on 03-28-2005 4:27 PM
Hello,
We have published an outbound interface as a SOAP adapter and
having few transormation and having inbound interface linked to RFC
adapter to talk to a RFC in R3.
We tested using XMLSPY and everything is working fine. But when
ever we try, it ask us to supply userID/Password (
With title as "Enter the network password"
and Site: XI server
and Realm: XISOAPApps ).
TheURL that we post the SOAP Request is
http://doiqasapdb01:50000/XISOAPAdapter/MessageServlet?
channel=:TPBS_PRISM:CC_SOAP_S_PRISM_PO_CHANGE&version=3.0&Sender
.Service=TPBS_PRISM&Interface=http%3A%2F%2Fwww.doi.gov%2Ffbms%
2Fprism%5EMI_PO_CHANGE_OUT
We tried looking into the J2EE admin tool for any place where we
can setup the Anonymous logon information for this MessageServlet, But
with no luck.
I would really really appreciate if you can direct us to how we can
suppress the UserId/Password authentication.
Thanks,
Ramesh Balasubramanian
Hi.
The only way to achive that is to add an custom developed login module to the JAAS-Stack which allows anonymous login with a default user.
Kr,
Rafael
Edited by: Rafael Trübswasser on May 11, 2010 11:44 PM
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Have you try following setting by change the <auth-method>BASIC</auth-method>
to:
<!-- login-config -->
<login-config>
<auth-method>none</auth-method>
<realm-name>XISOAPApps</realm-name>
</login-config>
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
<!-- login-config -->
<login-config>
<auth-method>none</auth-method>
<realm-name>XISOAPApps</realm-name>
</login-config>
This does not work as its not a possible value:
The possible values are BASIC, DIGEST, FORM and CLIENT-CERT. For information about the different methods, see the JavaServlet 2.3 Specification at http://java.sun.com.
see:
[http://help.sap.com/saphelp_nw70/helpdata/EN/3e/ee7aa1ab8b4442bab00ba3171cef72/frameset.htm]
Edited by: Martin Summererzwei on Mar 18, 2009 5:54 PM
Good news!! This can be done by removing the authentication restrication in web.xml for XISoapAdapter.
Thanks for all the help!
Thanks,
Samir
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You can find the web.xml under following location.
/usr/sap/XD2/DVEBMGS00/j2ee/cluster/server0/apps/sap.com/com.sap.aii.af.soapadapter/servlet_jsp/XISOAPAdapter/root/WEB-INF
comment the following portion.( It's already commented below).
<!-- security-constraint -->
<!--
<security-constraint>
<display-name>message</display-name>
<web-resource-collection>
<web-resource-name>message</web-resource-name>
<url-pattern>MessageServlet</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>xi_adapter_soap_message</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<display-name>helper</display-name>
<web-resource-collection>
<web-resource-name>helper</web-resource-name>
<url-pattern>HelperServlet</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>xi_adapter_soap_helper</role-name>
</auth-constraint>
</security-constraint>
-->
<!-- login-config -->
<!--
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>XISOAPApps</realm-name>
</login-config>
-->
<!-- security-role -->
<!--
<security-role>
<role-name>xi_adapter_soap_message</role-name>
</security-role>
<security-role>
<role-name>xi_adapter_soap_helper</role-name>
</security-role>
-->
Restart the J2EE after this.
This will help.
Thanks,
samir
I have also commented the Login part of the deployment descriptor as described by Samir. But I was not able to login nevertheless.
Samir did you suceed with commenting the lines? Which settings did you have in VA Security Provider Service for module "sap.com/com.sap.aii.af.soapadapter*XISOAPAdapter"? I have tried there additionally to add the AnonymousLoginModule, but this did not help either. I have also tried to delete alll login modules there - in vain!
Any ideas?
Hi,
Are you really modifying web,xml to turn off the authentication completely?
This is a bad approach because:
- all your channels will become unprotected.
- your modification in web.xml will be replaced by your next patch update.
To solve your issue more elegantly, you can just use the axis adapter.
To turn off the default basic authentication, you can just remove the basic authentication from its login stack configuration (either at VA or NWA depending on the codeline). You can turn on the basic authentication or ws-security username token authentication for some selected channels.
You can find the more information in the note #1039369 (FAQ axis adapter).
Regards, Yza
Hi Frank,
Can you direct to the link which explains the appending userID/PassWd in soap Meassage for SoapAdapter.
Thanks,
Samir
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Samir,
Here is a link where it was part of the discussion:
https://www.sdn.sap.com/sdn/collaboration.sdn?node=linkFnode1-6&contenttype=url&content=https://
Eventually it is explained how to add the userID and Password in the soapheader in a AXIS server that calls SAP XI. Maybe you can use the same code in your application.
Some test tools allow you to add a userID and Password..... like the SAP SOAPCLIENT, which you can download here at SDN.
Cheers,
Frank
Is not this for deployed webService.We are looking for SoapAdapter anonymous logon.
Thanks,
Samir
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Ramesh
Log in to J2ee Visual Admin tool and click on the service:
Webservice Security. There you should see your webservice and you can add the username and password.
Thanks
Prasad
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
76 | |
9 | |
8 | |
7 | |
6 | |
5 | |
5 | |
5 | |
5 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.