WLS 10.3.3 - Web service - NTLM authentication

Similar Messages

• How to use Axis to access a web service through Authentication  proxy

  Using axis access internat web service is success,but access a web service through Authentication proxy is failure.But other java classes connect through a proxy to the internet which works very well:
  please help me ,thank you!!!
  import org.apache.axis.client.Call;
  import org.apache.axis.client.Service;
  import javax.xml.namespace.QName;
  //this is my access webservice faliure   codes
  public class TestClient
     public static void main(String [] args) {
         try {
              System.getProperties().setProperty("http.proxySet", "true");
              System.getProperties().setProperty("http.proxyHost","proxy.com");
              System.getProperties().setProperty("http.proxyPort", "8080");
              System.getProperties().setProperty("http.proxyUser", "username");
              System.getProperties().setProperty("http.proxyPassword","password");
             String endpoint =
                      "http://nagoya.apache.org:5049/axis/services/echo";
             Service  service = new Service();
             Call     call    = (Call) service.createCall();
             call.setTargetEndpointAddress( new java.net.URL(endpoint) );
             call.setOperationName(new QName("http://soapinterop.org/", "echoString") );
             String ret = (String) call.invoke( new Object[] { "Hello!" } );
             System.out.println("Sent 'Hello!', got '" + ret + "'");
         } catch (Exception e) {
             System.err.println(e.toString());
     }I get an "(407)Proxy authorization required" error?

  I am also looking for a solution. Does any one know how to do through code instead of jvm settings?
  Thanks in advance!

• Issue with calling external web service with authentication details ...

  Hi,
       I am facing a deployment issue with Oracle ESB. I am trying to call an external Web Service with authentication from ESB SOAP Service. It is working fine with my local ESB version 10.1.3.3.0 Build PCBPEL_10.1.3.3.0_GENERIC_070615.0525; however it is getting an error at our development ESB version 10.1.3.3.1 Build PCBPEL_10.1.3.3.1_GENERIC_RELEASE.
       I am getting following error.
  An unhandled exception has been thrown in the ESB system. The exception reported is: "org.collaxa.thirdparty.apache.wsif.WSIFException: exception during SOAP invoke: Server was unable to process request. ---> Object reference not set to an instance of an object.; nested exception is: javax.xml.rpc.soap.SOAPFaultException: Server was unable to process request. ---> Object reference not set to an instance of an object. at com.collaxa.cube.ws.wsif.providers.oc4j.jaxrpc.WSIFOperation_JaxRpc.populateFaultMessage(WSIFOperation_JaxRpc.java:3086) at com.collaxa.cube.ws.wsif.providers.oc4j.jaxrpc.WSIFOperation_JaxRpc.invokeOperation(WSIFOperation_JaxRpc.java:1728) at com.collaxa.cube.ws.wsif.providers.oc4j.jaxrpc.WSIFOperation_JaxRpc.invokeRequestResponseOperation(WSIFOperation_JaxRpc.java:1473) at com.collaxa.cube.ws.wsif.providers.oc4j.jaxrpc.WSIFOperation_JaxRpc.executeRequestResponseOperation(WSIFOperation_JaxRpc.java:1196) at oracle.tip.esb.server.common.wsif.WSIFInvoker.executeOperation(WSIFInvoker.java:867) at oracle.tip.esb.server.common.wsif.WSIFInvoker.nextService(WSIFInvoker.java:770) at oracle.tip.esb.server.common.wsif.WSIFInvoker.nextService(WSIFInvoker.java:790) at oracle.tip.esb.server.service.impl.outadapter.OutboundAdapterService.nextService(OutboundAdapterService.java:208) at oracle.tip.esb.server.service.impl.outadapter.OutboundAdapterService.processBusinessEvent(OutboundAdapterService.java:127) at oracle.tip.esb.server.dispatch.InitialEventDispatcher.dispatchNonRoutingService(InitialEventDispatcher.java:118) at oracle.tip.esb.server.dispatch.InitialEventDispatcher.dispatch(InitialEventDispatcher.java:95) at oracle.tip.esb.server.dispatch.BusinessEvent.raise(BusinessEvent.java:1424) at oracle.tip.esb.utils.EventUtils.raiseBusinessEvent(EventUtils.java:112) at oracle.tip.esb.server.service.EsbRouterSubscription.onBusinessEvent(EsbRouterSubscription.java:307) at oracle.tip.esb.server.dispatch.EventDispatcher.executeSubscription(EventDispat
       Could one of you please help me out to understand why it is happining.
  Thanks in advance.
  Jyotirmoy.

