Why the "basic" authentication template is used?

Similar Messages

• Sender SOAP bypassing the basic authentication

  Hi All,
  I'm doing a SOAP to RFC scenario. Inorder to remove the basic authentication for SOAP i'm using the
  WSDL url like
  http://host:port/XISOAPAdapter/MessageServlet?channel=service:channel&sap-client&sap-user=username&sap-password=password
  but even after trying it this way its asking for the authentication.
  I would like to know, if i've to append the username and password with the url while creating the webservice from the ID or is it  just that after creating the webservice i've to apeend it when trying to access it.
  We are using pi7.0 here . So is there any change while passing the username and password .
  I knw tht this can be accomplished by editing the sda file , but thats not wat we want .
  Any kind of suggestion will be helpful.
  Thanks & Regards,
  Rahul.

  Hi,
  This may help you
  Check these words in this Blog
  Prompt for Login credentials
  When the above asp is executed in browser it prompts for User name/Password. We need to give valid username/password for XI. Until the recent patches by Microsoft there was a provision for providing login credentials directly in JavaScript (HTTP Connection).But for security risks this has been disabled in recent fixes. The Credentials need not be re-entered as long as session is not closed.
  https://www.sdn.sap.com/irj/sdn/weblogs?blog=/pub/wlg/1442 [original link is broken]
  Regards
  Seshagiri

• Why the basic finish date is not adjusted in planned orders

  Hi, all.
  Can anybody help me to understand:
  "Why the basic finish date is not adjusted in planned orders during
  forward scheduling, but in production order basic finish date is adjusted?
  It is look like non-coordination between groups of developers.
  And lead to situation, when planner don't see in MD04 when he can really wait material receipt. He must go to planed order and check production data there, it's unusable."
  Am I right, or SAP have it's own logic.

  Hi,
  Production orders are different story. Since production order is a constant element, they are not created in the course of MRP, basic dates can be adjusted. In production order basic finish date is adjusted, but you won't see for the upper level materials', basic dates of the planned orders adjusted according to the prodcution order you create. Production order is consistent within itself in terms of date and is not dependent to other elements of MRP, but planned orders are not like that.
  MRP creates planned orders whose basic finish dates are calculated by subtracting goods receipt time from production start date of the source of requirement. MRP works backwards without changing directions. Meanwhile if any production finish date is calculated different than the basic finish date due to forward scheduling, in order not to violate the alignment between the basic finish date and source of requirement's start date, basic finish date is not adjusted. If it was, dates of all the planned orders calculated so far at the upper levels of the BOMs had to be recalculated, otherwise all the consistency of all the dates is violated. This cannot be done because changes in any level affects all lower levels.

• How to set up and test the Basic Authentication for HTTP protocol

  Hi,
  I tried configuring the password based Basic Authentication for sending xml document using ebMS - HTTP protocol. I set username and password while configuring the transport server for both trading partners. I want to know, is that sufficient for basic authenticaton. When I open the URI http://localhost:7778/b2b/transportServlet, it is not asking any authentication (username/password). Please note that I have not used SSL certificate. Anyone please help me out to configure Basic authentication.

  Hi Ramesh,
  Thanks for ur response. Could you please tell me where to set the Additional Transport header : authtype-basic#realm=myRealm(in which property file). In enqueue code, I could see the following attributes
  queue
  msgID
  replyToMsgID
  from
  to
  eventName
  doctypeName
  doctypeRevision
  msgType
  payload
  attachment
  subscriber
  Is it possible to set username/password in the enqueue attributes?
  Do i need to add username/password and Transport header in the input XML and defined that elements in xsd?

• How to get why the validation has failed.when using isSchemaValid() ?

  Oracle 11.2
  to validate xmlType I use a procedure within isSchemaValid - function,
  But when it returns 0,
  where from to get why the validation is failed ?
  regards

  Thats the reason why you should use SchemaValidate(), because its more informative
  See for an example here: Re: catching error while validating an xml file

• Why the "Basic" crawled properties appear more than once for each property name?

