| Author |
Message
|
| shilpa.sabade |
 Posted: Mon Sep 10, 2012 5:53 am Post subject: Handling userid and Password in WMB |
 |
|
Voyager
Joined: 23 Feb 2011
Posts: 76
|
Hello,
Below is my problem scenario , need your assistance here .
we are trying to consume a WEbservice , hosted in webmethod enviroment .
initially we tried to test this webservice using soap ui.
Here are observations .
1) when we pass user credentials using wsse header , it faults with auth error .
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-2" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>*******</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">***********</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
2) when we send same credential in soap ui Auth username and password fields , we get good response.
Here is my question , where does sopa ui include this info (user id and pwd) while calling webservice .
We need to implement this WEB service call in WMB 7003 , not understanding how to include user id and password.
I have tried constructing wsse security , it does not work (auth error same as SOAP UI)
I tried with Policy set and bindings , getting same auth error. |
|
| Back to top |
|
 |
| lancelotlinc |
| Posted: Mon Sep 10, 2012 5:58 am Post subject: |
|
|
Jedi Knight
Joined: 22 Mar 2010
Posts: 4941
Location: Bloomington, IL USA
|
We answered this already last week.
| Code: |
| OutputRoot.SOAP.Header.wsse:Security.wsse:UsernameToken.wsse:Password |
_________________
http://leanpub.com/IIB_Tips_and_Tricks
Save $20: Coupon Code: MQSERIES_READER |
|
| Back to top |
|
|
| Vitor |
| Posted: Mon Sep 10, 2012 6:08 am Post subject: Re: Handling userid and Password in WMB |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| shilpa.sabade wrote: |
| Below is my problem scenario , need your assistance here . |
And no matter how many times you ask the same question (IIRC this is your 3rd time with this), you're going to get the same answer.
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| shilpa.sabade |
| Posted: Mon Sep 10, 2012 11:13 pm Post subject: |
|
|
Voyager
Joined: 23 Feb 2011
Posts: 76
|
| lancelotlinc wrote: |
We answered this already last week.
| Code: |
| OutputRoot.SOAP.Header.wsse:Security.wsse:UsernameToken.wsse:Password |
|
Hi ,
I have tried this approach ,
SET OutputRoot.SOAP.Header.wsse:Security.wsse:UsernameToken.(SOAP.Attribute)wsu:Id='UsernameToken-2';
SET OutputRoot.SOAP.Header.wsse:Security.wsse:UsernameToken.wsse:Username=WSSEUSERNAME;
SET OutputRoot.SOAP.Header.wsse:Security.wsse:UsernameToken.wsse:Password.(SOAP.Attribute)Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText';
SET OutputRoot.SOAP.Header.wsse:Security.wsse:UsernameToken.wsse:Password=WSSEPASSWORD;
I have also tried Default policy set and binding with ,
SET OutputRoot.Properties.IdentitySourceType = 'Usernameandpassword';
SET OutputRoot.Properties.IdentitySourceToken = 'XXXXX';
SET OutputRoot.Properties.IdentitySourcePassword = 'XXXXX';
But it doesnot work .
Please note my observations with SOAP UI .
1) when we pass user credentials using wsse header , it faults with auth error .
2) when we send same credential in soap ui Auth username and password fields , we get good response. Without WSSE in SOAP header. |
|
| Back to top |
|
|
| shilpa.sabade |
| Posted: Mon Sep 10, 2012 11:15 pm Post subject: Re: Handling userid and Password in WMB |
|
|
Voyager
Joined: 23 Feb 2011
Posts: 76
|
| Vitor wrote: |
| shilpa.sabade wrote: |
| Below is my problem scenario , need your assistance here . |
And no matter how many times you ask the same question (IIRC this is your 3rd time with this), you're going to get the same answer. |
Hi ,
I think , this problem is slightly different . My other post was about setting wsse , and got it resolved .
Any guidance here? |
|
| Back to top |
|
|
| marko.pitkanen |
| Posted: Tue Sep 11, 2012 12:37 am Post subject: |
|
|
Chevalier
Joined: 23 Jul 2008
Posts: 440
Location: Jamsa, Finland
|
Hi shilpa.sabade,
I guess --based on how you described the phenomenon- that the WS you are trying to use expects Http Basic Authentication.
