cancel
Showing results for 
Search instead for 
Did you mean: 

Web Service SOAP Sender Authorization

0 Kudos

Hi all

I have been implementing a Web Service (SOAP Sender CC) that should be consumed by an external party. I have been testing it successfully using XMLSpy with the drawback of the authentication box coming up even though I have added sap-user and sap-password to the URL as following:

http://<host>:50000/XISOAPAdapter/MessageServlet?channel=:SOAP_Service:CC_SOAP_Sender&sap-user=<name...;

The user that I have created for this has the profile SAP_XI_APPL_SERV_USER assigned.The request is successfully executed when I enter <name> and <pass> in the box. My understanding of it would be that the box does not show up if the login parameters are provided with the URL. Do I have to do any additional settings so that the login information will be taken from the URL parameters automatically instead bringing up the authoritzation box?

My CC settings are as following:

Adapter Type: SOAP (SAP BASIS 7.00)

Sender

Transport Protocol: HTTP

Message Protocol: SOAP 1.1

Adapter Engine: Integration Server

HTTP Security Level: HTTP

Conversion Parameters: Keep Headers

Quality of Service: Best Effort

Any feedback would be appreciated.

Thank you,

Daniel

Accepted Solutions (0)

Answers (1)

Answers (1)

bhavesh_kantilal
Active Contributor
0 Kudos

Unfortunately this will not work with the URL you are using.

If you want to add the user name and password to the URL, then you need to use the URL as described in this blog by Stefan Grube. In this case you don't need a Sender SOAP adapter though.

Regards

Bhavesh

0 Kudos

Bhavesh

So is it then possible to setup a Web Service in such a way that it does not need authorization (name/password)? How would I do that if possible?

Thanks,

Daniel

bhavesh_kantilal
Active Contributor
0 Kudos

Hello Daniel,

1. You can add username and password to the SOAP URL and expose your XI Interface as a webservice. Just that the URL is different than the one you are using and you do not need a Sender SOAP adapter but the blog I have listed above.

2. You can turn of Basic authentication on Sender SOAP adapter's but it is not recommended as it would turn off all authentication for SOAP scenarios and it can lead to security risks.

I have seen a few forum threads describing how to turn of Basic authentication for SOAP adapters but from what I have heard from SAP, they do not recommend using this option.

Regards

Bhavesh

Former Member
0 Kudos

Hi Daniel,

Were you able to get this to work? I have been trying to, but with no luck. I changed the URL to call the IE instead of the SOAP adapter based on Stefan's article, but the username/password popup still comes up.

I would appreciate any help you can give.

Thank you,

Rhonda