cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

401 Unauthorized in SOAP Sender Adapter

Former Member

on ‎05-18-2010 11:00 AM

0 Kudos

We are using a Sales Orer Injection Scenario in which we are receiving the Sales Order in the form of Web Service created in SAP PI.

When the clients .NET application is trying to access the web service it is throwing 401 Unauthorized (Error: Unauthorized). We are able to access using the same user name and password over the internet.

Lagacy System (SOAP Adapter) -> SAP PI 7.11 -> (Proxy) ECC

I hve already tested follwoing configuration setting:

1. User trying t access XI is having SAP_XI_APPL_SERV_USER role.

2. None of the users are locked

3. Transaction SICF -> default_host -> sap -> xi (user name and password is maintained of the user who is trying to access XI.

Please let me know if above points are correct.

Also suggest any new configurations if I need to cehck.

thanks a lot

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (7)

Answers (7)

Former Member
‎05-25-2010 7:30 PM
0 Kudos

Hi Sarma

soap adapter doesnu2019t support certain authentication features like Microsoft NT LAN Manager authentication schema . Need to go for SOAP-AXIS adapter.

http://help.sap.com/saphelp_nw2004s/helpdata/en/02/6d5c034c182e4fbe7bfd25c2b56f9b/frameset.htm

Below SAP Notes are FAQ on XI Axis Adapter & how to install them on PI.

SAP Note: 1039369 FAQ XI Axis Adapter

SAP Note: 1028961 describes How to prepare axisproviderlib.sda for Adapter Framework

Thanks

Giridhar

Show replies
Show replies
Former Member
‎06-11-2010 10:21 AM
0 Kudos

The issue was in .NET code or .NET framework and was resolved by Microsoft team.

Thanks a lot for every ones support!!

former_member372093
Explorer
‎07-05-2011 8:53 PM
0 Kudos

Hi Sharma,

Do you know where the problem was fixed?

I have the same problem here.

Thanks.

Former Member
‎04-27-2012 4:49 PM
0 Kudos

Hi Sharma,

we have a similar problem. PI interfases are working in our dev env. from intranet and from internet, but in QA we have a 401 Unauthorized from internet, so far we haven´t found any clue.

Thanks!

iaki_vila
Active Contributor
‎04-27-2012 4:54 PM
0 Kudos

Hi Jonatan,

Have you checked if it is a firewall problem?

Have you checked the user roles in QA?

Regards.

former_member499364
Participant
‎11-11-2020 4:16 PM
0 Kudos

Hi Experts,

error.jpgWe are getting error :Axis: error in invocation: (401)Unauthorized in SAP PO 7.5, the scenario was working all this while BUT we started getting this error upon updating the third party URL to a new cloud URL.

Axis: error in invocation: org.apache.axis.ConfigurationException: handler is not instantiated org.apache.axis.ConfigurationException: handler is not instantiated at com.sap.aii.adapter.axis.modules.HandlerCore.process

former_member4985
Employee
Employee
‎05-24-2010 7:35 PM
0 Kudos

Hello there.

Please apply one of the following notes according to your XI/PI version:

999962 - PI 7.10: Change passwords of PI service users

936093 - XI 7.0: Changing the passwords of XI service users

721548 - XI 3.0: Changing the passwords of the XI service users

It'll possible solves the 401 Unauthorized error.

With regards,

Caio Cagnani

Show replies
Show replies
Former Member
‎05-25-2010 8:42 AM
0 Kudos

When we DISPLAY WSDL in sender agreement, it gives you a URL.

http://xxxpidev:port/dir/wsdl?p=sa/55f89abe825b39c8913db688f608e9f9

Just for the clarification, is this is the URL which we share with client who wants to use our web service?

When we use this URL in IE it shows the whole of WSDL.

OR

We share the URL which is generated automatically and been coded as location in our WSDL file.

<soap:address xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" location="http://xxxpidev:port/XISOAPAdapter/MessageServlet?senderParty=&senderService=BS_ABC_XY_Dev&receiverParty=&receiverService=&interface=SI_IA_SalesOrder_Out&interfaceNamespace=http%3A%2F%2FINDIA%2FAB%2FSO" />

In the second URL when we use it in IE it shows message as:

Message Servlet is in Status OK

Query is which URL client will use to access our Web Service?

As per my understanding it is the second one but client say that when he uses the second url in their .net application it throws error of wrong URL.

Please help me understanding the issue.

Regards

Edited by: Chanakya Sharma on May 25, 2010 9:43 AM

Former Member
‎05-24-2010 5:53 AM
0 Kudos

Generate the WSDL again not from the sender agreement but using the main menu >tools>Display WSDL provide the URL in the format


 http://host:port/XISOAPAdapter/MessageServlet?channel=party:service:channel

then enter the outbound interface name,sender communication component,interface name and its namespace.

campare ur generated Target uRL with example given below.


http://host:50000/XISOAPAdapter/MessageServlet?channel=:BC_DEV_PAC:CC_Sndr_SOAP_I08_CustomerWebServices_PaymentTerms&version=3.0&Sender.Service=BC_DEV_PAC&Interface=http%3A%2F%2Ftest.com%2FI08_CustomerWebServices%5ESI_OS_I08_CustomerWS_PaymentTerms

but if you generate WSDL using sender agreement sometimes port will be different and we will get the error while testing using Soap UI.Example


https://yashsappi7:*443*/XISOAPAdapter/MessageServlet?senderParty=&amp;senderService=BS_Service&amp;receiverParty=&amp;receiverService=&amp;interface=SI_S_GetCityTime&amp;interfaceNamespace=http%3A%2F%2FYash.com%2FMultipleOperations

I have experienced the same problem .Hope this will help you to resolve your issue.