  When i map a managed property and want to select for example "Basic:9" - i see 2 lines of "Basic:9".
  why is that so? are there more than one "Basic:9" property?
  keren tsur

  Hi keren,
  The properties have different types, Basic:9 which has mapped to Path is Text type, the other one is Yes/No type. You could refer to:
  http://technet.microsoft.com/en-in/library/hh134087(v=office.14).aspx
  If you would like to know about Crawled property data types, please refer to:
  http://blogs.technet.com/b/speschka/archive/2010/08/21/finding-which-crawled-property-data-types-match-a-managed-property-data-type-in-sharepoint-2010.aspx
  Regards,
  Rebecca Tu
  TechNet Community Support

• WHY THE IPHONE GETTING HOT WHEN USING 3G PLUS WITH DATa?, WHY THE IPHONE GETTING HOT WHEN USING 3G PLUS WITH DATA?

  why my iphone 4s getting hot when using 3g plus with data?
  then my phone left side speaker didnt work when i list songs?

  It is normal for the phone to get hot when your using data such as YouTube videos, streaming music etc.. And as for the left speaker not working, the left speaker is a microphone, the right one is for sound. Don't worry, everything your iPhone is doing is normal.

• I am wondering why the java site that I use workes on my Mac, but not my iPad or iPhone. I really need to be able to use this for my website... Any clue?

  I have a link for my website that runs java for this program. I need to be able to view this also on my iPad and iPhone, as I can with my Mac and pc. If anyone knows anything I can do to make this work, I would greatly appreciate it.

  VirtualChrome.

• Forms based authentication + Basic authentication = no way to use the basic auth!!!!

  Hi,
  I setup a test sharepoint site, claims mode, with both the forms and basic authentication  enabled.
  I expect to see the page asking me which authentication method I want to use, but I never see this page!!!
  I have to select the windows authentication (NTLM or Kerberos) to see this page!
  why using only the Basic authentication did not prompt the user?
  and how to be authenticated using the basic authentication rather than the forms auth when both are enable for the same site?
  >I do NOT want to extend my site to have 2 zones... my question is ONLY with 1 zone configured.

  What is the business purpose for using Basic Auth over NTLM/Kerberos?
  Trevor Seward
  Follow or contact me at...
  &nbsp&nbsp
  This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• Interactive form using Basic Authentication

  Hi,
  I am getting the following problem when deploying the Adobe Interactive Form application developed using Basic Authentication onto the server.
  com.sap.tc.webdynpro.services.exceptions.WDRuntimeException: Error during call to AdobeDocumentServer: Processing exception during a "Render" operation.
  Request start time: Tue Jul 04 12:04:51 GMT+05:30 2006
       at com.sap.tc.webdynpro.clientserver.adobe.AdobeFormHelper.createPDFDocumentForUIElement(AdobeFormHelper.java:486)
       at com.sap.tc.webdynpro.clientserver.uielib.adobe.impl.InteractiveForm.afterHandleActionEvent(InteractiveForm.java:185)
       at com.sap.tc.webdynpro.clientserver.cal.ClientApplication.afterHandleActionEvent(ClientApplication.java:1154)
       at com.sap.tc.webdynpro.clientserver.task.WebDynproMainTask.handleActionEvent(WebDynproMainTask.java:402)
       at com.sap.tc.webdynpro.clientserver.task.WebDynproMainTask.execute(WebDynproMainTask.java:649)
       at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:59)
       at com.sap.tc.webdynpro.clientserver.cal.ClientManager.doProcessing(ClientManager.java:248)
       at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doWebDynproProcessing(DispatcherServlet.java:154)
       at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:116)
       at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:48)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:390)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:264)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:347)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:325)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:887)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:241)
       at com.sap.engine.services.httpserver.server.Client.handle(Client.java:92)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
       at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(Native Method)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
  Please suggest me, how I can solve it.
  Also I have done only the Basic Authentication, so is there any need for SSL Configuration.
  Regards
  Tiffny

