.
3) Export the Private Key as PCKS12 format and the certificate as Base64 format and have it in your local system, (shall be used later in SOAP UI and NWA)
Here follows the major part
4) Open NWA and go to Configuration Management->Authentication
5) Go to Properties Taband click Modify
6) Under Logon Application select the check box "Enable Showing Certificate Logon URL Link on Logon Page" and save it.
7) Now go to the Components Tab.
8) Search for client_cert Policy Configuration name and Edit it it. Make sure the following Login Modules are maintained in the same Order
==> Name: com.sap.engine.services.security.server.jaas.ClientCertLoginModule
Flag : Sufficient
==> Name: BasicPasswordLoginModule
Flag: Optional
9) Now Select the name com.sap.engine.services.security.server.jaas.ClientCertLoginModule and you can see lots of entries under the Login Module Options. Remove them all and add anew entry (case sensitive). Save it.
==>Name: Rule1.getUserFrom
value : wholeCert
10) Now search for the Policy Configuration name sap.com/com.sap.aii.adapter.soap.app*XISOAPAdapter
and edit it.
11) Under the Authentication stack select the template client_cert against the used template label. and save it
12)If you are using AXIS Adapter, do the steps 11 for the Policy Configuration name sap.com/com.sap.aii.axis.app*XIAxisAdapter.
13) Now in NWA navigate to Operation management->Identity Management
14) Search for the user PIISUSER (or any user id which you thing has good amount of authorizations to access the service)
15)Click Modify and go to the TAB Certificates and upload the certificate (not the private key) which you downloaded in step 3.
16) With this setup what you have done is you have created proper certificate, enabled certificate based logon for SOAP and AXIS adapter and associated the certificate with a user id.
17) usually in Dual stack PI, we will have the same certificate added to the server pse in strustsso2 tcode. But since its single stack, just make sure in the cert and keys you add this certificate to teh Trusted CAs and also to the Server Keystore.
18) Now in SOAP UI Right Click on the Project Name->Select Show Project View->Under the WS Security Configurations->Go to Keystore and certificates and add the Private Key
19) In SOAP UI under the operation name, in the Request, in stead of providing user credentials, choose the private key name against the SSL Keystore entry.
20) Before you execute the scenario make sure you have chosen the HTTPS url and https port is proper. Usually its 443, but some customers configure their own port.
Scenario should work now. Else if you track it using XPI Inspector, you can find out easily at which step it has gone wrong.
Good Luck!!
Best Regards,
Sundar -
HTTPS without client authentication
Hi Friends,
In SOAP adapter, we have three options for HTTP
HTTP without SSL
HTTP with SSL (= HTTPS) without client authentication
HTTP with SSL (= HTTPS) with client authentication
Please let me know if I use "HTTP with SSL (= HTTPS) without client authentication" , is it Transport Layer Sceurity of Message level Security?
Please answer only if you are confident. No guess please!!!
Thanks,
Sandeep MauryaHi,
Please let me know if I use "HTTP with SSL (= HTTPS) without client authentication" , is it Transport Layer Sceurity or Message level Security?
HTTPS is used to encrypt the traffic between the client and the Web server. SSL encrypt the segments of network connections at the Transport Layer end-to-end.
Don't get confused with the Client Authentication (with / without), as SSL is already being used in both the forms and the network is secured.
Regards,
Neetesh -
Weblogic HTTP Authentication on 11g webservice
Hi all
We are recently migrating webservice from 10g to 11g, but keep 10g client use for connecting the new 11g interface. Due to previous technical limitation, the 10g client is found failed to connect 11g and thus we built a middleware between them. The webservice server side (11g) is protected with HTTP authentication on weblogic and we found that both 11g client and the middleware can connect the server side successfully authenticated. Only when we use the 10g to connect the middleware, server side blocks the transaction with error code 401 unauthorized. Can everybody know any tricks behind, thanks.
11g ws client -----> [HTTP AUTH] --------> 11g server side [ OK ]
Middleware -> 11g ws client ------> [HTTP AUTH] -------> 11g server side [ OK ]
10g client --------> Middleware -> 11g ws client ------> [HTTP AUTH] -------> 11g server side [ FAILED ]
Cheers
Chris
Edited by: Nexus Chris on Dec 17, 2012 10:13 AM
Edited by: Nexus Chris on Dec 17, 2012 10:13 AMHi,
guess this is the wrong forum and you should post this question on the WLS or SOA forum here on OTN. I imagine that the two services a different in the way that 10g is JAX-RCP and 11g uses JAX-WS. Anyway, the two forums I mentioned may be best to get this sorted
Frank -
Generating Webservice using HTTPS in XI.
Hi Experts,
I have generated webservice in XI using http , and i have tested using infopath soap client, its working fine. I have generated webservice in XI using htpps using the same scenario, when i am testing using infopath as soap client and tested, its giving error, request is not hitting the XI system at all. do i need to configure any certificate in infopath or in XI server, please can anyone advice. i have configured HPPTS without client authentication in SOAP adapter.
Thanks,
DhanushHi Experts,
I am not able to get exact answer after reading the sap.help.com, sap notes.
My scenario is RFC < ---> SOAP ( webservice) , i have generated webservice with the HTTPS and secured port of XI, When i copy and past in IE browser, its showing status is OK, but request is not hitting the XI system. what are things to be taken care at soap client and XI server side, do i need to install any certificats at client side or server side. please advice me.
Thanks,
Siva -
Running WebService using already authenticated user
Hi,
I am using as a base, the Avitek Medical Records application.
I log into the patient web app, by using the username "[email protected]". I can see with that the Security subject has been created with that principal.
Then I go to another web app, in another ear: Physician. From there I sent the username to the WebService in order that WebService run with the Subject of that already logged in user.
My problem is: it does not accept only a username, with NO password.
QUESTION: Is there a way to run a WebService using the username if that user is already logged in the realm, without re-authenticating him.
Here is an excerpt of my web service client code:
...webservice client {
WebServiceSession session = serviceContext.getSession();
UserInfo ui = new UserInfo(bup);
session.setAttribute(WSSEClientHandler.REQUEST_USERINFO, ui);
// Add the username token to the SOAP header.
SecurityElementFactory factory = SecurityElementFactory.getDefaultFactory();
Security security = factory.createSecurity(null);
security.addToken(ui);
session.setAttribute(WSSEClientHandler.REQUEST_SECURITY, security);
Here is an excerpt of my WebService server method, in order to see under which Principal it is run:
...webserviceMethod() {
javax.security.auth.Subject subject = Security.getCurrentSubject();
logger.info("WebService Subject =" + SubjectUtils.displaySubject(subject));
logger.info("WebService Subject username=" + SubjectUtils.getUsername(subject));
RESULTS 1
If I do NOT have any <security> branch in my web-services.xml, here is the exception I get:
Got a Web Service Request at URL: '/ws_medrec/MedRecWebServices' for web service 'null'
Got a Web Service Request at URL: '/MedRecWebServices' for web service 'MedRecWebServices'
INFO [10:48:08] (PhysicianSessionEJB.java:setSessionContext:68) - Client W.S. - Active BUP used to login to remote WebService: [email protected]
INFO [10:48:08] (PhysicianSessionEJB.java:searchPatientsByLastNameWild:250) - By wildcard last name.