Show replies
Show replies
stefan_grube
Active Contributor
‎05-19-2010 12:28 PM
0 Kudos

> When the clients .NET application is trying to access the web service it is throwing 401 Unauthorized (Error: Unauthorized). We are able to access using the same user name and password over the internet.

Your .NET application has to provide user and password as HTTP parameters.

Ask the developers of the application to add this to the code.

Show replies
Show replies
Former Member
‎05-19-2010 12:52 PM
0 Kudos

At .net end they have included credentials of User Name, Password and Domain Name in their code.

stefan_grube
Active Contributor
‎05-19-2010 12:54 PM
0 Kudos

Check the HTTP stream with a tool like TCPGateway to see if the user and password in the HTTP header are correct.

Former Member
‎05-23-2010 11:59 AM
0 Kudos

In the WSDL hich was generated in ID there are two soap address locations;

1. 

<wsdl:port name="HTTP_Port" binding="p1:SI_IA_SalesOrder_OutBinding">
  <soap:address xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" location="http://host:50000/XISOAPAdapter/MessageServlet?senderParty=&senderService=BS_XXX_YY_Dev&receiverParty=&receiverService=&interface=SI_IA_SalesOrder_Out&interfaceNamespace=http%3A%2F%2FXXX%2FYY%2FSalesOrder" /> 
  </wsdl:port>

2

<wsdl:port name="HTTPS_Port" binding="p1:SI_IA_SalesOrder_OutBinding">
  <soap:address xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" location="https://host:443/XISOAPAdapter/MessageServlet?senderParty=&senderService=BS_XXX_YY_Dev&receiverParty=&receiverService=&interface=SI_IA_SalesOrder_Out&interfaceNamespace=http%3A%2F%2FXXX%2FYY%2FSalesOrder" />

But we havent configured 443 port for HTTPS for SSL.

I was wondering can I change the second soap address location as port number 50000? I think client's application may be trying to hit 443 port and then it might be throwing 401 Unthorized error. Hope it doesnt corrupt web service?

After changing port number to 50000 for both the soap address locations, I am able to log on and get response in SOAP UI tool.

Hope it will works properly in the system.

Thanks

Edited by: Chanakya Sharma on May 24, 2010 6:16 AM

Former Member
‎05-24-2010 5:19 AM
0 Kudos

Waiting for response!!

Please help!

Shabarish_Nair
Active Contributor
‎05-19-2010 11:09 AM
0 Kudos

have you shared the authentication with the source application?

Also try the target URL of the WS as

http://<host>:<PORT>/sap/xi/engine?type=entry&amp;version=3.0&amp;Sender.Service=<XXX>&amp;Interface...;

ref: /people/stefan.grube/blog/2006/09/21/using-the-soap-inbound-channel-of-the-integration-engine

Show replies
Show replies
markangelo_dihiansan
Active Contributor
‎05-19-2010 10:58 AM
0 Kudos

Hi,

You can always try using an external tool such as SOAP UI to execute your WSDL.

Let us know of the results.

Hope this helps,

Show replies
Show replies
Former Member
‎05-19-2010 12:01 PM
0 Kudos

I am getting following while accessing from SOAPUI

HTTP/1.1 401 Unauthorized
server: SAP NetWeaver Application Server 7.11 / AS Java 7.11
date: Wed, 19 May 2010 11:03:47 GMT
www-authenticate: Basic realm="XISOAPApps"
connection: close
pragma: no-cache
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
set-cookie: saplb_*=(xxxpidev_XDA_00)1234750; Version=1; Path=/

thanks

Shabarish_Nair
Active Contributor
‎05-19-2010 12:21 PM
0 Kudos

the user should have the same role as XIAPPLUSER / PIAPPLUSER

Specific role will be xi_adapter_soap_message

Former Member
‎05-19-2010 12:50 PM
0 Kudos

I am working on SAP PI 7.11 version and the role XI_ADAPTER_SOAP_MESSAGE has been chaged to SAP_XI_APPL_SERV_USER.

The new role has been assigned to the user whose details are being used to hit the web service.

Regards

prateek
Active Contributor
‎05-18-2010 11:15 AM
0 Kudos

What is the URL you used while generating the WSDL? The port or any other detail could be incorrect.

Regards,

Prateek

Show replies
Show replies
Former Member
‎05-19-2010 10:51 AM
0 Kudos

Hi Prateek,

I am generating the URL using Display WSDL from Sender Agreement. Hope it is correct!!

Thanks a lot

Ask a Question