Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Consuming webservice from ECC ABAP with UsernameToken security profile

Former Member

‎07-13-2011 5:39 PM

0 Kudos

Hi,

We are using ECC with SAP_ABA 6.40 and are consuming Webservices from a external party. This always worked except now this external party is using the UsernameToken security profile in the SOAP header for authentication. Basicly this means the following addon to the SOAP header message in our outbound message:

<soapenv:Header>

<soapenv:Security>

<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">

<wsse:UsernameToken>

<wsse:Username>####</wsse:Username>

<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">####</wsse:Password>

</wsse:UsernameToken>

</wsse:Security>

</soapenv:Header>

We are using a Logical Port to define the end-point URL from the external party and add a WS Security profile to the available soap methods in LPCONFIG.

In this WS Security Profile we added the requested username and password in the hope this will be automaticle be added in the header of the SOAP envelope.

Unfortunally the request of our WS Response is as follow: "SoapFaultCode:4 Anonymous access is denied for the method". This means that the security header is not correct or not available.

Does anyone have a idea of our version of SAP supports the UsernameToken profile? And how can we configure our webservice to add the right header to the request?

Thanks in advance!

Best regards,

Joost Weghorst

4 REPLIES 4

mvoros
Active Contributor

‎07-14-2011 12:46 AM

0 Kudos

Hi,

I guess that you request username/password on transport level. So the system tries to authenticate using HTTP header. You need to switch to document level (message level). In this case it should add additional fields to SOAP header.

Cheers

Former Member
In response to mvoros

‎07-14-2011 9:49 AM

0 Kudos

Hi Martin,

Yes we do need the authentication on SOAP level and not on HTML level. Could you tell me where i can configure the authentication on SOAP level.

Currently we fixed the problem by programming the header within the ABAP program, this solved our problem!.

Former Member
In response to mvoros

‎05-30-2013 3:27 PM

0 Kudos

Hoe did you code this in abap??  Thanks

former_member452660
Member
In response to mvoros

‎10-27-2014 8:19 AM

0 Kudos

Hi Joost,

Can you please let us know how you solved this above problem.

Currently i am facing the similar kind of issue when trying to implement the SOAP header authentication.

Please kindly let me know how you solved this above issue.

My Issue details as below :

We are trying to write SOAP Header Authentication to an consuming web service.

In This process we are facing a SOAP exception, which is as mentioned below :

Code      :     SoapFaultCode:4 

Errortext :     NOT_LOGGED_IN

This same peace of code which we have written is tested in the SOAP UI tool - here its executing perfectly fine.

Where as when i try to execute the same code through the sap, i am finding the above EXCEPTION.

Please find my below the  code which i am trying to execute.

*****************************************************************************************************************************************************************

METHOD call_op.

     DATA: lo_avail TYPE REF TO zop_co_op_oms_integrationport,
           go TYPE REF TO zop_co_op_oms_integrationport,
           lo_cx_ai_system_fault TYPE REF TO cx_ai_system_fault,
           lo_cx_oms_excep TYPE REF TO zop_cx_oms_generic_order_excep,
           lo_cx_ai_application_fault TYPE REF TO cx_ai_application_fault.

     DATA: ls_request TYPE zop_oms_generic_order,
           ls_response TYPE zop_oms_generic_order_respon12,
           ls_header TYPE zop_response_header.

     DATA: ls_inq1 TYPE zop_response,
           lt_inq1 TYPE zop_response_t.

     DATA: ls_inq2 TYPE zop_response,
           lt_inq2 TYPE zop_response_t.

     DATA: ls_inq3 TYPE zop_response,
           lt_inq3 TYPE zop_response_t.

     DATA: lv_skip(1) TYPE c.

