7 Replies Latest reply on Feb 24, 2012 3:20 AM by simplex-software

How to use authentication with the SOAPClient ?

simplex-software Feb 20, 2012 9:48 AM

Greetings,

Using ESB 4.10 included in JBoss SOA-P 5.2.0. I have an ESB service exposed as a web service. It doesn't require authentication. When it is called, this web service invokes another external web service, which requires HTTP basic authentication. I'm using the soapUI GUI to generate a soap request and to send it to the EBWS. Running the test raises HTTP 401. soapUI has a tab in which one can provide credentials for the HTTP basic authentication and it creates an authorization header. But this request is sent to the EBWS, who doesn't require it, and it doesn't seem to be propagated to the external web service. I also tried to insert SOAP level security but I still get HTTP 401. Here is the jboss-esb.xml file:

</action>

</action>

</actions>

</service>

</services>

And here is the SOAP:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:proj="http://www.ovam.be/project" xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext">

<soapenv:Header>

<wsse:Security>

<wsse:UsernameToken>

<wsse:Username>extcapdev01</wsse:Username>

<wsse:Password>sebadew1</wsse:Password>

</wsse:UsernameToken>

</wsse:Security>

</soapenv:Header>

<soapenv:Body>

<proj:projectRequest>

<proj:projectName>?</proj:projectName>

</proj:projectRequest>

</soapenv:Body>

</soapenv:Envelope>

And here is the exception:

15:47:28,337 ERROR [WsdlContext] Loading of definition failed for [http://sv102024.ovam.be:8000/sap/bc/srt/rfc/sap/ztestgetdatasap/062/ztestgetdatasap/ztestgetdatasap]; org.apache.commons.httpclient.HttpException: Received status code '401' on WSDL HTTP (GET) request: 'http://sv102024.ovam.be:8000/sap/bc/srt/rfc/sap/ztestgetdatasap/062/ztestgetdatasap/ztestgetdatasap'.

15:47:28,338 ERROR [STDERR] org.apache.commons.httpclient.HttpException: Received status code '401' on WSDL HTTP (GET) request: 'http://sv102024.ovam.be:8000/sap/bc/srt/rfc/sap/ztestgetdatasap/062/ztestgetdatasap/ztestgetdatasap'.

15:47:28,338 ERROR [STDERR] at org.jboss.soa.esb.services.soapui.EsbWsdlLoader.load(EsbWsdlLoader.java:72)

15:47:28,338 ERROR [STDERR] at com.eviware.soapui.impl.wsdl.support.wsdl.WsdlLoader.loadXmlObject(WsdlLoader.java:62)

15:47:28,338 ERROR [STDERR] at com.eviware.soapui.impl.wsdl.support.xsd.SchemaUtils.getDefinitionParts(SchemaUtils.java:412)

15:47:28,338 ERROR [STDERR] at com.eviware.soapui.impl.wsdl.support.xsd.SchemaUtils.getDefinitionParts(SchemaUtils.java:403)

15:47:28,338 ERROR [STDERR] at com.eviware.soapui.impl.wsdl.support.wsdl.WsdlLoader.cacheWsdl(WsdlLoader.java:116)

15:47:28,338 ERROR [STDERR] at com.eviware.soapui.impl.wsdl.support.wsdl.WsdlContext$Loader.construct(WsdlContext.java:200)

15:47:28,338 ERROR [STDERR] at com.eviware.soapui.support.swing.SwingWorkerDelegator.construct(SwingWorkerDelegator.java:45)

15:47:28,338 ERROR [STDERR] at com.eviware.soapui.support.swing.SwingWorker$2.run(SwingWorker.java:111)

15:47:28,338 ERROR [STDERR] at java.lang.Thread.run(Thread.java:619)

15:47:28,340 ERROR [WsdlProject] Error importing wsdl: org.apache.commons.httpclient.HttpException: Received status code '401' on WSDL HTTP (GET) request: 'http://sv102024.ovam.be:8000/sap/bc/srt/rfc/sap/ztestgetdatasap/062/ztestgetdatasap/ztestgetdatasap'.

15:47:28,340 ERROR [STDERR] org.apache.commons.httpclient.HttpException: Received status code '401' on WSDL HTTP (GET) request: 'http://sv102024.ovam.be:8000/sap/bc/srt/rfc/sap/ztestgetdatasap/062/ztestgetdatasap/ztestgetdatasap'.