  Hi Mahesh,
  One you are missing is authentication token or credentials.
  Please refer to the following articles.
  http://www.cleverworkarounds.com/2014/02/05/tips-for-using-spd-workflows-to-talk-to-3rd-party-web-services/
  A Series of articles related to Web Service in SPD Workflow
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 1
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 2
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 3
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 4
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 5
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 6
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 7
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 8
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 9
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 10
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 11
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 12
  Please don't forget to mark it answered, if your problem resolved or helpful

• Ignoring Http basic authentication header in wls 7.0.sp2 web service servlet (weblogic.webservice.server.servlet.WebServiceServlet)

  Hi!
  We need to implement authentication using our own methods, and the authentication
  information is provided to the web service implementation in a basic authentication
  header. The problem is, that the servlet
  weblogic.webservice.server.servlet.WebServiceServlet, which handles web services
  in
  wls 7.0.sp2, always attempts to perform authentication, if the header is present.
  Is there any way to circumvent this, because we want to implement authentication
  on our own?
  I already know two workarounds:
  The best would of course be to implement a custom security realm for our own
  authentication system. This is not an option, implementing an own security
  realm is overkill for this specific web service.
  The other way would be to route the requests by way of a custom servlet, which
  would
  remove the basic authentication header, and put the authentication info in custom
  headers, such as x-auth: <user:password>, or smthng similar, and after successful
  authentication, make a call to bea's servlet weblogic.webservice.server.servlet.WebServiceServlet.
  But still, I'd like to know if there is any way to tell bea's servlet to ignore
  the basic
  authentication header?
  Oh yeah, by the way, this is URGENT, as always. (really!! ;)
  Toni Nykanen

  Currently there is no option to turn off security check.
  I think you can use a servlet filter mapped to the URL
  of your service, instead of a proxy servlet?
  Regards,
  -manoj
  http://manojc.com
  "Toni Nykanen" <[email protected]> wrote in message
  news:3ef1577b$[email protected]..
  >
  Hi!
  We need to implement authentication using our own methods, and theauthentication
  information is provided to the web service implementation in a basicauthentication
  header. The problem is, that the servlet
  weblogic.webservice.server.servlet.WebServiceServlet, which handles webservices
  in
  wls 7.0.sp2, always attempts to perform authentication, if the header ispresent.
  Is there any way to circumvent this, because we want to implementauthentication
  on our own?
  I already know two workarounds:
  The best would of course be to implement a custom security realm for ourown
  authentication system. This is not an option, implementing an own security
  realm is overkill for this specific web service.
  The other way would be to route the requests by way of a custom servlet,which
  would
  remove the basic authentication header, and put the authentication info incustom
  headers, such as x-auth: <user:password>, or smthng similar, and aftersuccessful
  authentication, make a call to bea's servletweblogic.webservice.server.servlet.WebServiceServlet.
  >
  But still, I'd like to know if there is any way to tell bea's servlet toignore
  the basic
  authentication header?
  Oh yeah, by the way, this is URGENT, as always. (really!! ;)
  Toni Nykanen

• How to access SOAP web service with authentication, HTTP basic Authentication

  Dear All
  i use Flash Builder 4.5, flex 4..1, i am developing a flex client to soap webservices hosted over Glassfish 2 Java server, the web services is protected by HTTP Basic Authentication, everythime i run my code , the prombt for username and password show up, i need to pass user name and password through action script, i followed the flollowing (but was for http web service, not soap) but really did not work.
  http://stackoverflow.com/questions/490806/http-basic-authentication-wi th-httpservice-objects-in-adobe-flex-air
  http://forums.adobe.com/message/4262868
  private function authAndSend(service:HTTPService):void
          var encoder:Base64Encoder = new Base64Encoder();
          encoder.insertNewLines = false; // see below for why you need to do this
          encoder.encode("someusername:somepassword");
          service.headers = {Authorization:"Basic " +encoder.toString()};                                               
          service.send();
  Also i noticed in debug mode, always that WARNNING raised up
  Warning: Ignoring 'secure' attribute in policy file from http://fpdownload.adobe.com/pub/swz/crossdomain.xml.  The 'secure' attribute is only permitted in HTTPS and socket policy files.  See http://www.adobe.com/go/strict_policy_files for details.
  any idea ?