* Build Request
     CLEAR lv_skip.
     if sy-tcode = 'VA11' or sy-tcode = 'VA12' or sy-tcode = 'VA13'.
       if   ( im_transaction_type = 'CANCEL' and  im_change_type = 'CANCEL' ) or im_transaction_type = 'SAVE'
          or ( im_transaction_type = 'CHANGE' and  im_change_type = 'CANCEL' .
         exit.
       endif.

       im_transaction_type = 'INQUIRY'.
       im_change_type = 'ADD' .
     endif.
     CALL METHOD build_request
       EXPORTING
         im_transaction_type = im_transaction_type
         im_change_type      = im_change_type
         im_atpdoc           = im_atpdoc
         im_opid             = im_opid
         im_vbeln            = im_vbeln
         im_trtyp            = im_trtyp
         im_itmsplt          = im_itmsplt
         im_filtplcy         = im_filtplcy
         im_sortplcy         = im_sortplcy
         is_kuwev            = is_kuwev
         is_vbak             = is_vbak
         is_vbpa             = is_vbpa
         is_atpcfg           = is_atpcfg
         it_mverf            = it_mverf
         it_mverf_header     = it_mverf_header
         im_promplcy         = im_promplcy
         im_promplcyused     = im_promplcyused
         im_mansched         = im_mansched
       IMPORTING
         es_input            = ls_request
         ev_skip             = lv_skip.



****************************** Soap Header Authentication  *********************************************

     DATA: lo_prot TYPE REF TO if_wsprotocol_ws_header,
           user TYPE string ,
           password TYPE string.

     DATA: ixml TYPE REF TO if_ixml,
           xml_document TYPE REF TO if_ixml_document,
           xml_root TYPE REF TO if_ixml_element,
           xml_element TYPE REF TO if_ixml_element,
           xml_node TYPE REF TO if_ixml_node.
     DATA: lv_raw TYPE string,
           lv_x   TYPE xstring,
           name TYPE string,
           namespace TYPE string.


*    create instance
*    CREATE OBJECT go
*    exporting
*      logical_port_name = 'OP_OMS_PORT'.
     CREATE OBJECT go."go is a reference to your abap proxy
     data: lr type REF TO if_proxy_basis.
     lr = go.


     lo_prot ?= go->get_protocol( if_wsprotocol=>ws_header )."

     user = 'System'.
     password = 'password'.

     CONCATENATE

        '<soapenv:Header>'
        '<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">'
        '<wsse:UsernameToken>'
        '<wsse:Username>System</wsse:Username>'
        '<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password>'
         '</wsse:UsernameToken>'
          '</wsse:Security>'
         '</soapenv:Header>'

          INTO lv_raw.
*     '</soapenv:Envelope>'
*    '<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:op="http://www.i2.com/OP_OMS_INTEGRATION">'
*    'xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"'
*    'xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">'
*'<soapenv:Header>'
*
*'<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"'



*'xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"'

*  CONCATENATE
*          '<soapenv:Header>'
*          '<wsse:Security xmlns:wsse="http://www.i2.com/OP_OMS_INTEGRATION"'
*          'xmlns:wsu="http://www.i2.com/OP_OMS_INTEGRATION"'
*          'xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">'
*          '<wsse:UsernameToken>'
*          '<wsse:Username>' user '</wsse:Username>'
*          '<wsse:Password>' password '</wsse:Password>'
**'<wsse:Nonce>' XXXXX'</wsse:Nonce>'
**'<wsu:Created>' XXXXX '</wsu:Created>'
*          '</wsse:UsernameToken>'
*          '</wsse:Security>'
*          '</soapenv:Header>'
*      INTO lv_raw.


*    CONCATENATE
*    '<soap:Header>'
*    '<AuthenticationInfo xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/">'
*    '<userName>' user '</userName>'
*    '<password>' password '</password>'
*    '</AuthenticationInfo>'
*    '</soap:Header>' INTO lv_raw.


     lv_x = cl_proxy_service=>cstring2xstring( lv_raw ).
     CALL FUNCTION 'SDIXML_XML_TO_DOM'
       EXPORTING
         xml           = lv_x
       IMPORTING
         document      = xml_document
       EXCEPTIONS
         invalid_input = 1
         OTHERS        = 2.
     IF sy-subrc = 0 AND NOT xml_document IS INITIAL.
       xml_root = xml_document->get_root_element( ).
       xml_element ?= xml_root->get_first_child( ).
*add header element by element to soap header
       WHILE NOT xml_element IS INITIAL.
         name = xml_element->get_name( ).
         namespace = xml_element->get_namespace_uri( ).
         lo_prot->set_request_header( name = name namespace =
              namespace dom = xml_element ).
         xml_element ?= xml_element->get_next( ).
       ENDWHILE.
     ENDIF.