<!-------------------- REQUEST FROM CLIENT ---------------->
URL : http://localhost:7001/ws_medrec/MedRecWebServices
Headers :
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://ww
w.w3.org/2001/XMLSchema"><env:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" env:mustUnderstand="1"><wsse:UsernameToken xmlns:wsu=
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-oKOBR7i21PQ9mvvOSj5lFtKH"><wsse:Username>[email protected]</wsse:Username></wsse:UsernameToken></wsse:Se></env:Header><env:Body env:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><m:findPatientByLastNameWild xmlns:m="http://tempuri.org/"><lastName xsi:type="xsd:string">Couples</lastName></m:findPatientByLastNameWild></env:Body></env:Envelope>
<!-------------------- END REQUEST FROM CLIENT ------------>
Got a Web Service Request at URL: '/ws_medrec/MedRecWebServices' for web service 'null'
Got a Web Service Request at URL: '/MedRecWebServices' for web service 'MedRecWebServices'
<!--REQUEST TO SERVER.................-->
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<env:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
env:mustUnderstand="1">
<wsse:UsernameToken xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Id-oKOBR7i21PQ9mvvOSj5lFtKH">
<wsse:Username xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">[email protected]</wsse:Username>
</wsse:UsernameToken>
</wsse:Security>
</env:Header>
<env:Body env:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<m:findPatientByLastNameWild xmlns:m="http://tempuri.org/">
<lastName xsi:type="xsd:string">Couples</lastName>
</m:findPatientByLastNameWild>
</env:Body>
</env:Envelope>
<!--RESPONSE FROM SERVER.................-->
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<env:Body>
<env:Fault>
<faultcode>env:Server</faultcode>
<faultstring>Exception during processing: javax.xml.soap.SOAPException: Unable to handle mustUnderstand header: wsse:Security (see Fault Detail for stacktrace)</faultstring>
<detail>
<bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">javax.xml.soap.SOAPException: Unable to handle mustUnderstand header: wsse:Security
at weblogic.webservice.core.DefaultMessage.checkMustUnderstand(DefaultMessage.java:415)
at weblogic.webservice.core.DefaultMessage.implicitHeaderToJava(DefaultMessage.java:374)
at weblogic.webservice.core.DefaultMessage.toJava(DefaultMessage.java:436)
at weblogic.webservice.core.handler.InvokeHandler.handleRequest(InvokeHandler.java:93)
at weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:143)
at weblogic.webservice.core.DefaultOperation.process(DefaultOperation.java:535)
at weblogic.webservice.server.Dispatcher.process(Dispatcher.java:204)
at weblogic.webservice.server.Dispatcher.doDispatch(Dispatcher.java:176)
at weblogic.webservice.server.Dispatcher.dispatch(Dispatcher.java:96)
at weblogic.webservice.server.WebServiceManager.dispatch(WebServiceManager.java:98)
at weblogic.webservice.server.servlet.WebServiceServlet.serverSideInvoke(WebServiceServlet.java:297)
at weblogic.webservice.server.servlet.ServletBase.doPost(ServletBase.java:485)
at weblogic.webservice.server.servlet.WebServiceServlet.doPost(WebServiceServlet.java:267)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:996)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:419)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:315)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6452)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3661)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2630)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)
</bea_fault:stacktrace>
</detail>
</env:Fault>
</env:Body>
</env:Envelope><!-------------------- RESPONSE TO CLIENT --------------->
URL : http://localhost:7001/ws_medrec/MedRecWebServices
Response Code :500
Headers :
Date=Thu, 07 Oct 2004 14:48:08 GMT
Server=WebLogic Server 8.1 SP3 Tue Jun 29 23:11:19 PDT 2004 404973
Content-Length=2817
Content-Type=text/xml
Connection=Keep-Alive
Envelope :
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://ww
w.w3.org/2001/XMLSchema"><env:Body><env:Fault><faultcode>env:Server</faultcode><faultstring>Exception during processing: javax.xml.soap.SOAPException: Unable to handle mustUnderstand header: wsse:Secu
rity (see Fault Detail for stacktrace)</faultstring><detail><bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">javax.xml.soap.SOAPException: Unable to hand
le mustUnderstand header: wsse:Security
at weblogic.webservice.core.DefaultMessage.checkMustUnderstand(DefaultMessage.java:415)
at weblogic.webservice.core.DefaultMessage.implicitHeaderToJava(DefaultMessage.java:374)
at weblogic.webservice.core.DefaultMessage.toJava(DefaultMessage.java:436)
at weblogic.webservice.core.handler.InvokeHandler.handleRequest(InvokeHandler.java:93)
at weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:143)
at weblogic.webservice.core.DefaultOperation.process(DefaultOperation.java:535)
at weblogic.webservice.server.Dispatcher.process(Dispatcher.java:204)
at weblogic.webservice.server.Dispatcher.doDispatch(Dispatcher.java:176)
at weblogic.webservice.server.Dispatcher.dispatch(Dispatcher.java:96)
at weblogic.webservice.server.WebServiceManager.dispatch(WebServiceManager.java:98)
at weblogic.webservice.server.servlet.WebServiceServlet.serverSideInvoke(WebServiceServlet.java:297)
at weblogic.webservice.server.servlet.ServletBase.doPost(ServletBase.java:485)
at weblogic.webservice.server.servlet.WebServiceServlet.doPost(WebServiceServlet.java:267)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:996)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:419)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:315)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6452)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3661)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2630)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)
</bea_fault:stacktrace></detail></env:Fault></env:Body></env:Envelope>
<!-------------------- END RESPONSE TO CLIENT ----------->
ERROR [10:48:08] (PhysicianSessionEJB.java:searchPatientsByLastNameWild:272) - SOAP Fault:javax.xml.rpc.soap.SOAPFaultException: Exception during processing: javax.xml.soap.SOAPException: Unable to ha
ndle mustUnderstand header: wsse:Security (see Fault Detail for stacktrace)
Detail:
<detail>
<bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">javax.xml.soap.SOAPException: Unable to handle mustUnderstand header: wsse:Security
at weblogic.webservice.core.DefaultMessage.checkMustUnderstand(DefaultMessage.java:415)
