MQSeries.net :: View topic - SOAPRequest node authentication problem

MQSeries.net

Tech Exchange

Education

Certifications

Library

Info Center

SupportPacs

FAQÂ Â

Usergroups

RSS Feed - WebSphere MQ Support

RSS Feed - Message Broker Support

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » SOAPRequest node authentication problem

SOAPRequest node authentication problem

« View previous topic :: View next topic »

Author

Message

ethirajesh

Posted: Mon Mar 14, 2011 12:33 am Post subject: SOAPRequest node authentication problem

Apprentice

Joined: 04 Oct 2010
Posts: 46

Hi All,

I am working on small POC. Need to give a demo how web services can be invoked from MB, but i have no exposuer to webservices nodes.

What I did is created msg flow with MQInput node, SOAPRequest node and MQOutput node. Connected Failure and exception terminals to a Failure Queue.

I have imported the wsdl file onto the SOAPRequest node and created the message set. To trigger the flow I have put one dummy XML message to the input Queue, the flow failed. It had put failure message in failure Queue with error "<faultstring>java.lang.RuntimeException: Unauthenticated requests are not allowed.</faultstring>
<detail>". This is just one line from the error message.

In order to avoid this authentication problem, should I put a SOAP message in the input node which will have token informations in the SOAP headers part?

I am not able to test what I have mentioned above since I have been given different a PC now. So I would like to be prepared before I get MB installed in my PC.

I have posted the WSDL file in below reply.

Regards
Rajesh Ethiraj

ethirajesh

Posted: Mon Mar 14, 2011 12:34 am Post subject:

Apprentice

Joined: 04 Oct 2010
Posts: 46

<?xml version="1.0" encoding="UTF-8"?>
<definitions xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
xmlns:tns="http://target.com/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns="http://schemas.xmlsoap.org/wsdl/"
targetNamespace="http://target.com/"
name="TargetJavaServiceService">
<wsp:Policy xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
xmlns:ssp="http://schemas.sun.com/2006/03/wss/server"
xmlns:sunwsp="http://java.sun.com/xml/ns/wsit/policy"
xmlns:wsp="http://www.w3.org/ns/ws-policy"
wsu:Id="TheSecurityPolicy">
<wsp:ExactlyOne>
<wsp:All>
<sp:SignedEncryptedSupportingTokens>
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All>
<sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All>
<sp:WssUsernameToken10/>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</sp:UsernameToken>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</sp:SignedEncryptedSupportingTokens>
<sp:SymmetricBinding>
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All>
<sp:AlgorithmSuite>
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All>
<sp:Basic128/>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:IncludeTimestamp/>
<sp:Layout>
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All>
<sp:Strict/>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</sp:Layout>
<sp:OnlySignEntireHeadersAndBody/>
<sp:ProtectionToken>
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All>
<sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All>
<sp:RequireIssuerSerialReference/>
<sp:WssX509V3Token10/>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</sp:X509Token>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</sp:ProtectionToken>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</sp:SymmetricBinding>
<sp:Wss11>
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All>
<sp:MustSupportRefEncryptedKey/>
<sp:MustSupportRefIssuerSerial/>
<sp:MustSupportRefThumbprint/>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</sp:Wss11>