****************************** Soap Header Authentication  *********************************************


     CREATE OBJECT lo_avail.
     TRY.
         CALL METHOD lo_avail->oms_generic_order
           EXPORTING
             input  = ls_request
           IMPORTING
             output = ls_response.
       CATCH cx_ai_system_fault INTO lo_cx_ai_system_fault.
       CATCH zop_cx_oms_generic_order_excep INTO lo_cx_oms_excep .
       CATCH cx_ai_application_fault INTO lo_cx_ai_application_fault.
     ENDTRY.

     IF lv_skip IS INITIAL.
       CLEAR gv_error.
       IF lo_cx_ai_system_fault IS NOT INITIAL.
         MESSAGE lo_cx_ai_system_fault->errortext TYPE 'I'.
         gv_error = 'X'.
       ENDIF.

       IF lo_cx_oms_excep IS NOT INITIAL.
         IF im_transaction_type NE c_cancel.
           IF lo_cx_oms_excep->error_description IS NOT INITIAL.
             MESSAGE lo_cx_oms_excep->error_description TYPE 'I'.
             gv_error = 'X'.
           ELSEIF lo_cx_oms_excep->status = 'Error'.
*          gv_error = 'X'.
           ENDIF.
         ENDIF.
       ENDIF.

       IF lo_cx_ai_application_fault IS NOT INITIAL.
         gv_error = 'X'.
       ENDIF.

       CLEAR ex_error.
       IF gv_error IS NOT INITIAL.
         MESSAGE 'Error calling OP Engine' TYPE 'I'.
         ex_error = 'X'.
       ENDIF.

     ELSE.
       CLEAR ex_error.
     ENDIF.

     FREE lo_avail.

*  DATA: lv_id TYPE indx-srtfd.
*  CONCATENATE sy-datum sy-uzeit INTO lv_id.
*  EXPORT ls_request FROM ls_request
*         ls_response FROM ls_response
*         TO DATABASE indx(op) ID lv_id.

     REFRESH: lt_inq1, lt_inq2, lt_inq3.

     IF lv_skip IS INITIAL.
* Build response structures
       CALL METHOD build_response
         EXPORTING
           is_request  = ls_request
           is_response = ls_response
           it_mverf    = it_mverf
         IMPORTING
           es_header   = ls_header
           et_inq1     = lt_inq1[]
           et_inq2     = lt_inq2[]
           et_inq3     = lt_inq3[].

       es_header = ls_header.
       et_inq1[] = lt_inq1[].
       et_inq2[] = lt_inq2[].
       et_inq3[] = lt_inq3[].
     ELSE.
       DATA: ls_mverf_header TYPE hv03v.
       READ TABLE it_mverf_header INTO ls_mverf_header INDEX 1.
       LOOP AT gt_inq1 INTO gs_inq1 WHERE source = ls_mverf_header-werks and promitem = ls_mverf_header-matnr.
         gs_inq1-werks = gs_inq1-source.
         APPEND gs_inq1 TO lt_inq1.
       ENDLOOP.
       loop at gt_multiple_plant into gs_multiple_plant.
         read table gt_atpdoc into gs_atpdoc with key posnr = gs_multiple_plant-split_posnr.
         if sy-subrc ne 0.
           clear gs_atpdoc.
           gs_atpdoc-atpdoc = gv_atpdoc.
           gs_atpdoc-posnr = gs_multiple_plant-split_posnr.
           gs_atpdoc-updkz = 'I'..
           append gs_atpdoc to gt_atpdoc.
         endif.
       endloop.
       et_inq1[] = lt_inq1[].
       ev_skip = lv_skip.
     ENDIF.

   ENDMETHOD.                    "call_op

**************************************************************************************************************

Please kindly let me know how you solved this above issue.

Warm Regards,

Vinay.K