at weblogic.webservice.core.DefaultMessage.implicitHeaderToJava(DefaultMessage.java:374)
at weblogic.webservice.core.DefaultMessage.toJava(DefaultMessage.java:436)
at weblogic.webservice.core.handler.InvokeHandler.handleRequest(InvokeHandler.java:93)
at weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:143)
at weblogic.webservice.core.DefaultOperation.process(DefaultOperation.java:535)
at weblogic.webservice.server.Dispatcher.process(Dispatcher.java:204)
at weblogic.webservice.server.Dispatcher.doDispatch(Dispatcher.java:176)
at weblogic.webservice.server.Dispatcher.dispatch(Dispatcher.java:96)
at weblogic.webservice.server.WebServiceManager.dispatch(WebServiceManager.java:98)
at weblogic.webservice.server.servlet.WebServiceServlet.serverSideInvoke(WebServiceServlet.java:297)
at weblogic.webservice.server.servlet.ServletBase.doPost(ServletBase.java:485)
at weblogic.webservice.server.servlet.WebServiceServlet.doPost(WebServiceServlet.java:267)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:996)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:419)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:315)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6452)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3661)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2630)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)
</bea_fault:stacktrace>
</detail>; nested exception is:
javax.xml.rpc.soap.SOAPFaultException: Exception during processing: javax.xml.soap.SOAPException: Unable to handle mustUnderstand header: wsse:Security (see Fault Detail for stacktrace)
java.rmi.RemoteException: SOAP Fault:javax.xml.rpc.soap.SOAPFaultException: Exception during processing: javax.xml.soap.SOAPException: Unable to handle mustUnderstand header: wsse:Security (see Fault
Detail for stacktrace)
Detail:
<detail>
<bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">javax.xml.soap.SOAPException: Unable to handle mustUnderstand header: wsse:Security
at weblogic.webservice.core.DefaultMessage.checkMustUnderstand(DefaultMessage.java:415)
at weblogic.webservice.core.DefaultMessage.implicitHeaderToJava(DefaultMessage.java:374)
at weblogic.webservice.core.DefaultMessage.toJava(DefaultMessage.java:436)
at weblogic.webservice.core.handler.InvokeHandler.handleRequest(InvokeHandler.java:93)
at weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:143)
at weblogic.webservice.core.DefaultOperation.process(DefaultOperation.java:535)
at weblogic.webservice.server.Dispatcher.process(Dispatcher.java:204)
at weblogic.webservice.server.Dispatcher.doDispatch(Dispatcher.java:176)
at weblogic.webservice.server.Dispatcher.dispatch(Dispatcher.java:96)
at weblogic.webservice.server.WebServiceManager.dispatch(WebServiceManager.java:98)
at weblogic.webservice.server.servlet.WebServiceServlet.serverSideInvoke(WebServiceServlet.java:297)
at weblogic.webservice.server.servlet.ServletBase.doPost(ServletBase.java:485)
at weblogic.webservice.server.servlet.WebServiceServlet.doPost(WebServiceServlet.java:267)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:996)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:419)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:315)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6452)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3661)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2630)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)
</bea_fault:stacktrace>
</detail>; nested exception is:
javax.xml.rpc.soap.SOAPFaultException: Exception during processing: javax.xml.soap.SOAPException: Unable to handle mustUnderstand header: wsse:Security (see Fault Detail for stacktrace)
at com.bea.medrec.webservices.MedRecWebServicesPort_Stub.findPatientByLastNameWild(MedRecWebServicesPort_Stub.java:87)
at com.bea.medrec.controller.PhysicianSessionEJB.searchPatientsByLastNameWild(PhysicianSessionEJB.java:260)
at com.bea.medrec.controller.PhysicianSessionEJB.searchPatients(PhysicianSessionEJB.java:225)
at com.bea.medrec.controller.PhysicianSessionEJB_n7enxc_EOImpl.searchPatients(PhysicianSessionEJB_n7enxc_EOImpl.java:254)
at com.bea.medrec.actions.SearchResultsAction.processSearch(SearchResultsAction.java:117)
at com.bea.medrec.actions.SearchResultsAction.search(SearchResultsAction.java:88)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:280)
at org.apache.struts.actions.LookupDispatchAction.execute(LookupDispatchAction.java:252)
at com.bea.medrec.actions.BaseLookupDispatchAction.execute(BaseLookupDispatchAction.java:59)
at com.bea.medrec.actions.PhysBaseLookupDispatchAction.execute(PhysBaseLookupDispatchAction.java:50)
at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484)
at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274)
at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:996)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:419)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:28)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
at com.bea.medrec.filters.RequestEncodingFilter.doFilter(RequestEncodingFilter.java:44)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6458)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3661)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2630)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)
Caused by: javax.xml.rpc.soap.SOAPFaultException: Exception during processing: javax.xml.soap.SOAPException: Unable to handle mustUnderstand header: wsse:Security (see Fault Detail for stacktrace)
at weblogic.webservice.core.ClientDispatcher.receive(ClientDispatcher.java:313)
at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:144)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:443)
at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:290)
at com.bea.medrec.webservices.MedRecWebServicesPort_Stub.findPatientByLastNameWild(MedRecWebServicesPort_Stub.java:82)
... 32 more
ERROR [10:48:08] (BaseLookupDispatchAction.java:throwClientException:199) - EJB Exception: ; nested exception is:
javax.ejb.EJBException: nested exception is: java.rmi.RemoteException: SOAP Fault:javax.xml.rpc.soap.SOAPFaultException: Exception during processing: javax.xml.soap.SOAPException: Unable to ha
ndle mustUnderstand header: wsse:Security (see Fault Detail for stacktrace)
Detail:
<detail>
<bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">javax.xml.soap.SOAPException: Unable to handle mustUnderstand header: wsse:Security
at weblogic.webservice.core.DefaultMessage.checkMustUnderstand(DefaultMessage.java:415)