  Hello,
  I don't know if this could help.
  Another way to connect to a web service by SOAP and WSDL is to click on the Data/Services panel, then click on "Connect to Data/Services" and then select the "Web Service" (WSDL) icon. This could help as well.

• Configuring WLS to invoke a web service on SSL

  Hi,
  It will be really helpful if I get some pointers on this. Stuck with this without any progress. I havent experimented too much working with Certificates and so on...
  I have a web service on my WLS...This has to invoke an external web service (provided by a third party).
  They have given me a url for WSDL.
  .p12 certificate - privateKeyEntry
  .cer certificate - trustCertEntry
  In my browser(IE), to display the WSDL page, I had to import this .p12 certificate in the "Personal" tab and .cer certificate in the "Trusted Root Certification Authorities" tab. It works !! I can see the WSDL.
  Now I have to do a equivalent setting in WLS so that my WS invokes the external WS. I can test this with the Weblogic Test Client for my WS.
  This is what I thought I had to do.
  Configure Custom Identity and Custom Trust in WLS.
  Custom Identity - directly used the .p12 file and specified type as PCKS12 with a password. That seems OK.
  Custom Trust - Since I didnt think I could use .cer file, I imported this certificate into .jks file using the below command
  keytool -import -trustcacerts -alias mykey -keystore mytrust.jks -file TestRootCert.cer -keyalg RSA
  configured this .jks file as a custom truststore.
  In the SSL tab, specified the alias name that existed in the PrivateKeyEntry(.p12 file) assuming this is used to identify myself to the external WS.
  Set -Dssl.debug=true -Dweblogic.StdoutDebugEnabled=true in the WLS startup file just to see some more additional info.
  When I invoke the external WS using the WLS test client, this is how the output on console looks..(sorry, had to edit some stuff related to company names etc.)
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <SSLSetup: loading trusted CA certificates>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <SSL enableUnencryptedNullCipher= false>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <SSLContextManager: loading server SSL identity>
  <Sep 16, 2010 5:35:02 PM CEST> <Notice> <Security> <BEA-090171> <Loading the identity certificate and private key stored under the alias e74476a0b5a8cfce6e426c266aee9bbc_2d3fa38c-4f19-4115-b030-11acb1de5cd5 from the PKCS12 keystore file C:\PROGRA~2\Java\JDK16~1.0_2\jre\lib\security\TestPoints.p12.>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <Loaded public identity certificate chain:>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <Subject: [email protected], CN=Test , OU=Digital ID Class 1 - Microsoft Full Service, OU=Persona Not Validated, OU="www.verisign.com/repository/RPA Incorp. by Ref.,LIAB.LTD(c)98", OU=VeriSign Trust Network, O="VeriSign, Inc."; Issuer: CN=VeriSign Class 1 Individual Subscriber CA - G2, OU=Persona Not Validated, OU=Terms of use at https://www.verisign.com/rpa (c)05, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA/ECB/NoPadding>
  <Sep 16, 2010 5:35:02 PM CEST> <Notice> <Security> <BEA-090169> <Loading trusted certificates from the JKS keystore file C:\PROGRA~2\Java\JDK16~1.0_2\jre\lib\security\ebmscert.jks.>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <SSLContextManager: loaded 1 trusted CAs from C:\PROGRA~2\Java\JDK16~1.0_2\jre\lib\security\ebmscert.jks>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <Subject: CN=VeriSign Class 1 Individual Subscriber CA - G2, OU=Persona Not Validated, OU=Terms of use at https://www.verisign.com/rpa (c)05, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US; Issuer: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
  <Sep 16, 2010 5:35:02 PM CEST> <Info> <WebLogicServer> <BEA-000307> <Exportable key maximum lifespan set to 500 uses.>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 28972139>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <write SSL_20_RECORD>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <8413295 SSL3/TLS MAC>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <8413295 received HANDSHAKE>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHello>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Certificate>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <Cannot complete the certificate chain: No trusted cert found>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 0 in the chain: Serial number: 320858270326811821565694692014706744673
  Issuer:C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
  Subject:C=SE, ?=19587, ST=None, L=country, ?=Test Address, O=CompanyName Denmark-Norway-Sweden, OU=DK Wintel AS, OU=Hosted by Melbourne IT Corporate Brand Services, OU=Comodo PremiumSSL, CN=a.b.com
  Not Valid Before:Thu Mar 19 01:00:00 CET 2009
  Not Valid After:Sun Mar 20 00:59:59 CET 2011
  Signature Algorithm:SHA1withRSA
  >
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 1 in the chain: Serial number: 109339514828885055587748732527481675047
  Issuer:C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
  Subject:C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
  Not Valid Before:Tue Jun 07 10:09:10 CEST 2005
  Not Valid After:Sat May 30 12:48:38 CEST 2020
  Signature Algorithm:SHA1withRSA
  >
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <validationCallback: validateErr = 16>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> < cert[0] = Serial number: 320858270326811821565694692014706744673
  Issuer:C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
  Subject:C=SE, ?=19587, ST=None, L=country, ?=Test Address, O=CompanyName Denmark-Norway-Sweden, OU=DK Wintel AS, OU=Hosted by Melbourne IT Corporate Brand Services, OU=Comodo PremiumSSL, CN=a.b.com
  Not Valid Before:Thu Mar 19 01:00:00 CET 2009
  Not Valid After:Sun Mar 20 00:59:59 CET 2011
  Signature Algorithm:SHA1withRSA
  >
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> < cert[1] = Serial number: 109339514828885055587748732527481675047
  Issuer:C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
  Subject:C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
  Not Valid Before:Tue Jun 07 10:09:10 CEST 2005
  Not Valid After:Sat May 30 12:48:38 CEST 2020
  Signature Algorithm:SHA1withRSA
  >
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <weblogic user specified trustmanager validation status 16>
  <Sep 16, 2010 5:35:02 PM CEST> <Warning> <Security> <BEA-090477> <Certificate chain received from a.b.com - 194.182.249.133 was not trusted causing SSL handshake failure.>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <Validation error = 16>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <Certificate chain is untrusted>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <SSLTrustValidator returns: 16>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <Trust status (16): CERT_CHAIN_UNTRUSTED>
  <Sep 16, 2010 5:35:02 PM CEST> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: FATAL, Type: 42
  If I understood rite, the external server is sending some certificates which is not there in the WLS trust store. Is this correct?
  Also tried to get these certificates into the truststore using the InstallCert.java utility class, but then I get a 403:Forbidden.
  So I have no clue at the moment. Basically, my WLS acts as a client to the external WS rite? so this is a one-way SSL. IS that correct?
  Can you help with some pointers please?
  best regards,
  Murali