15:47:28,341 ERROR [STDERR] at org.jboss.soa.esb.services.soapui.EsbWsdlLoader.load(EsbWsdlLoader.java:72)

15:47:28,341 ERROR [STDERR] at com.eviware.soapui.impl.wsdl.support.wsdl.WsdlLoader.loadXmlObject(WsdlLoader.java:62)

15:47:28,341 ERROR [STDERR] at com.eviware.soapui.impl.wsdl.support.xsd.SchemaUtils.getDefinitionParts(SchemaUtils.java:412)

15:47:28,341 ERROR [STDERR] at com.eviware.soapui.impl.wsdl.support.xsd.SchemaUtils.getDefinitionParts(SchemaUtils.java:403)

15:47:28,341 ERROR [STDERR] at com.eviware.soapui.impl.wsdl.support.wsdl.WsdlLoader.cacheWsdl(WsdlLoader.java:116)

15:47:28,341 ERROR [STDERR] at com.eviware.soapui.impl.wsdl.support.wsdl.WsdlContext$Loader.construct(WsdlContext.java:200)

15:47:28,341 ERROR [STDERR] at com.eviware.soapui.support.swing.SwingWorkerDelegator.construct(SwingWorkerDelegator.java:45)

15:47:28,341 ERROR [STDERR] at com.eviware.soapui.support.swing.SwingWorker$2.run(SwingWorker.java:111)

15:47:28,341 ERROR [STDERR] at java.lang.Thread.run(Thread.java:619)

Many thanks in advance for your help.

Nicolas

1. Re: How to use authentication with the SOAPClient ?

simplex-software Feb 21, 2012 5:00 AM (in response to simplex-software)

Please, could someone help me with this issue ?
Actions

2. Re: How to use authentication with the SOAPClient ?

simplex-software Feb 22, 2012 4:34 AM (in response to simplex-software)

I really don't know how to solve this problem. I added the following code in an action executen by the pipeline just before calling the external web service:

	final AuthenticationRequest authRequest = new AuthenticationRequestImpl.Builder().username("extcapdev01").password("sebadew1".toCharArray()).build();
	message.getContext().setContext(SecurityService.AUTH_REQUEST, PublicCryptoUtil.INSTANCE.encrypt((Serializable) authRequest));

But it didn't change anything, the external web service still returns HTTP 401. There must be a way to authenticate to a web service invoked by the soapUI SOAPClient and use HTTP BAsic authentication. Could anybody pleas help ?

Kind regards,

Nicolas

3. Re: How to use authentication with the SOAPClient ?

simplex-software Feb 23, 2012 3:55 AM (in response to simplex-software)

I didn't find any solution to my problem. However, I cannot imagine that it is not possible to provide credentials for HTTP basic authentication with the soapUI SOAPClient. Using the soapUI tools allows one to provide these credentials, it should be a possibility also when using the soapUI SOAPClient. But nobody seemd to know how to do it. I'm wondering if it was such a good idea to chosse JBossESB. The documentation is very approximative, the quickstarts are showing only simple cases without really explaining anything and, when things don't work, as it is my case, nobody can help.
Actions
4. Re: How to use authentication with the SOAPClient ?

mageshbk Feb 23, 2012 7:43 AM (in response to simplex-software)
Hi Nicolas,

In community, it could take a while before any of us could even look at your posts. If you need quick help, and since you are using SOA-Platform (JBossESB based one), the best place would be the Red Hat customer support portal. Your queries might be answered very quickly from various collective knowledge that has been provided to other users like you.

If you still want to use the community forum, then it would help both of us immensely to assist you quicker if you can post a modified quickstart sample that has a WSDL (secured) and showing SOAPClient is unable to access it. Securing a WSDL and passing a UserNameToken in SOAP Envelope are two different things. Your error seem to indicate that the WSDL is secured and hence even before you send any SOAP Message, the credentials need to be provided for that. As you are passing the credentials in a SOAP Envelope it is not used for accessing the WSDL. If you want this to work, you can do either of these:

Use a http.properties file to access the WSDL resource
Pass in the HTTP Basic authentication credentials in your client so that the WSDL can be accessed on first use
But nobody seemd to know how to do it. I'm wondering if it was such a good idea to chosse JBossESB. The documentation is very approximative, the quickstarts are showing only simple cases without really explaining anything and, when things don't work, as it is my case, nobody can help.
The community is a very vast, varied and knowledgeable group of people from around the globe. These words may hinder others who might think of helping. The best way to get *quick* help is post a quickstart or a reproducible example for the community.

many thanks,
Magesh
Actions
5. Re: How to use authentication with the SOAPClient ?

simplex-software Feb 23, 2012 8:42 AM (in response to mageshbk)
Hi Magesh,

Many thanks for the update.
In community, it could take a while before any of us could even look at your posts.
I uderstand.

