Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

SOAP authentication with username/password  RSS feed

 
Zoltaan Szabo
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

there are many pages about this problem on the Net and some here, too. However, I tried the proposed solutions, and something still does not work.
I want to access a ws calling it's wsdl. The wsdl can be seen in the browser if I give the username/password. But I get an error message if I try to execute a wsdl defined call function. That is:

10:42:40,932 INFO g.apache.axis2.transport.http.HTTPSender: 196 - Unable to sendViaPost to url[https://www.xxx.hu:8234/bay?wsdl]
org.apache.axis2.AxisFault: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
...
I used wsdl2java to generate classes from wsdl. Then I put them in a Struts utility project. I use Axis2 1.6.2. This is the code how I try to call the wsdl method:



I also tried another approach:



And I also tried this:



Coud please anyone help me?
 
Ulf Dittmer
Rancher
Posts: 42970
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
What you're implementing isn't SOAP authentication, it's HTTP authentication. Is that what you intend to do? If not, read the documentation of your SOAP engine about "WS-Security" (which is how username/password authentication is set up for SOAP WS).

Unable to sendViaPost to url[https://www.xxx.hu:8234/bay?wsdl]

This looks wrong. That URL looks like it would return the WSDL - it can not normally be used to send SOAP requests to.

As to the actual problem, check the last entry in the https://www.coderanch.com/how-to/java/SecurityFaq.
 
Zoltaan Szabo
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi, Ulf,

I would like to use HTTP Basic Auth, with username/password.

That URL looks like it would return the WSDL - it can not normally be used to send SOAP requests to.


Why happens this? I would like to send a SOAP request.
 
Zoltaan Szabo
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I also tried to call

but I still get the error message:
INFO g.apache.axis2.transport.http.HTTPSender: 196 - Unable to sendViaPost to url[https://www.xxx.hu:8234/bay].
(This address is in the constructor of the stub.)

And I tried this (among other solutions found by Google):

and I geet the same error message:

11:33:32,437 INFO he.commons.httpclient.HttpMethodDirector: 445 - Retrying request
11:33:32,468 INFO g.apache.axis2.transport.http.HTTPSender: 196 - Unable to sendViaPost to url[https://www.xxx.hu:8234/bay]
org.apache.axis2.AxisFault: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
at org.apache.axis2.transport.http.SOAPMessageFormatter.writeTo(SOAPMessageFormatter.java:78)
...

Has anyone some idea how could I log in to the ws with HTTP basic authentication (over HTTPS) ?
 
Ravinderjit Singh
Ranch Hand
Posts: 78
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This page may help you.
 
Ulf Dittmer
Rancher
Posts: 42970
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It seems that you did not notice the last paragraph of my previous post.
 
Zoltaan Szabo
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sorry, there was some misunderstanding. I got the information that we will use http basic authentication. But the SOAP transport went over https. So obiously I had to handle certificates. I added this to the code:


But I got Error 401 Unauthorized message.

This has already been added to the code:



Then HTTP authentication was turned off, and I could reach the ws.
But I still do not know what was wrong with the HTTP authentication.
 
Ulf Dittmer
Rancher
Posts: 42970
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
So the problem is no longer the one described in your first post, but rather that HTTP Basic Authentication is not honored by the server?
 
Zoltaan Szabo
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ulf Dittmer wrote:HTTP Basic Authentication is not honored by the server?


Yes.
 
krishna atok
Ranch Hand
Posts: 30
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Zoltan,

Usually soap protocol uses http as the transport protocol and hence web service call using soap protocol will have all the freedom to modify any thing related to http transport protocol.
Please go through the sample server side and client side codes which I have attached for simple application level authentication using soap.
Generate the client side stubs and then run the sample client code pointing it to the right service class and port class according to the generated stubs.
I am assuming this should satisfy you. Please let me know your observations.

Below three java files are server side code

HelloWorld.java



HelloWorldImpl.java

@WebService(name = "HelloWorldImpl", targetNamespace = "http://authentication.jaxws.com/")
@SOAPBinding(style = SOAPBinding.Style.RPC)
public class HelloWorldImpl implements HelloWorld{

@Resource
WebServiceContext wsctxt;

@Override
public String sayHello(String name) {
// TODO Auto-generated method stub
MessageContext msgctxt=wsctxt.getMessageContext();
Map map=(Map)msgctxt.get(MessageContext.HTTP_REQUEST_HEADERS);
List username=(List)map.get("Username");
List password=(List)map.get("Password");
System.out.println(username.get(0));
System.out.println(password.get(0));
if(username.get(0).equals("Username") && password.get(0).equals("Password")){
return "correct user "+name;
}else
return "unknown user "+name +username.get(0)+" "+password.get(0);
}
}

Main.java





Thanks,
Kesava.
 
krishna atok
Ranch Hand
Posts: 30
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Client side code

TestClient.java




Thanks,
Kesava
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!