at weblogic.webservice.core.DefaultMessage.implicitHeaderToJava(DefaultMessage.java:374)
at weblogic.webservice.core.DefaultMessage.toJava(DefaultMessage.java:436)
at weblogic.webservice.core.handler.InvokeHandler.handleRequest(InvokeHandler.java:93)
at weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:143)
at weblogic.webservice.core.DefaultOperation.process(DefaultOperation.java:535)
at weblogic.webservice.server.Dispatcher.process(Dispatcher.java:204)
at weblogic.webservice.server.Dispatcher.doDispatch(Dispatcher.java:176)
at weblogic.webservice.server.Dispatcher.dispatch(Dispatcher.java:96)
at weblogic.webservice.server.WebServiceManager.dispatch(WebServiceManager.java:98)
at weblogic.webservice.server.servlet.WebServiceServlet.serverSideInvoke(WebServiceServlet.java:297)
at weblogic.webservice.server.servlet.ServletBase.doPost(ServletBase.java:485)
at weblogic.webservice.server.servlet.WebServiceServlet.doPost(WebServiceServlet.java:267)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:996)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:419)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:315)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6452)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3661)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2630)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)
</bea_fault:stacktrace>
</detail>; nested exception is:
javax.xml.rpc.soap.SOAPFaultException: Exception during processing: javax.xml.soap.SOAPException: Unable to handle mustUnderstand header: wsse:Security (see Fault Detail for stacktrace)
ERROR [10:48:08] (BaseLookupDispatchAction.java:handleException:219) - java.rmi.RemoteException: EJB Exception: ; nested exception is:
javax.ejb.EJBException: nested exception is: java.rmi.RemoteException: SOAP Fault:javax.xml.rpc.soap.SOAPFaultException: Exception during processing: javax.xml.soap.SOAPException: Unable to ha
ndle mustUnderstand header: wsse:Security (see Fault Detail for stacktrace)
Detail:
<detail>
<bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">javax.xml.soap.SOAPException: Unable to handle mustUnderstand header: wsse:Security
at weblogic.webservice.core.DefaultMessage.checkMustUnderstand(DefaultMessage.java:415)
at weblogic.webservice.core.DefaultMessage.implicitHeaderToJava(DefaultMessage.java:374)
at weblogic.webservice.core.DefaultMessage.toJava(DefaultMessage.java:436)
at weblogic.webservice.core.handler.InvokeHandler.handleRequest(InvokeHandler.java:93)
at weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:143)
at weblogic.webservice.core.DefaultOperation.process(DefaultOperation.java:535)
at weblogic.webservice.server.Dispatcher.process(Dispatcher.java:204)
at weblogic.webservice.server.Dispatcher.doDispatch(Dispatcher.java:176)
at weblogic.webservice.server.Dispatcher.dispatch(Dispatcher.java:96)
at weblogic.webservice.server.WebServiceManager.dispatch(WebServiceManager.java:98)
at weblogic.webservice.server.servlet.WebServiceServlet.serverSideInvoke(WebServiceServlet.java:297)
at weblogic.webservice.server.servlet.ServletBase.doPost(ServletBase.java:485)
at weblogic.webservice.server.servlet.WebServiceServlet.doPost(WebServiceServlet.java:267)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:996)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:419)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:315)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6452)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3661)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2630)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)
</bea_fault:stacktrace>
</detail>; nested exception is:
javax.xml.rpc.soap.SOAPFaultException: Exception during processing: javax.xml.soap.SOAPException: Unable to handle mustUnderstand header: wsse:Security (see Fault Detail for stacktrace)
INFO [10:48:08] (BaseLookupDispatchAction.java:handleException:221) - Redirect link: search.do
RESULTS 2
If I DO have the following minimal <security> branch in my web-services.xml, here is the exception I get:
<security>
<spec:SecuritySpec xmlns:spec="http://www.openuri.org/2002/11/wsse/spec" spec:Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" spec:Id="default-spec"/>
</security>
Got a Web Service Request at URL: '/ws_medrec/MedRecWebServices' for web service 'null'
Got a Web Service Request at URL: '/MedRecWebServices' for web service 'MedRecWebServices'
INFO [11:53:35] (PhysicianSessionEJB.java:setSessionContext:68) - Client W.S. - Active BUP used to login to remote WebService: [email protected]
INFO [11:53:35] (PhysicianSessionEJB.java:searchPatientsByLastNameWild:250) - By wildcard last name.
<!-------------------- REQUEST FROM CLIENT ---------------->
URL : http://localhost:7001/ws_medrec/MedRecWebServices
Headers :
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://ww
w.w3.org/2001/XMLSchema"><env:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" env:mustUnderstand="1"><wsse:UsernameToken xmlns:wsu=
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-bnFSHAnkYUKUr4i8BsQbAx0s"><wsse:Username>[email protected]</wsse:Username></wsse:UsernameToken></wsse:Se></env:Header><env:Body env:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><m:findPatientByLastNameWild xmlns:m="http://tempuri.org/"><lastName xsi:type="xsd:string">Couples</lastName></m:findPatientByLastNameWild></env:Body></env:Envelope>
<!-------------------- END REQUEST FROM CLIENT ------------>
Got a Web Service Request at URL: '/ws_medrec/MedRecWebServices' for web service 'null'
Got a Web Service Request at URL: '/MedRecWebServices' for web service 'MedRecWebServices'
<!-------------------- RESPONSE TO CLIENT --------------->
URL : http://localhost:7001/ws_medrec/MedRecWebServices
Response Code :500
Headers :
Date=Thu, 07 Oct 2004 15:53:35 GMT
Server=WebLogic Server 8.1 SP3 Tue Jun 29 23:11:19 PDT 2004 404973
Content-Length=491
Content-Type=text/xml
Connection=Keep-Alive
Set-Cookie=JSESSIONID=Blm1Ncy2gmJKwhQm1Zn5x7zdn7xFRgYy12Jv1Y6p2l4FDxXkv0wL!407980274; path=/
Envelope :
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://ww
w.w3.org/2001/XMLSchema"><env:Body><env:Fault xmlns:fault="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><faultcode>fault:Hi Frank,
thanks for the quick reply. I got the code for how to use FacesContext...but where should i implement the code? do i have to create a backing bean or something? how to use a backing bean if i have to display the same information across every page during a session? where, for example, should i use the following code fragment?