<ns1:Addressing xmlns:ns1="http://www.w3.org/2007/05/addressing/metadata" wsp:Optional="true"/>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
xmlns:wsp="http://www.w3.org/ns/ws-policy"
wsu:Id="InputSecurityPolicy">
<wsp:ExactlyOne>
<wsp:All>
<sp:EncryptedParts>
<sp:Body/>
</sp:EncryptedParts>
<sp:SignedParts>
<sp:Body/>
<sp:Header Namespace="http://www.w3.org/2005/08/addressing" Name="ReplyTo"/>
<sp:Header Namespace="http://www.w3.org/2005/08/addressing" Name="To"/>
<sp:Header Namespace="http://www.w3.org/2005/08/addressing" Name="From"/>
<sp:Header Namespace="http://www.w3.org/2005/08/addressing" Name="MessageID"/>
<sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Namespace="http://www.w3.org/2005/08/addressing" Name="Action"/>
<sp:Header Namespace="http://www.w3.org/2005/08/addressing" Name="RelatesTo"/>
<sp:Header Name="AckRequested" Namespace="http://docs.oasis-open.org/ws-rx/wsrmp/200702"/>
<sp:Header Name="CreateSequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrmp/200702"/>
<sp:Header Name="Sequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrmp/200702"/>
<sp:Header Name="SequenceAcknowledgement"
Namespace="http://docs.oasis-open.org/ws-rx/wsrmp/200702"/>
</sp:SignedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
xmlns:wsp="http://www.w3.org/ns/ws-policy"
wsu:Id="OutputSecurityPolicy">
<wsp:ExactlyOne>
<wsp:All>
<sp:EncryptedParts>
<sp:Body/>
</sp:EncryptedParts>
<sp:SignedParts>
<sp:Body/>
<sp:Header Namespace="http://www.w3.org/2005/08/addressing" Name="ReplyTo"/>
<sp:Header Namespace="http://www.w3.org/2005/08/addressing" Name="To"/>
<sp:Header Namespace="http://www.w3.org/2005/08/addressing" Name="From"/>
<sp:Header Namespace="http://www.w3.org/2005/08/addressing" Name="MessageID"/>
<sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Namespace="http://www.w3.org/2005/08/addressing" Name="Action"/>
<sp:Header Namespace="http://www.w3.org/2005/08/addressing" Name="RelatesTo"/>
<sp:Header Name="AckRequested" Namespace="http://docs.oasis-open.org/ws-rx/wsrmp/200702"/>
<sp:Header Name="CreateSequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrmp/200702"/>
<sp:Header Name="Sequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrmp/200702"/>
<sp:Header Name="SequenceAcknowledgement"
Namespace="http://docs.oasis-open.org/ws-rx/wsrmp/200702"/>
</sp:SignedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<types>
<xsd:schema>
<xsd:import namespace="http://target.com/" schemaLocation="TargetJavaService_xsd1.xml"/>
</xsd:schema>
</types>
<message name="getVendorSupplier">
<part name="parameters" element="tns:getVendorSupplier"/>
</message>
<message name="getVendorSupplierResponse">
<part name="parameters" element="tns:getVendorSupplierResponse"/>
</message>
<portType name="TargetJavaService">
<operation name="getVendorSupplier">
<input message="tns:getVendorSupplier"/>
<output message="tns:getVendorSupplierResponse"/>
</operation>
</portType>
<binding name="TargetJavaServicePortBinding" type="tns:TargetJavaService">
<ns2:PolicyReference xmlns:ns2="http://www.w3.org/ns/ws-policy" URI="#TheSecurityPolicy"/>
<soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/>
<operation name="getVendorSupplier">
<soap:operation soapAction=""/>
<input>
<ns3:PolicyReference xmlns:ns3="http://www.w3.org/ns/ws-policy" URI="#InputSecurityPolicy"/>
<soap:body use="literal"/>
</input>
<output>
<ns4:PolicyReference xmlns:ns4="http://www.w3.org/ns/ws-policy" URI="#OutputSecurityPolicy"/>
<soap:body use="literal"/>
</output>
</operation>
</binding>
<service name="TargetJavaServiceService">
<port name="TargetJavaServicePort" binding="tns:TargetJavaServicePortBinding">
<soap:address location="http://01hw302477.india.tcs.com:80/Windchill/servlet/TargetJavaService"/>
</port>
</service>
</definitions>

nukalas2010

Posted: Mon Mar 14, 2011 2:22 am Post subject:

Master

Joined: 04 Oct 2010
Posts: 220
Location: Somewhere in the World....

Hi,

First, you need to understand about the webservices.

http://www.ibm.com/developerworks/webservices/library/ws-soapnode/

http://www.ibm.com/developerworks/webservices/library/ws-soapnode2/

[url]
http://www.ibm.com/developerworks/webservices/library/ws-soapnode3/[/url]

Then do the Webservices sample flow in message broker toolkit.

ethirajesh

Posted: Mon Mar 21, 2011 2:07 am Post subject:

Apprentice

Joined: 04 Oct 2010
Posts: 46

Hi,

I have read the samples and ran those now, but it does not have any authentication stuff.

I have created new message flow by using "Start fowm WSDL and/or XSD files" wizard to invoke this webservice.

Now I have following questions :

1) The wsdl i ve posted here has security policies, the web service which needs to be invoked is working fine when invoked manually by just giveing the input parameters alone. It requires username and password. So from MB how can i pass this id and password?

2) Since this a POC, no one has a clue on what is the input SOAP message to the webservice. Is there any tool where one can generate a SOAP message based on WSDL?, if yes please share the link

I am still not clear whether we should pass this credentials in a SOAP message to webservices or we need to create an security policy. I have even tried to check creating a security policy just to understand what it is and what are the things that can be configured. But as per my understanding one cannot pass the username and password of the webservices in this way, please correct me if i am wrong.

Regards
Rajesh Ethiraj

Display posts from previous:

Page 1 of 1

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » SOAPRequest node authentication problem

Jump to:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Protected by Anti-Spam ACP