  Hi,
  I just noticed this post and it seems that I had the same problem ( [see the relevant topic|http://forums.sun.com/thread.jspa?threadID=5378686] ) -- it is now answered.
  Simply follow the instructions on [this page|http://java.sun.com/developer/EJTechTips/2006/tt0527.html#1] - note that the answer was provided by Miroslav777.
  Bye
  Urbas

• How to set up User id and Password for Web services or authentication

  Hi ,
  I am new to web services . I have created a new Web service in SAP , and while creating Service defination , set the Authentication as LOW for server proxy .Then created End-point in SOAMANAGER with USREID/PWS requried .This WSDL i am planning to share with Third party to call from Java application.
  But my web service checks for authorization which needs to be set up to allow the user id and pws .
  So question is how do i pass my user id and pws as i do not see this WSDL with User id and pws option displayed for me when i test this using SOAP UI .I saw some of WSDL with tag "AuthHeader" with user id and pws tags in them .So how could i get them ?
  Or requirement is that my Third party should be able to access my Web service in PRD and also be able to have authorization to auth object embedded in FM inside service defination .So how is this acheived ?
  Thanks,
  Sitaraman

  Hi,
  After creation of WSDL , you will get URL lkie http://idessapdev.ad.infosys.com:8000/index.html.
  For this URL your third party system need sto add id and pwd for accessing like http://idessapdev.ad.infosys.com:8000/index.html&userid = 111&pwd= wwgw.
  this is not the exact syntax. you can check with your third party system for this URL.
  Regards,
  Lokeswari.