FacesContext fc = FacesContext.getCurrentInstance();
ExternalContext ec = fc.getExternalContext();
userName = ec.getRemoteUser();
Please explain how to go about it. thanks -
Invoking Webservice over HTTPS
Hi all,
I'm using Weblogic 9.2 with default configuration of Keystore & SSL. The webservice client is generated using 'Clientgen' Ant task, I can invoke the webservice using http without problem, but when using https it's always rejected, basically I'm not sure what system properties to put for the client, here's my last desperate attempt:
System.setProperty("weblogic.webservice.verbose", "true");
System.setProperty("java.protocol.handler.pkgs", "weblogic.net");
System.setProperty("weblogic.security.SSL.trustedCAKeyStore", "config/DemoIdentity.jks");
System.setProperty("weblogic.security.SSL.ignoreHostnameVerification", "true");
System.setProperty("weblogic.security.SSL.TrustKeyStore", "DemoTrust");
System.setProperty("weblogic.webservice.client.ssl.strictcertchecking", "false");
System.setProperty("ssl.debug", "true");
PaymentGateway service = new PaymentGateway_Impl();
PaymentGatewayPort port = service.getPaymentGatewayPort();
Stub.class.cast(port)._setProperty(Stub.ENDPOINT_ADDRESS_PROPERTY, "https://192.168.56.3:7002/ws/PaymentGateway?WSDL");
Stub.class.cast(port)._setProperty(Stub.USERNAME_PROPERTY, "weblogic");
Stub.class.cast(port)._setProperty(Stub.PASSWORD_PROPERTY, "weblogic");
ISODocument isoDoc = new ISODocument();
isoDoc.setMti(new Integer(200));
port.balanceInquery(isoDoc);And here's the exception thrown in client:
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: SSL license found
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Not in server, Certicom SSL license found
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Ignoring not supported JCE Mac: SunJCE version 1.5 for algorithm HmacSHA1
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Will use default Mac for algorithm HmacSHA1
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Ignoring not supported JCE Mac: SunJCE version 1.5 for algorithm HmacMD5
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Will use default Mac for algorithm HmacMD5
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Ignoring not supported JCE KeyAgreement: SunJCE version 1.5 for algorithm DiffieHellman
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Will use default KeyAgreement for algorithm DiffieHellman
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Will use default KeyAgreement for algorithm ECDH
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm DESede/CBC/NoPadding
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm DES/CBC/NoPadding
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm AES/CBC/NoPadding
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm RC4
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm RSA
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm RSA/ECB/NoPadding
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: SSL Session TTL :90000
<!-------------------- REQUEST FROM CLIENT ---------------->
URL : https://192.168.56.3:7002/ws/PaymentGateway?WSDL
Headers :
Authorization: [Basic d2VibG9naWM6d2VibG9naWM=]
SOAPAction: [""]
Content-Type: [text/xml]
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><env:Header></env:Header><env:Body env:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><m:balanceInquery xmlns:m="http://www.telkomsel.com/PaymentGateway"><iSODocument xmlns:n1="java:com.visitek.pgi.models" xsi:type="n1:ISODocument"><amount xsi:nil="true"></amount><audit_number href="#ID_2"></audit_number><bank_code xsi:type="xsd:string">000151</bank_code><currency_code href="#ID_2"></currency_code><data href="#ID_2"></data><encrypted_pin href="#ID_2"></encrypted_pin><expiration_date href="#ID_2"></expiration_date><institution_code href="#ID_2"></institution_code><institution_data xsi:type="xsd:string">62812006002616</institution_data><local_tracking_id xsi:type="xsd:string">080722163229082127.0.0.1:9595</local_tracking_id><mti xsi:type="xsd:int">200</mti><network_information_code xsi:type="xsd:short">0</network_information_code><original_data_element href="#ID_2"></original_data_element><pan_null_true xsi:type="xsd:string">yes</pan_null_true><pos_entry href="#ID_2"></pos_entry><primary_acc_number xsi:nil="true"></primary_acc_number><response_code href="#ID_2"></response_code><response_terminal_number href="#ID_2"></response_terminal_number><service_code xsi:type="xsd:int">6016</service_code><settlement_date href="#ID_2"></settlement_date><terminal_number href="#ID_2"></terminal_number><transaction_code xsi:type="xsd:int">380000</transaction_code><transaction_data href="#ID_2"></transaction_data><transaction_date href="#ID_2"></transaction_date><transaction_sequence href="#ID_2"></transaction_sequence><transaction_time href="#ID_2"></transaction_time><transaction_timestamp href="#ID_2"></transaction_timestamp></iSODocument></m:balanceInquery><xsd:string xsi:type="xsd:string" id="ID_2"></xsd:string></env:Body></env:Envelope>
<!-------------------- END REQUEST FROM CLIENT ------------>
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Trusted CA keystore: config/DemoIdentity.jks
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Filtering JSSE SSLSocket
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: SSLIOContextTable.addContext(ctx): 24864323
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: SSLSocket will NOT be Muxing
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: write SSL_20_RECORD
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: isMuxerActivated: false
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: 25567987 SSL3/TLS MAC
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: 25567987 received HANDSHAKE
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: HANDSHAKEMESSAGE: ServerHello
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: isMuxerActivated: false
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: 25567987 SSL3/TLS MAC
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: 25567987 received HANDSHAKE
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: HANDSHAKEMESSAGE: Certificate
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Cannot complete the certificate chain: No trusted cert found
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Validating certificate 0 in the chain: Serial number: -151503846264256045339669576782538934945
Issuer:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=CertGenCAB
Subject:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=paymentd
Not Valid Before:Wed Mar 12 15:39:27 GMT+07:00 2008
Not Valid After:Mon Mar 13 15:39:27 GMT+07:00 2023
Signature Algorithm:MD5withRSA
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: validationCallback: validateErr = 16
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: cert[0] = Serial number: -151503846264256045339669576782538934945
Issuer:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=CertGenCAB
Subject:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=paymentd
Not Valid Before:Wed Mar 12 15:39:27 GMT+07:00 2008
Not Valid After:Mon Mar 13 15:39:27 GMT+07:00 2023
Signature Algorithm:MD5withRSA
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Warning> <Security> <BEA-090542> <Certificate chain received from 192.168.56.3 - 192.168.56.3 was not trusted causing SSL handshake failure. Check the certificate chain to determine if it should be trusted or not. If it should be trusted, then update the client trusted CA configuration to trust the CA certificate that signed the peer certificate chain. If you are connecting to a WLS server that is using demo certificates (the default WLS server behavior), and you want this client to trust demo certificates, then specify -Dweblogic.security.TrustKeyStore=DemoTrust on the command line for this client.>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <Validation error = 16>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <Certificate chain is untrusted>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <SSLTrustValidator returns: 16>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <Trust status (16): CERT_CHAIN_UNTRUSTED>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <NEW ALERT with Severity: FATAL, Type: 42
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:153)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:367)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
at weblogic.net.http.HttpURLConnection.getHeaderField(HttpURLConnection.java:705)
at java.net.URLConnection.getContentType(URLConnection.java:479)
at weblogic.webservice.binding.http11.Http11ClientBinding.receive(Http11ClientBinding.java:230)
at weblogic.webservice.core.handler.ClientHandler.handleResponse(ClientHandler.java:64)
at weblogic.webservice.core.HandlerChainImpl.handleResponse(HandlerChainImpl.java:238)
at weblogic.webservice.core.ClientDispatcher.receive(ClientDispatcher.java:246)
at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:147)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:473)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:459)
at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:306)
at com.visitek.pgi.client.PaymentGatewayPort_Stub.balanceInquery(PaymentGatewayPort_Stub.java:48)
at com.visitek.test.pg.TestPGWebservice.testWebserviceSSLInvocation(TestPGWebservice.java:70)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at junit.framework.TestCase.runTest(TestCase.java:164)
at junit.framework.TestCase.runBare(TestCase.java:130)
at junit.framework.TestResult$1.protect(TestResult.java:106)
at junit.framework.TestResult.runProtected(TestResult.java:124)
at junit.framework.TestResult.run(TestResult.java:109)
at junit.framework.TestCase.run(TestCase.java:120)
at junit.framework.TestSuite.runTest(TestSuite.java:230)
at junit.framework.TestSuite.run(TestSuite.java:225)
at org.eclipse.jdt.internal.junit.runner.junit3.JUnit3TestReference.run(JUnit3TestReference.java:130)
at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <write ALERT, offset = 0, length = 2>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <close(): 19097823>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read(offset=0, length=8192)>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read returns -1>
<!-------------------- RESPONSE TO CLIENT --------------->
URL : https://192.168.56.3:7002/ws/PaymentGateway?WSDL
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read(offset=0, length=8192)>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read returns -1>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read(offset=0, length=8192)>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read returns -1>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Info> <WebService> <BEA-220025> <Handler weblogic.webservice.core.handler.ClientHandler threw an exception from its handleResponse method. The exception was:
javax.xml.rpc.JAXRPCException: java.io.EOFException: Response contained no data.> I'm a total stranger to this HTTPS & SSL thing & I've googled around only to find partial answers. My plan is to use custom identity, but firstly I want to make sure that using the default works.