  Hi Krishanu,
     Thanks for your responseI have checked the url that I had put in Web Service as http://versa:80/AdobeDocumentServices/Config?style=document
  and when I run this url which seems to be working fine and on run it I test it, also it gives wsdl url which is
  http://versa:80/AdobeDocumentServices/Config?wsdl&style=document
  and on clicking this url it opens the xml document.
    I have also checked the Log, where I find that
  #1.5#00132120E8600063000000440000106C000417BF56A46124#1152010466682#com.adobe.AdobeDocumentServices#com.adobe/AdobeDocumentServices#com.adobe.AdobeDocumentServices#ADSUSER#8739#SAP J2EE Engine JTA Transaction : [038153a00111]###744037e00b4b11dbbc1700132120e860#SAPEngine_Application_Thread[impl:3]_32##0#0#Error#1#/System/Server#Plain###Processing exception during a "Render" operation.
  Request start time: Tue Jul 04 16:24:23 GMT+05:30 2006
  <b>com.adobe.ProcessingError: File not found error writing stream:</b> <Render><Template><Name> "http://versa:80/webdynpro/dispatcher/local/TravelRequest/TravelRequestApp/wd_keyHC0DDbOBtzpF0n9-a_pEPA==/sapwebdynpro.xft;jsessionid=(J2EE3675400)ID2045061650DB01945523008391574204End;saplb_*=(J2EE3675400)3675450?sap.session.download=4&sap-wd-cltwndid=7425f9200b4b11dbc43100132120e860&sap-wd-appwndid=Id7425f9200b4b11dbc43100132120e86011&sap-wd-norefresh=true :
  java.io.FileNotFoundException: IO error detected while retrieving input stream for: http://versa:80/webdynpro/dispatcher/local/TravelRequest/TravelRequestApp/wd_keyHC0DDbOBtzpF0n9-a_pEPA==/sapwebdynpro.xft;jsessionid=(J2EE3675400)ID2045061650DB01945523008391574204End;saplb_*=(J2EE3675400)3675450?sap.session.download=4&sap-wd-cltwndid=7425f9200b4b11dbc43100132120e860&sap-wd-appwndid=Id7425f9200b4b11dbc43100132120e86011&sap-wd-norefresh=true :
  java.io.IOException: Server returned HTTP response code: 503 for URL: http://versa:80/webdynpro/dispatcher/local/TravelRequest/TravelRequestApp/wd_keyHC0DDbOBtzpF0n9-a_pEPA==/sapwebdynpro.xft;jsessionid=(J2EE3675400)ID2045061650DB01945523008391574204End;saplb_*=(J2EE3675400)3675450?sap.session.download=4&sap-wd-cltwndid=7425f9200b4b11dbc43100132120e860&sap-wd-appwndid=Id7425f9200b4b11dbc43100132120e86011&sap-wd-norefresh=true
  Can you tell me which file it is looking for.
  Regards
  Tiffny