• Get or set security credentials for XML web service client authentication

  Dear,
  I wrote a custom asp.net web service that acts as a wrapper for the taxonomyclientservice.asmx in sharepoint 2010.
  ON my local machine, the following code works:
    using (Taxonomy.Taxonomywebservice TaxonomyClient = new COSMOS_Taxonomy.Taxonomywebservice())
  TaxonomyClient.Credentials = new NetworkCredential("username", "pass", "domain");
  TaxonomyClient.PreAuthenticate = true;
  etc..
  The authentication works when i provide the user credentials.
  the problem is when i deploy the webservice to my production env. I dont know the owner of the metadata term store and its out of the question to get the username and password.
  when i try to run this code on my local machine:
  TaxonomyClient.Credentials = System.Net.CredentialCache.DefaultCredentials;
  i get this error:
  System.Net.WebException: The request failed with HTTP status 401: Unauthorized.
  at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
  at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
  at COSMOS_TermSet.COSMOS_Taxonomy.Taxonomywebservice.GetTermSets(String sharedServiceIds, String termSetIds, Int32 lcid, String clientTimeStamps, String clientVersions, String& serverTermSetTimeStampXml)
  at COSMOS_TermSet.CustomWebService.GetCountryTermSet()
  How can i fix this.
  Many thanks in advance

  Hi Roni,
  Based on your description, the error occurred when using the DefaultCredential in the code.
  I recommend to check if the “<identity impersonate="true"></identity>” is included in web.config file.
  If not, add it to web.config file to see if the issue still occurs.
  Best regards.
  Thanks
  Victoria Xia
  TechNet Community Support

• Web service client authentication problem

  I applied security role to deployed web services. When I use clientgen to generate client stub or using java client to get WSDL, I got authentication error asking for username and password.
  This only happens when I use import in my WSDL file to import other schema files. I think the authentication process happened when retrieving wsdl file, but not import schema files.
  Is this some kind of BEA bugs or known issue?
  Any advice is appreciated.

  Yes, this is a problem. It should be fixed in upcoming release. The work around is embeding the schema to WSDL or run clientgen against a local copy.

• EJB3 Web Service - basic authentication

  I have a very simple EJB @WebService in an EJB jar and placed in an EAR. The web service has an @RolesAllowed annotation on a role called WSS_USER.
  I have a weblogic-ejb-jar.xml file containing..
  <?xml version="1.0" encoding="UTF-8"?>
  <weblogic-ejb-jar xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.bea.com/ns/weblogic/10.0" xsi:schemaLocation="http://www.bea.com/ns/weblogic/10.0 http://www.bea.com/ns/weblogic/10.0/weblogic-ejb-jar.xsd">
  <weblogic-enterprise-bean>
  <ejb-name>TestWebServiceEJB</ejb-name>
  <enable-call-by-reference>True</enable-call-by-reference>
  </weblogic-enterprise-bean>
  <security-role-assignment>
  <role-name>WSS_USER</role-name>
  <principal-name>WSS_USER</principal-name>
  </security-role-assignment>
  </weblogic-ejb-jar>
  I have created the correct WSS_USER principal within Weblogic.
  If I test the web service using SoapUI I get:
  <message>[EJB:010160]Security Violation: User: '&lt;anonymous>' has insufficient permission to access EJB: type=&lt;ejb>, application=Test, module=Bedrock.server.services.local.jar, ejb=TestWebServiceEJB, method=test, methodInterface=ServiceEndpoint, signature={}.</message>
  How do I get basic authentication working with this web service?
  In glassfish I add the following into sun-ejb-jar.xml and it works fine:
  <ejb>
  <ejb-name>TestWebServiceEJB</ejb-name>
  <webservice-endpoint>
  <port-component-name>TestWebServiceEJB</port-component-name>
  <endpoint-address-uri>ctx/TestWebServiceEJB</endpoint-address-uri>
  <login-config>
  <auth-method>BASIC</auth-method>
  </login-config>
  </webservice-endpoint>
  </ejb>
  Is there an equivalent in weblogic?
  Thanks,
  Matt