Any help would be greatly appreciated.
Regards,
SetyaWhy does it throw SSLKeyException: SSL handshake failure? I have printed the contents of DemoIdentity.jks and DemoTrust.jks files.Can you please find out what I need to do for it?
I added the following code ,but it did not help me to resolve this issue.
private static void callSSLService() {
System.setProperty("weblogic.webservice.verbose", "false");
System.setProperty("ssl.debug", "false");
// System.setProperty("weblogic.security.SSL.trustedCAKeyStore", "C:/bea/weblogic81/server/lib/DemoIdentity.jks");
System.setProperty("weblogic.security.SSL.trustedCAKeyStore", "C:/bea/weblogic81/server/lib/DemoTrust.jks");
System.setProperty("weblogic.security.SSL.ignoreHostnameVerification", "true");
System.setProperty("weblogic.webservice.client.ssl.strictcertchecking", "false");
SOAP Fault:javax.xml.rpc.soap.SOAPFaultException:
Exception during processing: javax.net.ssl.SSLKeyException: [Security:090477]Certificate chain received from servicemngr-ccc.tsl.xxxx.com - 142.xxx.xxx.xx was not trusted causing SSL handshake failure. (see Fault Detail for stacktrace)
Detail:
<detail><bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">javax.net.ssl.SSLKeyException: [Security:090477]Certificate chain received from servicemngr- com - 142.xxx.xxx.xx was not trusted causing SSL handshake failure.
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireException(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertSent(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:66)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:124)
at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:122)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:322)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:29)
at weblogic.net.http.HttpURLConnection.getResponseCode(HttpURLConnection.java:832)
at weblogic.webservice.binding.http11.Http11ClientBinding.receive(Http11ClientBinding.java:238)
at weblogic.webservice.core.handler.ClientHandler.handleResponse(ClientHandler.java:63)
at weblogic.webservice.core.HandlerChainImpl.handleResponse(HandlerChainImpl.java:237)
at weblogic.webservice.core.ClientDispatcher.receive(ClientDispatcher.java:243)
at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:144)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:471)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:303)
keytool -list -v -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase
keytool -list -v -keystore DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase
I executed keytool -list -v -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase, I got the following
C:\bea\weblogic81\server\lib>keytool -list -v -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase
Keystore type: jks
Keystore provider: SUN
Your keystore contains 1 entry
Alias name: demoidentity
Creation date: 21-Jan-2011
Entry type: keyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=L020658, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Issuer: CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Serial number: -657037958f4825551ebcae3bc2a3349c
Valid from: Thu Jan 20 09:56:28 PST 2011 until: Wed Jan 21 09:56:28 PST 2026
Certificate fingerprints:
MD5: 89:30:08:A6:5F:4F:05:83:D2:1D:B4:B3:EB:B3:CF:F2
SHA1: 1D:E1:1F:93:30:64:CD:DC:C4:60:78:12:23:55:25:FF:FD:19:6A:2B
I executed keytool -list -v -keystore DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase, I got the following
C:\bea\weblogic81\server\lib>keytool -list -v -keystore DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase
Keystore type: jks
Keystore provider: SUN
Your keystore contains 4 entries
Alias name: certgenca
Creation date: 22-Mar-2002
Entry type: trustedCertEntry
Owner: CN=CACERT, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Issuer: CN=CACERT, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Serial number: 33f10648fcde0deb4199921fd64537f4
Valid from: Thu Mar 21 12:12:27 PST 2002 until: Tue Mar 22 13:12:27 PDT 2022
Certificate fingerprints:
MD5: 8E:AB:55:50:A4:BC:06:F3:FE:C6:A9:72:1F:4F:D3:89
SHA1: E2:CB:88:9D:C5:09:F9:0A:AA:0D:3C:F6:75:7B:5F:1D:2B:A1:F7:F0
Alias name: wlsdemocanew2
Creation date: 24-Jan-2003
Entry type: trustedCertEntry
Owner: [email protected], CN=Demo Certificate Authority Constraints, OU=Security, O=BEA WebLogic, L=San Francisco, ST=California,
C=US
Issuer: [email protected], CN=Demo Certificate Authority Constraints, OU=Security, O=BEA WebLogic, L=San Francisco, ST=California
, C=US
Serial number: 0
Valid from: Fri Nov 01 12:02:22 PST 2002 until: Mon Oct 16 13:02:22 PDT 2006
Certificate fingerprints:
MD5: 5B:10:D5:3C:C8:53:ED:75:43:58:BF:D5:E5:96:1A:CF
SHA1: 4E:FB:1D:2F:58:EA:D4:0C:FC:2A:86:91:2D:43:4F:C1:79:D0:A6:4E
Alias name: wlsdemocanew1
Creation date: 24-Jan-2003
Entry type: trustedCertEntry
Owner: [email protected], CN=Demo Certificate Authority Constraints, OU=Security, O=BEA WebLogic, L=San Francisco, ST=California
, C=US
Issuer: [email protected], CN=Demo Certificate Authority Constraints, OU=Security, O=BEA WebLogic, L=San Francisco, ST=Californi
a, C=US
Serial number: 0
Valid from: Fri Nov 01 12:02:11 PST 2002 until: Mon Oct 16 13:02:11 PDT 2006
Certificate fingerprints:
MD5: A1:17:A1:73:9B:70:21:B9:72:85:4D:83:01:69:C8:37
SHA1: 84:13:A2:63:D6:74:75:3B:25:15:6F:62:8C:18:79:87:62:5B:9A:0C
Alias name: wlscertgencab
Creation date: 24-Jan-2003
Entry type: trustedCertEntry
Owner: CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Issuer: CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Serial number: 234b5559d1fa0f3ff5c82bdfed032a87
Valid from: Thu Oct 24 08:54:45 PDT 2002 until: Tue Oct 25 08:54:45 PDT 2022
Certificate fingerprints:
MD5: A2:18:4C:E0:1C:AB:82:A7:65:86:86:03:D0:B3:D8:FE
SHA1: F8:5D:49:A4:12:54:78:C7:BA:42:A7:14:3E:06:F5:1E:A0:D4:C6:59
******************************************* -
HTTPS authentication using SSL in SOAP Sender adapter
Hi,
We are currently doing a SOAP to RFC synchronous scenario in PI 7.0. Our client wants to ensure that the data security is maintained at the transport level. So, we have planned to implement the HTTPS without client authentication using SSL certificates. Our Basis team has promised us that they will take care of the cerficate generation and installation part in the server. Now i am confused at the PI communication channel setup level.