--
Marko |
|
| Back to top |
|
|
| McueMart |
| Posted: Tue Sep 11, 2012 12:46 am Post subject: |
|
|
Chevalier
Joined: 29 Nov 2011
Posts: 490
Location: UK...somewhere
|
| Use a proxy and/or Wireshark to compare the exact message sent by soupUI and compare it to the message sent from Broker. That should clear up the issue you are having (Although I do suspect it might be Basic Auth as mentioned above!) |
|
| Back to top |
|
|
| shilpa.sabade |
| Posted: Tue Sep 11, 2012 4:44 am Post subject: |
|
|
Voyager
Joined: 23 Feb 2011
Posts: 76
|
| marko.pitkanen wrote: |
Hi shilpa.sabade,
I guess --based on how you described the phenomenon- that the WS you are trying to use expects Http Basic Authentication.
--
Marko |
Thank you so much ..  This hint helped me .
Now am able to hit WS , by setting HTTPREquestHeader properties .
I also read through SOAP UI , how it handles this situation. They aslo talk about HTTP basic authentication.
http://www.robert-nemet.com/2011/10/soapui-http-authentications-part-one.html#!/2011/10/soapui-http-authentications-part-one.html |
|
| Back to top |
|
|
| paustin_ours |
| Posted: Wed Oct 17, 2012 5:04 am Post subject: |
|
|
Yatiri
Joined: 19 May 2004
Posts: 667
Location: columbus,oh
|
| Can you please let us know where and how you set up the username and password? Did you use a httpheader node to add the username and password? |
|
| Back to top |
|
|
| mqjeff |
| Posted: Wed Oct 17, 2012 5:09 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
| paustin_ours wrote: |
| Can you please let us know where and how you set up the username and password? Did you use a httpheader node to add the username and password? |
You don't need to do that.
You can use the mapped fields in Identity and default propagation on the HTTPRequest node. |
|
| Back to top |
|
|
| lancelotlinc |
| Posted: Wed Oct 17, 2012 5:10 am Post subject: |
|
|
Jedi Knight
Joined: 22 Mar 2010
Posts: 4941
Location: Bloomington, IL USA
|
There is a tutorial in developerWorks that explains this. If you were skilled at using Google, you would find it.
_________________
http://leanpub.com/IIB_Tips_and_Tricks
Save $20: Coupon Code: MQSERIES_READER |
|
| Back to top |
|
|
| shilpa.sabade |
| Posted: Wed Oct 24, 2012 10:52 pm Post subject: |
|
|
Voyager
Joined: 23 Feb 2011
Posts: 76
|
| paustin_ours wrote: |
| Can you please let us know where and how you set up the username and password? Did you use a httpheader node to add the username and password? |
Here is the code for compute node , which worked for us :
SET OutputRoot.HTTPRequestHeader."Content-Type"= 'text/xml';
SET OutputRoot.HTTPRequestHeader."Authorization" = 'Basic '||BASE64ENCODE(CAST('userid'||':'||'pwd' as BLOB CCSID 1208)); |
|
| Back to top |
|
|
| McueMart |
| Posted: Wed Oct 24, 2012 11:59 pm Post subject: |
|
|
Chevalier
Joined: 29 Nov 2011
Posts: 490
Location: UK...somewhere
|
You are doing it the hard way because as mqjeff said:
| Quote: |
| You can use the mapped fields in Identity and default propagation on the HTTPRequest node. |
|
|
| Back to top |
|
|
| shilpa.sabade |
| Posted: Thu Oct 25, 2012 6:04 am Post subject: |
|
|
Voyager
Joined: 23 Feb 2011
Posts: 76
|
| McueMart wrote: |
You are doing it the hard way because as mqjeff said:
| Quote: |
| You can use the mapped fields in Identity and default propagation on the HTTPRequest node. |
|
Hi ,
Am not able to recall complete error screnario which i faced , while using Source Identity.
when we use default propagation , it was explicitly looking for policy set and binding
when i created policy set and binding with username token i was not getting result .
not sure , what i missed here but default propagation source identity.
Thank you |
|
| Back to top |
|
|
| mqjeff |
| Posted: Thu Oct 25, 2012 6:21 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
Policy Sets and Policy Set Bindings are specific to WS-Security.
Identity Propagation is determined from the Security Profile.
Policy Sets and Policy Bindings are used to inform the Security Profile about the WS-Security mechanisms in use. |
|
| Back to top |
|
|
|
|