  I was hoping it could be achieved without weblogic specific annotations?
  What I'm after is an example of a simple EJB3 web service in a jar, inside an ear, with no war file.
  I'd then like BASIC authentication on that web service.
  Something that can be dropped into any app server.
  Matt

• Web Services with Authentication - User Name and Password.

  How to create a web service and web service client where the need is to authenticate using SOAP Header based authentiacation. The authentication is to be based on UserName and Password in the SOAP Header.
  Regards
  Pramod.

  Dear Pierluigi Vernetto
  What is meant when they say to include SOAPHeader with the parameters UserName, Password for Authentication. How this type of authentication is done.Can you please provide some code snipped to facilitate. I am new to the web services and did successfully a web service generation and client generation using WSDL.
  WSDL Snippet :
  - <wsdl:operation name="RegisterService">
  <soap12:operation soapAction="http://www.abc.com/webservices/RegisterService" style="document" />
  - <wsdl:input>
  <soap12:body use="literal" />
  <soap12:header message="tns:RegisterServiceAuthenticate_Info" part="Authenticate_Info" use="literal" />
  </wsdl:input>
  - <wsdl:output>
  <soap12:body use="literal" />
  </wsdl:output>
  </wsdl:operation>
  - <wsdl:types>
  - <s:schema elementFormDefault="qualified" targetNamespace="http://www.abc.com/webservices/">
  - <s:element name="RegisterService">
  - <s:complexType>
  - <s:sequence>
  - <s:element minOccurs="0" maxOccurs="1" name="InputText">
  - <s:complexType>
  - <s:sequence>
  <s:any />
  </s:sequence>
  </s:complexType>
  </s:element>
  </s:sequence>
  </s:complexType>
  </s:element>
  - <s:element name="RegisterServiceResponse">
  - <s:complexType>
  - <s:sequence>
  - <s:element minOccurs="0" maxOccurs="1" name="RegisterServiceResult">
  - <s:complexType>
  - <s:sequence>
  <s:any />
  </s:sequence>
  </s:complexType>
  </s:element>
  </s:sequence>
  </s:complexType>
  </s:element>
  <s:element name="Authenticate_Info" type="tns:Authenticate_Info" />
  - <s:complexType name="Authenticate_Info">
  - <s:sequence>
  <s:element minOccurs="0" maxOccurs="1" name="UserName" type="s:string" />
  <s:element minOccurs="0" maxOccurs="1" name="Password" type="s:string" />
  </s:sequence>
  <s:anyAttribute />
  </s:complexType>
  If i simply create the web service using the WSDL , will the Authenticate_Info will be taken care of.
  What needs to be done for the Client side .jsp code and how this information of UserName and Password will be passed while making the call to the web service.
  regards
  Pramod.

• Web service basic authentication

  I'm trying to setup a web service manually and I have the WSDL. I want to try to leverage the basic authentication option but the controls to activate this for the manual web service definition are disabled. Anyone have any idea why? Or better yet, how to enable them?
  Earl

  The username name bassword is for HTTP Basic Authentication. I am not sure that your Web service is requesting basic authentication. It looks like it is expecting credentials to be passed in the SOAP header.
  If that is the case, the WSDL should describe what the parameters in the SOAP header should be. Can you post the WSDL?