1) Do i have to specify the certificate installed path in the channel or in any other object ? If so, where do i have to configure the path ?
2) What is the exact path that has to be carried by a PI developer once the certificates are installed in the server ?
I have attached my communnication channel screenshot below,
http://i41.tinypic.com/mk49h.jpg
Please let me know what i have to configure in the Sender SOAP channel to receive data securely once the certificates are installed in the system.
Thanks & Regards,
Sherin Jose PHi,
1.for transport level security you should assign the HTTPS connection created in SM59 to the SOAP communication channel.
The HTTPS connection should use the certificates imported in t-code STRUST.
have you seen below thread,
SSL / X.509 In SOAP Sender/Receiver Adapter
Please go through below blog,
http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/b2e7020d-0d01-0010-269c-a98d3fb5d16c?overridelayout=true
http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/60ff2883-70c5-2c10-f090-a744def2ba66?QuickLink=index&overridelayout=true
http://help.sap.com/saphelp_nwpi71/helpdata/de/14/ef2940cbf2195de10000000a1550b0/content.htm
2. you nedd to check the message flow between the sender and receiver through PI .
regards,
ganesh. -
Adobe PDF Viewer X in Safari 5 not displaying documents protected by HTTP Authentication
I have the latest Adobe Reader X release (10.0.0) for Mac OS X 10.6 in Safari 5.0.3. The PDF Viewer is unable to display files hosted on directories protected by HTTP Authentication. The progress bar keeps spinning forever.
I've tried it on several Macs and various Apache web servers, with both Basic and Digest Authentification.
Adobe PDF Viewer running on Mac OS X 10.5 doesn't have this problem. Adobe PDF Viewer X running on Windows XP with Safari 5 doesn't either. So it is specific to the latest release for Mac OS X 10.6.
Any idea for a fix? I can't revert to a previous version of Reader since the older plug-in doesn't run in 64-bit Safari (the default on Snow Leopard) - please don't tell me to force Safari to run in 32-bit mode.
Is it at least a known bug that will be fixed soon?You mean disabling HTTP Authentication? Yes, of course. And it works without it. That's how I know that the cause of the problem is HTTP Authentication.
-
Expose IDoc as Webservice without PI/XI
Is it possible to expose an IDoc as an webservice without PI/XI?
I noticed there is a port called XML-HTTP. Does it use SOAP? Can i use this port for webservices.
Thanks.Hi,
Precisely.
Idoc is not a program but structure. You can create RFC which interact with this Idoc or related structure and then expose this RFC as webservice.
Regards,
Gourav -
Embedding basic http authentication credentials in JNLP file
I want to embed basic http authentication credentials in the JNLP file.
Basically, I want the jars to be behind basic http authentication in order to distribute the application only to authorized users (I understand this is not strong security, but it's fine for my purposes) who are all on Windows, and once the java app is initially installed, I never want to have to enter the http login credentials again.
So I set up the http authentication and in the jnlp file I have:
<jnlp
spec="1.5*"
codebase="http://username:[email protected]"
href="program.jnlp">
This doesn't seem to phase the JWS authenticator. So on the first launch from the desktop shortcut I put the credentials in manually and select "save this password in my password list". It seems like I'm in the clear as the next time I launch the application from a desktop shortcut I am not asked for any credentials, but every time the Windows machine is restarted, I get the JWS authenticator again...the password is no longer saved.
Is there a way to embed the username/password in the JNLP file to get past the JWS authenticator without having to retype the username and password every time the machine is restarted? Or to permanently save the password in the JWS authenticator password list? Or any other way to set it up where once the application is initially installed, the http authentication credentials never have to be manually entered again?
Thanks!Hi everybody,
I manage to do almost all (I suppose), but I need last help.
Through SM59 I created the HTTP Destination needed; then, I implemented the code given by SAP here:
http://help.sap.com/saphelp_47x200/helpdata/en/2d/64d053e74911d6b2e400508b6b8a93/content.htm
I ran the program, and it gives me the error: "Binder not found for soapAction = null.
I suppose that I should give the link to the soapAction, but I don't know where in the code.
Have you any idea?
Thanks and Regards,
Francesco -
Weblogic 8.1 Webservice Client Proxy Authentication not working
We have a desktop console based Weblogic webservices client application that uses client stubs to establish the connection and communicate with the server where the WSDL was hosted.
We are facing a problem in authenticating the Proxy user with valid credentials.
We are using the following code to set the system properties and Authenticator class to authenticate the proxy user.
//Code Segment #1
Code:
System.setProperty("http.proxyHost", proxyHost);System.setProperty("https.proxyHost", proxyHost);
System.setProperty("weblogic.webservice.transport.http.proxy.host",proxyHost);
System.setProperty("weblogic.webservice.transport.https.proxy.host",proxyHost);
System.setProperty("http.proxyPort", proxyPort);
System.setProperty("https.proxyPort", proxyPort);
System.setProperty("weblogic.webservice.transport.http.proxy.port",proxyPort);
System.setProperty("weblogic.webservice.transport.https.proxy.port",proxyPort);
//System.setProperty("http.proxyType", "basic");
//System.setProperty("https.proxyType", "basic");
//System.setProperty("http.proxy.auth.type" ,"ntlm"); //This is not showing any impact
System.setProperty("http.proxyUser", "bsil\\ashok.kumar");
System.setProperty("https.proxyUser", "bsil\\ashok.kumar");
System.setProperty("http.proxyPassword", " xyzddd");
System.setProperty("https.proxyPassword", "xyzddd");
Authenticator.setDefault(new MyAuthenticator());
//Inner class
public static class MyAuthenticator extends Authenticator {
protected PasswordAuthentication getPasswordAuthentication() {
String username = System.getProperty("http.proxyUser");
String password = System.getProperty("http.proxyPassword");
return new PasswordAuthentication(username, password.toCharArray());
We are using following code initialize the stubs (Which internally opens a connection to the given endpoint base URL)
//Code Segment #2
Code:
SessionService_Impl sessionService = new SessionService_Impl(getEndPointURL(SessionServicePort.class));
port = sessionService.getSessionServicePort();
return port;
Using above code it always throws the following exception:
Code:
weblogic.webservice.tools.wsdlp.WSDLParseException: Failed to retrieve WSDL from https://apiclienttest.intralinks.com:443/webservices51/SessionService?WSDL. Please check the URL and make sure that it is a valid XML file [java.io.IOException: Proxy authenticator failed: java.lang.ClassNotFoundException: ]
if i replace the above code (Code Segment #2) to as bellow with Code Segment #3 then its working as expected. But we have been told that the Code Segment #2 is required as shwon above for the Weblogic ClientTimeout seconds feature so we cant replace the Code Segment #2 with Code Segment #3 since we don?t want to miss the ClientTimeout seconds feature for the application.