• Is it possible bypass basic file authentication in glassfish using default

  I have a glassfish application with basic authentication enabled and a single user setup in the file security realm wth a single group named 'internal'.
  My web.xml is setup with an auth-constraint limited to 'internal' role, my glassfish-web.xml maps the group 'internal' to the role 'internal'
  I have one cluster with an app ('api') running that is already accessed internally without the need for authentication.
  I am trying to set up a standalone instance with a seperate config (publicapi) that runs the same app but can only access functionality of the publicapi rather than the api
  My approach has been to add basic authentication to api with a default principal (internal) in its config. The principal is mapped to a user (internal) in the file security realm that has a single group in its list of 'internal'. My understanding was this would be able to bypass the basic authentication when using this config but it has not.
  This is my config within the api project: glassfish-web.xml
  <glassfish-web-app error-url="">
  <class-loader delegate="true"/>
  <jsp-config>
  <property name="keepgenerated" value="true">
  <description>Keep a copy of the generated servlet class' java code.</description>
  </property>
  </jsp-config>
  <security-role-mapping>
  <role-name>internal</role-name>
  <group-name>internal</group-name>
  <principal-name>internal</principal-name>
  </security-role-mapping>
  </glassfish-web-app>
  web.xml
  <?xml version="1.0" encoding="UTF-8"?>
  <web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
  <security-constraint>
  <display-name>Limit non-internal principals</display-name>
  <web-resource-collection>
  <web-resource-name>Secure Application</web-resource-name>
  <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>internal</role-name>
  </auth-constraint>
  </security-constraint>
  <login-config>
  <auth-method>BASIC</auth-method>
  <realm-name>Secure Area</realm-name>
  </login-config>
  <security-role>
  <description>Only accssible to internal roles</description>
  <role-name>internal</role-name>
  </security-role>
  </web-app>
  and sun-web.xml
  <?xml version="1.0" encoding="UTF-8"?>
  <!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Application Server 9.0 Servlet 2.5//EN" "http://www.sun.com/software/appserver/dtds/sun-web-app_2_5-0.dtd">
  <sun-web-app error-url="">
  <security-role-mapping>
  <role-name>internal</role-name>
  <group-name>internal</group-name>
  <principal-name>internal</principal-name>
  </security-role-mapping>
  </sun-web-app>
  So is my understanding of being able to bypass the basic authentication using glssfish default principal flawed? Do default principals match to a user / group list that is added in the Glassfish control panel and therefore assocated with the same roles / groups? Any other info on how to correctly map the default principal to a security group and bypass authentication would be very useful. Thank you

  Haii
  your jsps or struts will not do that kind of client side jobs..u write a java script and do that.......
  regards
  Shanu

• Why are the buttons faded out (cant use them) on mobile device details?

  Good Afternoon
  I am having a little trouble figuring out why the buttons are faded (cant use them) on the: User Mailbox -> Mailbox features -> Mobile Device Details. Any help would be appreciated. Thanks.

  Hi Andy
  This option is greyed out only for one user or its for all users ?
  Do you have any MDM in place for managing the active sync devices ?
  Have you tried disabling this feature through Powershell ?
  Remember to mark as helpful if you find my contribution useful or as an answer if it does answer your question.That will encourage me - and others - to take time out to help you Check out my latest blog posts on http://exchangequery.com Thanks Sathish
  (MVP)

• Problems with basic authentication example

  I am trying to run the basic authentication example from the Professional JSP book (Chapter 16) although for some reason I continue to get "AUTHENTICATION MECHANISM NULL" instead of "AUTHENTICATION MECHANISM BASIC". I do not even get the pop-up window with the prompt for Username and Password. I am running Tomcat 4.0-dev and have tried to access the login window by pointing the browser to the appropriate file:
  //localhost:8080/ch16-basic/index.jsp
  Still not login window???
  I have added the extra user and password to the tomcat-users.xml file (username="projsp" password="projsp" roles="superuser")
  Still no luck????
  Could someone please let me know what could possibly be going wrong.
  Thank you!!!!