• Oracle UCM - Web Services and Authentication

  Hello all...
  Easy question...
  Can you call UCM Web Services anonymously? Basically with "guest" rights? If so, any examples how...? I'm using VB.NET
  More complicated question and advice seeking...
  I am trying to create an ASP.NET form that will send an email with a content item as an attachment. I was going to attempt to use the web services to get the document info and actual files, and then use ASP to fire off the email. The user will either be logged into our site with (ExtranetLook component) valid credentials, or be viewing the site as guest/anonymous. As far as I can figure, I can only call the web services if I have some kind of authentication... I cannot call it w/o any auth, and I cannot somehow pass in the currently logged in users authentication credentials to the service... I really need to know the username/password, or use Windows Authentication (which is not possible on this public site). Any suggestions for how I can get around this problem?
  Thanks,
  Dave

  No resolution here... it seems if we want to do this, we need to create an admin web service account, but that takes the users security out of the picture and we don't want to do that. We're looking into some alternatives here, but I'm sure that's not going to help you. Sorry.

• Issue in accessing Client Web Service 401 authentication error

  Hi,
  I have a requirement where i need to call a web service from SOA composite. When i deploy the service on SOA Server and try accessing it i get below error
  **oracle.fabric.common.FabricException: Cannot read WSDL "{http://www.service-now.com}ServiceNow_u_incident" from Metadata Manager.: Error in getting XML input stream: https://XXXXXXX.service-now.com/incident.do?WSDL: Response: '401: Unauthorized' for url: 'https://XXXXXXXX.service-now.com/incicdent.do?WSDL'**
  If i go from broweser and hit the url it asks for my ldap / windows credential.
  My question is how to i pass these credentials from Composite.
  sample service
  https://demo.service-now.com/incident.do?WSDL
  Shirish

  To pass HTTP Basic Auth from an External Reference in a composite_
  Set up in the EM
  1. Create the credentials in the EM
  - In the EM Weblogic Domain > right click the domain name
  - Choose Security > Credentials
  2. Create an oracle.wsm.security map
  This is where the http token details are held
  - If the oracle.wsm.security does not exist create one (Create Map)
  - call it oracle.wsm.security
  3. Create the Key
  - Click create Key
  - Enter the following values
       Select Map -> oracle.wsm.security
       Key -> Key name
       Type -> Password
       Username -> << basic auth username required >>
       Password -> << basic auth password required >>
       Description -> Clear text description
  Note : Make the key name specific to the service you are accessing i.e. basic.credentials.sitea.demo
  Secure the Reference Partner Link
  In JDeveloper
       Open the composite that needs securing
       Right click on the external reference
       Select Configure WS Policies
       For Security, click the + button
       Select the oracle/wss_http_token_client_policy entry
       Select this and click the pencil button to edit the Override Value.
       In the override value column (csf-key), enter the credential key name you wish to use. i.e. basic.credentials.sitea.demo
  Deploy the service, and this will now be secured against the Basic Auth.
  This does not address SSO / Windows AD integration from the client, this is where a Web Service is protected by basic auth. If you need to integrate with AD as SSO etc then you will need to configure Kerberos. That is a much bigger explaination that you will probably find on the Net.
  Good luck
  Edited by: rodhiggins on 28/05/2013 22:52

• Calling external web service - Proxy Authentication error

  Using Developer 10.1.3.3 and following OTN example http://www.oracle.com/technology/products/forms/htdocs/10gr2/howto/webservicefromforms/ws_10_1_3_from_forms.html.
  I have followed the above example and am trying to test the SendServiceSoapClient.java in JDeveloper. The class compiles ok but when I run it I receive the following error in the log window :
  HTTP transport error: javax.xml.soap.SOAPException: java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Bad response: 407 Proxy Authentication Required
  As I was able to create the proxy with no problems, the proxy settings in Tools->Preferences are valid. I don't understand at what point it is failing as I am able to access the wsdl in the example from JDeveloper. I have checked the system settings for the proxy (username/pwd/host etc) at run time and they are as expected.
  Can anyone make any suggestions? I have had my user details checked on our proxy server and it is not blocked from performing any actions. Is the message indicating I am being blocked from accessing the service from the suppliers end?

  I have a solution for the problem I encountered.
  My collegues who look after the proxy server and network first tried to bypass authentication for the web site www.esendex.com (where the service resides). The same error occurred when trying to call the service.
  They then set up a route on the network to send the request straight to www.esendex.com and a rule on the firewall to allow the request 'out'. This has done the trick and the request passes through!
  Unfortunately, I am not much clearer as to why our proxy server is configured to block this message type and how come it can't be changed! Hey ho, I have a solution for now!