cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

User Names and Passwords in SOAP adapter

Former Member

on ‎10-16-2006 6:31 PM

0 Kudos

Does anyone know how to enable the user name and password option in the soap adapter?

Thanks,

Andrew

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎10-16-2006 7:31 PM
0 Kudos

Hi,

There will be no username or password should be given th e SOAP Communication channel whether it is sender or receiver... if you are working with SOAP and RFC then there might you need to give user name and password

...

and you can cheak your messages working or not through Runtime workbench or by useing SOAPSONAR tool..

Amaresh

Show replies
Show replies
former_member206604
Active Contributor
‎10-16-2006 6:39 PM
0 Kudos

Hi,

User and password in which side? In sender SOAP adapter os Recceiver SOAP adpater. In case of sender SOAP adapter I believe you need to give the User and Passoword (XIAPPLUSER & pass) from the sending system.

Regarding the reseiver SOAP adapter if authentication is needed for the receiver system, you can enter a password. You can find this option under Authentication Keys of receiver adapter. You can also give passwords in Enhanced message header of a SOAP Message.

Regards,

Prakash

Show replies
Show replies
Former Member
‎10-16-2006 6:43 PM
0 Kudos

Yes it is the sender adapter. We have a webservice sending some data to the sender adapter and then we are having an error because it is complaining about the user/pass.

Thanks!

former_member206604
Active Contributor
‎10-16-2006 7:29 PM
0 Kudos

Hi,

The sender system should pass the user/pass. You can testing by SOAP Client that is available in SDN Download section. Or you can use XML Spy

For details check these links

https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/d23cbe11-0d01-0010-5287-873...

/people/siva.maranani/blog/2005/09/03/invoke-webservices-using-sapxi

Regards,

Prakash

Former Member
‎10-16-2006 7:52 PM
0 Kudos

The problem is the sender system is a 3rd party system that cannot send the user/pass - is there away to "turn off" the authentication requirements just for that sender?

antonio_dossantostorrijos
Explorer
‎10-16-2006 9:55 PM
0 Kudos

Hi Scott,

A very very simple solution is append in the XI'WSDL port addres the followind sufix, at the end of the url:

...&sap-client=100&sap-user=xxx&sap-password=yyyy

..other discuss is that this is a security hole...

Regards,

Antonio

Former Member
‎10-16-2006 10:02 PM
0 Kudos

Hi,

in order to turn off the authentication for SOAP interface, please remove the authentication

restriction in web.xml for aii_af_soapadapter.sda.

Extract the SOAP-adapters WAR-file from the corresponding sda. Then extract the deployment-descriptor from the war-file and delete the related security-constraint, login-config and security-role sections (makes absolutely sense to save the original descriptor beforehand). ZIP the files again with the new deployment descriptor and deploy the SDA via SDM.

comment the following portion.( It's already commented below).

<! security-constraint >

<!

<security-constraint>

<display-name>message</display-name>

<web-resource-collection>

<web-resource-name>message</web-resource-name>

<url-pattern>MessageServlet</url-pattern>

</web-resource-collection>

<auth-constraint>

<role-name>xi_adapter_soap_message</role-name>

</auth-constraint>

</security-constraint>

<security-constraint>

<display-name>helper</display-name>

<web-resource-collection>

<web-resource-name>helper</web-resource-name>

<url-pattern>HelperServlet</url-pattern>

</web-resource-collection>

<auth-constraint>

<role-name>xi_adapter_soap_helper</role-name>

</auth-constraint>

</security-constraint>

>

<! login-config >

<!

<login-config>

<auth-method>BASIC</auth-method>

<realm-name>XISOAPApps</realm-name>

</login-config>

>

<! security-role >

<!

<security-role>

<role-name>xi_adapter_soap_message</role-name>

</security-role>

<security-role>

<role-name>xi_adapter_soap_helper</role-name>

</security-role>

>

The safest way to change this web.xml is described as followed, you

could do the changes also direct on the file system, but it will need

reboot of J2EE and does not guarantee to work.

The web.xml is located in the aii_af_soapadapter.sda, please extract

this sda file with normal zip function. There is one

aii_af_soapadapter.war inside, please extract this war file again,

change the web.xml as described above. Please zip the folder with

modified web.xml for aii_af_soapadapter.war and than for the

aii_af_soapadapter.sda. Please do not modify the folder structure.

Deploy this modified sda with SDM. After the deployment you can double

check whether changes for web.xml is done on the file system, this

web.xml is located under

/usr/sap/xxx/DVEBMGS00/j2ee/cluster/server0/apps/sap.com/com.sap

.aii.af.soapadapter/servlet_jsp/XISOAPAdapter/root/WEB-INF.

I am not sure whether you will need to restart the J2EE after this

deployment to make the changes from web.xml active, please try it out.

Former Member
‎10-17-2006 4:44 PM
0 Kudos

Won't this turn off authentication for ALL of our Soap adapters? Is there a way to only turn it off for this one communication channel?

Thanks for your help.

Ask a Question