//Code Segment #3
Code:
SessionService_Impl sessionService = new SessionService_Impl();
SessionServicePort sessionServicePort = sessionService.getSessionServicePort();
((SessionServicePort_Stub) sessionServicePort)._setProperty("javax.xml.rpc.service.endpoint.address", endPointBaseURL+"SessionService");
return sessionServicePort ;
why the Proxy authentication is failing with the Code Segment #2 and why it is passing in case of Code Segment #3
The endpoint base URL we are hitting is hosted on Weblogic server 9.0 (which is hosted at client side in US so it is behind our firewall).
Is some thing more do we need to do in Authenticator class???
Please help me if any one has worked on proxy server authenticator in java.We have a desktop console based Weblogic webservices client application that uses client stubs to establish the connection and communicate with the server where the WSDL was hosted.
We are facing a problem in authenticating the Proxy user with valid credentials.
We are using the following code to set the system properties and Authenticator class to authenticate the proxy user.
//Code Segment #1
Code:
System.setProperty("http.proxyHost", proxyHost);System.setProperty("https.proxyHost", proxyHost);
System.setProperty("weblogic.webservice.transport.http.proxy.host",proxyHost);
System.setProperty("weblogic.webservice.transport.https.proxy.host",proxyHost);
System.setProperty("http.proxyPort", proxyPort);
System.setProperty("https.proxyPort", proxyPort);
System.setProperty("weblogic.webservice.transport.http.proxy.port",proxyPort);
System.setProperty("weblogic.webservice.transport.https.proxy.port",proxyPort);
//System.setProperty("http.proxyType", "basic");
//System.setProperty("https.proxyType", "basic");
//System.setProperty("http.proxy.auth.type" ,"ntlm"); //This is not showing any impact
System.setProperty("http.proxyUser", "bsil\\ashok.kumar");
System.setProperty("https.proxyUser", "bsil\\ashok.kumar");
System.setProperty("http.proxyPassword", " xyzddd");
System.setProperty("https.proxyPassword", "xyzddd");
Authenticator.setDefault(new MyAuthenticator());
//Inner class
public static class MyAuthenticator extends Authenticator {
protected PasswordAuthentication getPasswordAuthentication() {
String username = System.getProperty("http.proxyUser");
String password = System.getProperty("http.proxyPassword");
return new PasswordAuthentication(username, password.toCharArray());
We are using following code initialize the stubs (Which internally opens a connection to the given endpoint base URL)
//Code Segment #2
Code:
SessionService_Impl sessionService = new SessionService_Impl(getEndPointURL(SessionServicePort.class));
port = sessionService.getSessionServicePort();
return port;
Using above code it always throws the following exception:
Code:
weblogic.webservice.tools.wsdlp.WSDLParseException: Failed to retrieve WSDL from https://apiclienttest.intralinks.com:443/webservices51/SessionService?WSDL. Please check the URL and make sure that it is a valid XML file [java.io.IOException: Proxy authenticator failed: java.lang.ClassNotFoundException: ]
if i replace the above code (Code Segment #2) to as bellow with Code Segment #3 then its working as expected. But we have been told that the Code Segment #2 is required as shwon above for the Weblogic ClientTimeout seconds feature so we cant replace the Code Segment #2 with Code Segment #3 since we don?t want to miss the ClientTimeout seconds feature for the application.
//Code Segment #3
Code:
SessionService_Impl sessionService = new SessionService_Impl();
SessionServicePort sessionServicePort = sessionService.getSessionServicePort();
((SessionServicePort_Stub) sessionServicePort)._setProperty("javax.xml.rpc.service.endpoint.address", endPointBaseURL+"SessionService");
return sessionServicePort ;
why the Proxy authentication is failing with the Code Segment #2 and why it is passing in case of Code Segment #3
The endpoint base URL we are hitting is hosted on Weblogic server 9.0 (which is hosted at client side in US so it is behind our firewall).
Is some thing more do we need to do in Authenticator class???
Please help me if any one has worked on proxy server authenticator in java. -
Access denied - http authentication
Hi all,
I have a java web service client that needs to connect to a .net web service. When I set up the client in Netbeans 6, the wizard asks to accept the certificate - which I do.
The .net web services provider gave me a username and password to access the web service, but when I typed it in, I got an error.
When I run the web service client, I get:
com.sun.xml.ws.client.ClientTransportException: request requires HTTP authentication: Access Denied
Where can I supply the authentication details for the client to access the server?
Thanks and regards,
BrendaCan someone PLEASE tell me how to perform HTTP authentication when connecting from a java webservice client to a .Net web service?
I have tried:
<code>
((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "94648137");
((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "Retail03");
</code>
but have had no luck. The web service is using LDAP authentication over HTTPS.
TIA
Brenda
Maybe you are looking for
-
Hi, sorry that a lot of info in subject heading. Here is copy of ML Finder iphoto Here is the Maverick finder window. i see the same iphoto library exists as an item of the iphoto library but wonder if there needs to be a software import to ensure it
-
I need to find an email I sent in April. There are emails from December 2012, but none from April of 2012. Where can I find them or are they gone forever?
-
Ipod Touch 3G, Although connected to wifi, unable to connect to internet
Basically the problem is that my Ipod Touch 3G is unable to connect to the internet, even though I am connected to the Wifi network. Are there any suggestions? I have read through the Apple Troubleshooting (tried resetting, setting static IP, etc.) T
-
Mac Book Pro 13" Late 2010 Mac OsX 10.6.3 Problem: Opening FInder Windows and genral activity on the Mac has become incredibly slow. Opening a Finder Window by clicking on the FInder Dock Icon can take anywhere up to 6 seconds, and a ll I see is the
-
こんにちは. photoshopCC2014CC体験版を使っています. 今年の初めに.PHOTOSHOP CSの体験版をインストールし. ファイルを作成しました.その後.パソコンを修理に出し初期化しました. 今回.アドビよりCC2014体験版の案内がメールにて届いたため. インストールし.CSで作成したファイルに手を加えようとファイルを開いたところ. KozMinPro Heavyが見つからないというエラーが出ました. エラーメッセージは.以下のようなものです. 「本ドキュメントで使われている