cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Enable Anonymous logon for XISOAPAdapter

Former Member

on ‎03-28-2005 4:27 PM

0 Kudos

Hello,

We have published an outbound interface as a SOAP adapter and

having few transormation and having inbound interface linked to RFC

adapter to talk to a RFC in R3.

We tested using XMLSPY and everything is working fine. But when

ever we try, it ask us to supply userID/Password (

With title as "Enter the network password"

and Site: XI server

and Realm: XISOAPApps ).

TheURL that we post the SOAP Request is

http://doiqasapdb01:50000/XISOAPAdapter/MessageServlet?

channel=:TPBS_PRISM:CC_SOAP_S_PRISM_PO_CHANGE&version=3.0&Sender

.Service=TPBS_PRISM&Interface=http%3A%2F%2Fwww.doi.gov%2Ffbms%

2Fprism%5EMI_PO_CHANGE_OUT

We tried looking into the J2EE admin tool for any place where we

can setup the Anonymous logon information for this MessageServlet, But

with no luck.

I would really really appreciate if you can direct us to how we can

suppress the UserId/Password authentication.

Thanks,

Ramesh Balasubramanian

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (6)

Answers (6)

rafael_trbswasser
Explorer
‎04-23-2010 2:17 PM
0 Kudos

Hi.

The only way to achive that is to add an custom developed login module to the JAAS-Stack which allows anonymous login with a default user.

Kr,

Rafael

Edited by: Rafael Trübswasser on May 11, 2010 11:44 PM

Show replies
Show replies
Former Member
‎02-10-2007 2:12 AM
0 Kudos

Have you try following setting by change the <auth-method>BASIC</auth-method>

to:

<!-- login-config -->

<login-config>

<auth-method>none</auth-method>

<realm-name>XISOAPApps</realm-name>

</login-config>

Show replies
Show replies
martin_summererzwei
Explorer
‎03-18-2009 4:53 PM
0 Kudos

<!-- login-config -->

<login-config>

<auth-method>none</auth-method>

<realm-name>XISOAPApps</realm-name>

</login-config>

This does not work as its not a possible value:

The possible values are BASIC, DIGEST, FORM and CLIENT-CERT. For information about the different methods, see the JavaServlet 2.3 Specification at http://java.sun.com.

see:

[http://help.sap.com/saphelp_nw70/helpdata/EN/3e/ee7aa1ab8b4442bab00ba3171cef72/frameset.htm]

Edited by: Martin Summererzwei on Mar 18, 2009 5:54 PM

Former Member
‎04-18-2005 9:12 PM
0 Kudos

Good news!! This can be done by removing the authentication restrication in web.xml for XISoapAdapter.

Thanks for all the help!

Thanks,

Samir

Show replies
Show replies
RPI
Associate
Associate
‎04-19-2005 11:03 AM
0 Kudos

Hi Samir,

I've got the same problem like you. Can you please give me more details to solve it? Where can I find the web.xml file? Which lines do I have to delete? Do I have to restart the J2EE or when will the web.xml file be read?

thanks for your help,

Ralf

Former Member
‎04-22-2005 4:31 PM
0 Kudos

You can find the web.xml under following location.

/usr/sap/XD2/DVEBMGS00/j2ee/cluster/server0/apps/sap.com/com.sap.aii.af.soapadapter/servlet_jsp/XISOAPAdapter/root/WEB-INF

comment the following portion.( It's already commented below).

<!-- security-constraint -->

<!--

<security-constraint>

<display-name>message</display-name>

<web-resource-collection>

<web-resource-name>message</web-resource-name>

<url-pattern>MessageServlet</url-pattern>

</web-resource-collection>

<auth-constraint>

<role-name>xi_adapter_soap_message</role-name>

</auth-constraint>

</security-constraint>

<security-constraint>

<display-name>helper</display-name>

<web-resource-collection>

<web-resource-name>helper</web-resource-name>

<url-pattern>HelperServlet</url-pattern>

</web-resource-collection>

<auth-constraint>

<role-name>xi_adapter_soap_helper</role-name>

</auth-constraint>

</security-constraint>

-->

<!-- login-config -->

<!--

<login-config>

<auth-method>BASIC</auth-method>

<realm-name>XISOAPApps</realm-name>

</login-config>

-->

<!-- security-role -->

<!--

<security-role>

<role-name>xi_adapter_soap_message</role-name>

</security-role>

<security-role>

<role-name>xi_adapter_soap_helper</role-name>

</security-role>

-->

Restart the J2EE after this.

This will help.

Thanks,

samir

martin_summererzwei
Explorer
‎03-18-2009 4:59 PM
0 Kudos

I have also commented the Login part of the deployment descriptor as described by Samir. But I was not able to login nevertheless.

Samir did you suceed with commenting the lines? Which settings did you have in VA Security Provider Service for module "sap.com/com.sap.aii.af.soapadapter*XISOAPAdapter"? I have tried there additionally to add the AnonymousLoginModule, but this did not help either. I have also tried to delete alll login modules there - in vain!

Any ideas?

Former Member
‎05-17-2010 10:38 PM
0 Kudos

Hi,

Are you really modifying web,xml to turn off the authentication completely?

This is a bad approach because:

- all your channels will become unprotected.

- your modification in web.xml will be replaced by your next patch update.

To solve your issue more elegantly, you can just use the axis adapter.

To turn off the default basic authentication, you can just remove the basic authentication from its login stack configuration (either at VA or NWA depending on the codeline). You can turn on the basic authentication or ws-security username token authentication for some selected channels.

You can find the more information in the note #1039369 (FAQ axis adapter).

Regards, Yza

Former Member
‎04-18-2005 2:30 PM
0 Kudos

Hi Frank,

Can you direct to the link which explains the appending userID/PassWd in soap Meassage for SoapAdapter.

Thanks,

Samir

Show replies
Show replies
Former Member
‎04-18-2005 2:37 PM
0 Kudos

Hi Samir,

Here is a link where it was part of the discussion:

https://www.sdn.sap.com/sdn/collaboration.sdn?node=linkFnode1-6&contenttype=url&content=https://

Eventually it is explained how to add the userID and Password in the soapheader in a AXIS server that calls SAP XI. Maybe you can use the same code in your application.

Some test tools allow you to add a userID and Password..... like the SAP SOAPCLIENT, which you can download here at SDN.

Cheers,

Frank

Former Member
‎04-15-2005 6:41 PM
0 Kudos

Is not this for deployed webService.We are looking for SoapAdapter anonymous logon.

Thanks,

Samir

Show replies
Show replies
Former Member
‎04-18-2005 2:20 PM
0 Kudos

Hi Samir,

We tried to setup an anonymous logon for the SOAPAdapter as well, but we didn't succeed. We had to add the userID and password in the header of the soapmessage. You can find more details in other SDN Forum posts.

Cheers,

Frank

Former Member
‎09-09-2008 3:04 PM
0 Kudos

Hi Frank,

Can you point me to any resources on how to authenticate a WS call using a user/id and password contained in the SOAP header? An axis-based application is consuming my XI web services and trying to authenticate in this way.

Any help would be greatly appreciated.

Thanks.

Carlos

former_member189324
Contributor
‎04-07-2005 8:19 PM
0 Kudos

Hi Ramesh

Log in to J2ee Visual Admin tool and click on the service:

Webservice Security. There you should see your webservice and you can add the username and password.

Thanks

Prasad

Show replies
Show replies
Ask a Question