• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

How to invoke a WS with authentication?

 
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am trying to invoke a WS that requires HTTP authentication.
Is this the correct way to do it?
When I invoke the WS I don't get any error on my client side, but for some reason, my call is not reaching the destination.

Thanks.

 
Bartender
Posts: 2968
6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
HTTP BASIC-AUTH is most commonly used with https (Secured Sockets Layer/Transport Layer Security; SSL/TLS). With http anybody with access to a router could sniff out the username/password being transmitted in plain text. Could a protocol mismatch be the problem?

See also: Web service URL fails with 'https', not 'http'

Originally posted by Dario Rehman:
but for some reason, my call is not reaching the destination.


Is there a firewall/proxy between you and your destination - you may require a separate username/password for those (though that would usually generate an HTTP error)?

See also: getting exception while invoking service from client on another system
 
Dario Rehman
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
There is a proxy between my application and the destination but I don't think that is the problem since I can use the web service with the WS Test application SOAPUI.

Originally posted by Peer Reynders:
HTTP BASIC-AUTH is most commonly used with https (Secured Sockets Layer/Transport Layer Security; SSL/TLS). With http anybody with access to a router could sniff out the username/password being transmitted in plain text. Could a protocol mismatch be the problem?

See also: Web service URL fails with 'https', not 'http'




Is there a firewall/proxy between you and your destination - you may require a separate username/password for those (though that would usually generate an HTTP error)?

See also: getting exception while invoking service from client on another system

 
Peer Reynders
Bartender
Posts: 2968
6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Dario Rehman:
I can use the web service with the WS Test application SOAPUI.



If that is the case AND you are NOT using https then capture the HTTP/SOAP request from SOAPUI and then from your Java client with TCPMon (Tutorial). The differences between the two HTTP/SOAP requests may provide you with a clue of what is going wrong.
 
Greenhorn
Posts: 25
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi you can actually try appending the username and password as querystring and give a try:

example with either http or https:

https://localhost/WebService&UserName=ADMIN&Password=ADMIN

if it is https , you must register the certificate with "cacerts"

C:\Program Files\Java\jre1.5.0\lib\security\carcerts using keytool which is found in bin


Regards,
sasank.
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by sasank ch:
Hi you can actually try appending the username and password as querystring and give a try:

https://localhost/WebService&UserName=ADMIN&Password=ADMIN



This will not work in general, because neither BASIC AUTH nor WS-Security Authentication work this way. Only a WS that is especially developed to take its parameters from the URL might allow this, and from the code posted above it seems clear that that is not the case here.
 
Dario Rehman
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Peer Reynders:


If that is the case AND you are NOT using https then capture the HTTP/SOAP request from SOAPUI and then from your Java client with TCPMon (Tutorial). The differences between the two HTTP/SOAP requests may provide you with a clue of what is going wrong.



I couldn't get tcpmon to work so I am using WireShark instead.
I noticed that my client is using HTTP 1.0 while SOAPUI uses HTTP 1.1.
Could this be the reason why it is failing? How can I change the HTTP to 1.1 in Axis? (I am using JBoss and Eclipse 3.2)

Thanks
 
Dario Rehman
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
By looking closer at the tcp output stream I think it is an authentication problem. See the '401 Unauthorized error below'.

My question is how can I set the authentication over HTTP?
In my web service call do I have to set anything besides these lines?






TCP output stream:


[ November 12, 2007: Message edited by: Ulf Dittmer ]
 
Dario Rehman
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Problem solved! Thanks for the help.

For reference, the problem was with the authentication code.

For basic authentication with HTTP the credentials should be set in the org.apache.axis.client.Call object, and not in the stub object as I was doing.

When using the Web Services Client generator in Eclipse the following code should be added to the bindingStub generated class, before the call invoke.


_call.setProperty(org.apache.axis.client.Call.USERNAME_PROPERTY, "user");
_call.setProperty(org.apache.axis.client.Call.PASSWORD_PROPERTY , "password");
 
reply
    Bookmark Topic Watch Topic
  • New Topic