on 05-13-2008 10:27 PM
XI gurus,
I have created an XI web service using Tools-->Define Web Service option in ID. (Inbound comm channel has been configured to use SOAP Sender adapter). No Message-level security has been setup, but use of web service requires client to authenticate to the SOAP Adapter.
I have a tool (piece of Javascript code) that uses XMLHTTP POST
The steps that i follow to test my web service from the Internet are
1) Put the URL of the web service (https://hostname/XISOAPAdapter/MessageServlet?channel=party:business system:communication channel) in the Internet explorer address bar, it prompts for user name and password and returns code 200 from servlet upon successful authentication.
2) authentication details are stored in Internet cache.
3) XMl payload is posted to the Web service url using XMLHTTP SEND method
My third-party client running PeopleSoft system is unable to find a way to authenticate to the SOAP adapter before sending an XML message to the Web service URL. they are able to ping to the Hostname but ping to the entire web service URL fails (no firewall from anyside stopping it) fails.
How can genarally a client application authenticate to SOAP adapter before sending message? Do they have to build custom http header? what if their application does not support building custom header using config. tools?
I will appreciate any ideas.
THanks,
Saurabh
Chandrakanth,
Thanks for responding. At this point we are not implemnting any "message-level" security. All we are trying to do is allow user to use basic authentication (user name and password) to authenticate to SOAP adapter. I want to find out an example of custom http header that my client will need to create for the authentication purpose.
since you mentioned Task(Axis), can you give me a realtime scenario when deplying AXIS on top of SOAP adapter would help? Can this be useful even if we are not implementing 'message'level' security.
SOAP adapter requires authentication. so i would expect client to pass authentication data in HTTP Header to be able to authenticate before sending SOAP messages. if client fails to pass authentication data in http header and can pass data in SOAP Header, do you think AXIS can still accept the message even before client attempted to authenticate to AxisAdapter and then read SOAP header to extract logon details and pass message to SOAP adapter.
Appreciate your response.
Saurabh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Messaging user is authenticated by basic authentication or SSL client certificate.
In Axis Task mode, more authentication mechanisms are supported: basic authentication, digest, NTLM (Microsoft NT LAN Manager Authentication scheme), SSL client certificate, and SAP assertion tickets.
Signature validation or decryption can be activated in the channel configuration, where a security profile (Web service security or S/MIME) must be selected. The J2EE keystore views of the actual certificate for signature validation or decryption are configured in the sender agreement associated with the channel.
Messaging user must have the security role xi_adapter_soap_message in the Adapter Engine.
For a detailed description of how to configure SSL for the Adapter Engine see HTTP and SSL.
http://help.sap.com/saphelp_nw04/helpdata/en/14/ef2940cbf2195de10000000a1550b0/content.htm
For a description of digital signatures, see Message-Level Security.
http://help.sap.com/saphelp_nw04/helpdata/en/02/6d5c034c182e4fbe7bfd25c2b56f9b/frameset.htm
pls reward points if solution found helpfull
regards
chandra.k
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks for the resposne, can you tell me how?
Saurabh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
One way is you can send the values as part of header.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
86 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.