on 10-12-2011 11:52 AM
Hi,
In our 5.2 environment I am getting an authentication failed message when running web-service calls.
This particular is for the OperationServiceService, but the same occurs for other web-services also.
The default trace says:
#2.0 #2011 10 12 12:45:55:107#+0200#Error#com.sap.engine.services.webservices.espbase.server.runtime.RuntimeProcessingEnvironment#
#BC-ESI-WS-JAV-RT#webservices_lib#1CC1DE05B10C00DF0000000100001B4C#6538650000000005#sap.com/me~ear#com.sap.engine.services.webservices.espbase.server.runtime.RuntimeProcessingEnvironment#Guest#0##5C88BA2DF4BF11E0C10A00000063C59A#5c88ba2df4bf11e0c10a00000063c59a#5c88ba2df4bf11e0c10a00000063c59a#0#Thread[HTTP Worker [@320388412],5,Dedicated_Application_Thread]#Plain##
process()
[EXCEPTION]
com.sap.engine.interfaces.webservices.runtime.ProtocolException: Authentication failed. For details see log entry logID=1CC1DE05B10C00DF0000000000001B4C in security log.
at com.sap.engine.services.wssec.srt.protocols.ProviderSecurityProtocol.logThrowable(ProviderSecurityProtocol.java:1103)
at com.sap.engine.services.wssec.srt.protocols.ProviderSecurityProtocol.afterDeserialization(ProviderSecurityProtocol.java:719)
at com.sap.engine.services.webservices.espbase.server.runtime.ProtocolProcessor.protocolsAfterDeserialization(ProtocolProcessor.java:156)
at com.sap.engine.services.webservices.espbase.server.runtime.RuntimeProcessingEnvironment.preProcess(RuntimeProcessingEnvironment.java:439)
at com.sap.engine.services.webservices.espbase.server.runtime.RuntimeProcessingEnvironment.process(RuntimeProcessingEnvironment.java:260)
at com.sap.engine.services.webservices.runtime.servlet.ServletDispatcherImpl.doPostWOLogging(ServletDispatcherImpl.java:178)
at com.sap.engine.services.webservices.runtime.servlet.ServletDispatcherImpl.doPostWithLogging(ServletDispatcherImpl.java:114)
at com.sap.engine.services.webservices.runtime.servlet.ServletDispatcherImpl.doPost(ServletDispatcherImpl.java:72)
at com.sap.engine.services.webservices.servlet.SOAPServletExt.doPost(SOAPServletExt.java:90)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:754)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.runServlet(FilterChainImpl.java:162)
at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.doFilter(FilterChainImpl.java:81)
at com.sap.me.webservice.ClearServiceContextFilter.doFilter(ClearServiceContextFilter.java:28)
at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.doFilter(FilterChainImpl.java:73)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:468)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:298)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:399)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:388)
at com.sap.engine.services.servlets_jsp.filters.DSRWebContainerFilter.process(DSRWebContainerFilter.java:48)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.servlets_jsp.filters.ServletSelector.process(ServletSelector.java:84)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.servlets_jsp.filters.ApplicationSelector.process(ApplicationSelector.java:244)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.filters.WebContainerInvoker.process(WebContainerInvoker.java:78)
at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.filters.ResponseLogWriter.process(ResponseLogWriter.java:60)
at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.filters.DefineHostFilter.process(DefineHostFilter.java:27)
at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.filters.MonitoringFilter.process(MonitoringFilter.java:29)
at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.filters.MemoryStatisticFilter.process(MemoryStatisticFilter.java:43)
at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.filters.DSRHttpFilter.process(DSRHttpFilter.java:42)
at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.server.Processor.chainedRequest(Processor.java:428)
at com.sap.engine.services.httpserver.server.Processor$FCAProcessorThread.process(Processor.java:247)
at com.sap.engine.services.httpserver.server.rcm.RequestProcessorThread.run(RequestProcessorThread.java:45)
at com.sap.engine.core.thread.execution.Executable.run(Executable.java:122)
at com.sap.engine.core.thread.execution.Executable.run(Executable.java:101)
at com.sap.engine.core.thread.execution.CentralExecutor$SingleThread.run(CentralExecutor.java:327)
Caused by: com.sap.engine.services.wssec.policy.exception.VerifyException: [ASJ.wssec.020441] Authentication failed. For details see log entry logID=1CC1DE05B10C00DF0000000000001B4C in security log.
at com.sap.engine.services.wssec.srt.protocols.ProviderSecurityProtocol.authenticate(ProviderSecurityProtocol.java:258)
at com.sap.engine.services.wssec.srt.protocols.ProviderSecurityProtocol.afterDeserialization(ProviderSecurityProtocol.java:687)
And the security log says:
#2.0 #2011 10 12 12:45:55:107#+0200#Warning#/System/Security/WS#
#BC-ESI-WS-JAV#tcsecwssecservice#1CC1DE05B10C00DF0000000000001B4C#6538650000000005#sap.com/meear#com.sap.engine.services.wssec.authentication.logFailure#Guest#0##5C88BA2DF4BF11E0C10A00000063C59A#5c88ba2df4bf11e0c10a00000063c59a#5c88ba2df4bf11e0c10a00000063c59a#0#Thread[HTTP Worker [@320388412],5,Dedicated_Application_Thread]#Plain##
Authentication for web service OperationServiceService, configuration OperationService using security policy BASIC___ws failed: Login failed.. (See SAP Note 880896 for further info).
#
Br,
Johan
Johan, HTTP doesn't send authentication information with the initial request unless forced. So the server responds with an HTTP 401 telling the client to resend with the necessary authentication information. Then soapUI resends with the credentials. You can force soapUI (and most clients) to "pre-emptively authenticate" - you'll find that option in soapUI's preferences on the "HTTP Settings" tab.
-tim
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
This error is most likely generated because the web service request is initially requested without authorization. The request is rejected with an authenitcaion failure, and the client re-sends the request with authentication a second time and the request is successfully received. This would explain why the web service request reports success.
If you are using Soap UI, you can request pre-authentication by selecting "Authenticate Pre-emptively" in Soap UI Preferences. You should also be able to set your web service client application to make a pre-authentication request as well.
Hope this helps!
-- Steve
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
How does login module stack look like for the war with web services?
Also, could you please check security logs? They usually can be found at \J00\j2ee\cluster\server0\log\system\
Thanks,
Bakhtiyar
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Johan,
I would follow the suggestion from SAP Note 880896 to increase log severity to INFO and collect more details about the error.
Regards,
Sergiy
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
99 | |
11 | |
11 | |
6 | |
6 | |
4 | |
4 | |
3 | |
3 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.