  The index.jsp is:
  <html>
  <head>
  <title>Protected Area Page</title>
  </head>
  <body>
  <%
  out.println("<H2>Authentication Mechanism "+ request.getAuthType() +" </H2>" );
  %>
  </body>
  </html>
  The tomcat-users.xml is:
  <!--
  NOTE: By default, no user is included in the "manager" role required
  to operate the "/manager" web application. If you wish to use this app,
  you must define such a user - the username and password are arbitrary.
  -->
  <tomcat-users>
  <user name="tomcat" password="tomcat" roles="tomcat" />
  <user name="role1" password="tomcat" roles="role1" />
  <user name="both" password="tomcat" roles="tomcat,role1" />
  <user name="projsp" password="projsp" roles="superuser" />
  </tomcat-users>
  And the web.xml is:
  <?xml version="1.0" encoding="ISO-8859-1"?>
  <!DOCTYPE web-app
  PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
  "http://java.sun.com/j2ee/dtds/web-app_2_3.dtd">
  <web-app>
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>Entire Application</web-resource-name>
  <url-pattern>/*</url-pattern>
  </web-resource-collection>
  </security-constraint>
  <login-config>
  <auth-method>BASIC</auth-method>
  <realm-name>ProJSP Authentication Example</realm-name>
  </login-config>
  </web-app>
  WHY ISN"T THIS WORKING!!!!

• AS2 Basic Authentication - Receiver CC

  Hi ,
    I would like to know the Basic Authentication field in Receiver Communication Channel for AS2 Adapter . Our Trading Partner has provided with username and Password information but there is one more mandatory field Realm. Any idea what is this field and what information to be filled in ?
  Laks

  The Realm refers to the content management option used at your receiver. The same receiver organizations have domain specific content management solutions. If such a Realm is used, you need to provide that information. This information should be retrieved by receiver organizations only. This should not be mandatory field.
  Regards,
  Prateek

• Ignoring Http basic authentication header in wls 7.0.sp2 web service servlet (weblogic.webservice.server.servlet.WebServiceServlet)

  Hi!
  We need to implement authentication using our own methods, and the authentication
  information is provided to the web service implementation in a basic authentication
  header. The problem is, that the servlet
  weblogic.webservice.server.servlet.WebServiceServlet, which handles web services
  in
  wls 7.0.sp2, always attempts to perform authentication, if the header is present.
  Is there any way to circumvent this, because we want to implement authentication
  on our own?
  I already know two workarounds:
  The best would of course be to implement a custom security realm for our own
  authentication system. This is not an option, implementing an own security
  realm is overkill for this specific web service.
  The other way would be to route the requests by way of a custom servlet, which
  would
  remove the basic authentication header, and put the authentication info in custom
  headers, such as x-auth: <user:password>, or smthng similar, and after successful
  authentication, make a call to bea's servlet weblogic.webservice.server.servlet.WebServiceServlet.
  But still, I'd like to know if there is any way to tell bea's servlet to ignore
  the basic
  authentication header?
  Oh yeah, by the way, this is URGENT, as always. (really!! ;)
  Toni Nykanen

  Currently there is no option to turn off security check.
  I think you can use a servlet filter mapped to the URL
  of your service, instead of a proxy servlet?
  Regards,
  -manoj
  http://manojc.com
  "Toni Nykanen" <[email protected]> wrote in message
  news:3ef1577b$[email protected]..
  >
  Hi!
  We need to implement authentication using our own methods, and theauthentication
  information is provided to the web service implementation in a basicauthentication
  header. The problem is, that the servlet
  weblogic.webservice.server.servlet.WebServiceServlet, which handles webservices
  in
  wls 7.0.sp2, always attempts to perform authentication, if the header ispresent.
  Is there any way to circumvent this, because we want to implementauthentication
  on our own?
  I already know two workarounds:
  The best would of course be to implement a custom security realm for ourown
  authentication system. This is not an option, implementing an own security
  realm is overkill for this specific web service.
  The other way would be to route the requests by way of a custom servlet,which
  would
  remove the basic authentication header, and put the authentication info incustom
  headers, such as x-auth: <user:password>, or smthng similar, and aftersuccessful
  authentication, make a call to bea's servletweblogic.webservice.server.servlet.WebServiceServlet.
  >
  But still, I'd like to know if there is any way to tell bea's servlet toignore
  the basic
  authentication header?
  Oh yeah, by the way, this is URGENT, as always. (really!! ;)
  Toni Nykanen