You are using SOA-Platform (JBossESB based one), the best place would be the Red Hat customer support portal. Your queries might be answered very quickly from various collective knowledge that has been provided to other users like you.

Well, we're using a trial version of SOA-P accordingly we aren't supported.

If you still want to use the community forum, then it would help both of us immensely to assist you quicker if you can post a modified quickstart sample that has a WSDL (secured) and showing SOAPClient is unable to access it.
The provided code excerpt is based on the quick-start. How could I provide a reproductible test case showing that I cannot pass authentication credentials with a SOAPClient since I even don't know how I could express authentication credentials for a SOAPClient ? This was my question, how to provide these credentials ? If someone could tell me how or point me to a quick-start doing that, then I could make a test case which I could supply, if it doesn't work. The quick-starts use authentication with HttpClient, not with SOAPClient.

Securing a WSDL and passing a UserNameToken in SOAP Envelope are two different things. Your error seem to indicate that the WSDL is secured and hence even before you send any SOAP Message, the credentials need to be provided for that. As you are passing the credentials in a SOAP Envelope it is not used for accessing the WSDL. If you want this to work, you can do either of these:

Use a http.properties file to access the WSDL resource
Pass in the HTTP Basic authentication credentials in your client so that the WSDL can be accessed on first use
I undersatnd the difference between the SOAP level authentication and the HTTP basic authentication. But where to use either http.properties since the SOAPClient doesn't have any property to define that, at least not any documented property. And in which client to pass credentials for the BAsic authentication ? The client you're talking about is the SOAPClient which doesn't allow me to pass these credentials, at least I didn't find any documented way to do that. And the client of my client is another web service, etc. At any moment in the picture there is no HttpClient. My question was exactly how to pass credentials to the SOAPClient and if you tell me just to pass them, I doesn't help.

So for me, neither the soapUI SOAPClient nore the wise one cannot provide credentials for HTTP BAsic authentication, at least I didn't find any documentation or sample for that. The HttpRouter could but I'm working at a web service level, not at a HTTP one.

Kind regards,

Nicolas
Actions
6. Re: How to use authentication with the SOAPClient ?

mageshbk Feb 24, 2012 1:05 AM (in response to simplex-software)

So for me, neither the soapUI SOAPClient nore the wise one cannot provide credentials for HTTP BAsic authentication, at least I didn't find any documentation or sample for that.
No, you have misunderstood. See the end of this post.
Well, we're using a trial version of SOA-P accordingly we aren't supported.
There is no such thing as trial version at Red Hat. You can always get a developer subscription for starters.

The provided code excerpt is based on the quick-start. How could I provide a reproductible test case showing that I cannot pass authentication credentials with a SOAPClient since I even don't know how I could express authentication credentials for a SOAPClient ? This was my question, how to provide these credentials ? If someone could tell me how or point me to a quick-start doing that, then I could make a test case which I could supply, if it doesn't work. The quick-starts use authentication with HttpClient, not with SOAPClient.
You can write a small Webservice that is secured with BASIC Authentication and then modify one of the quickstarts to access this locally deployed Webservice. If there is any problem connecting then you could supply us with both the WS and the quickstart.
I undersatnd the difference between the SOAP level authentication and the HTTP basic authentication. But where to use either http.properties since the SOAPClient doesn't have any property to define that, at least not any documented property. And in which client to pass credentials for the BAsic authentication ?
I beleive you have already tried using htpp.properties in a SOAPProxy example. It is exactly similar to that.
The client you're talking about is the SOAPClient which doesn't allow me to pass these credentials, at least I didn't find any documented way to do that. And the client of my client is another web service, etc.
Where are you reading the documents from? It is clearly documented here JBoss ESB - Programmers Guide.See section "12.7.3.4. HttpClient Configuration" for soapUI SOAPClient and "Table 12.29. SOAPClient Optional Properties" for Wise SOAPClient.
Actions
7. Re: How to use authentication with the SOAPClient ?

simplex-software Feb 24, 2012 3:20 AM (in response to mageshbk)

Hi Magesh,
Where are you reading the documents from? It is clearly documented here JBoss ESB - Programmers Guide.See section "12.7.3.4. HttpClient Configuration" for soapUI SOAPClient and "Table 12.29. SOAPClient Optional Properties" for Wise SOAPClient.
Okay, I got my answer, this is what I'm asking since several days. I have read, of course, the programming guide but not this paragraph as, given its title, it concerns the HttpClient configuration, which I wasn't using. I didn't understand it was concerning the HttpClient configuration to be used in conjunction with web services clients. Many thanks, it's clear now. It wasn't so hard finally, was it. It could have been answered in 5 seconds.

Kind regards,

Nicolas
Actions

Go to original post