ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » Ws-Security 'password cannot be empty' @ soapinput Node

Post new topic  Reply to topic
 Ws-Security 'password cannot be empty' @ soapinput Node « View previous topic :: View next topic » 
Author Message
vickas
PostPosted: Fri May 30, 2014 4:10 am    Post subject: Ws-Security 'password cannot be empty' @ soapinput Node Reply with quote

Centurion

Joined: 18 Aug 2013
Posts: 126
Am trying to implement security for webservice flow .

compute -- >http request / NetTool--> httpinput node --> httpreply...


i have followed the following article
http://www.ibm.com/developerworks/websphere/library/techarticles/1002_fan/1002_fan.html

but unable to achieve it , i get an error saying
<title>401 Authorization Required</title>
</head>
<body>
<h1></h1>
<h1>401 Authorization Required</h1>
This server could not verify that you are authorized to access the document requested.<br/>


i have configured LDAP security profiles on the bar to the Httpprovider flow n ran mqsisetdbparms as follows
mqsisetdbparms IB9NODE -n ldap::LDAP -u <fullusername> -p <passwrd> & restarted the broker & deployed the bar .

I have sent the request as follows from the Httpconsumer flow

SET OutputRoot.Properties.IdentitySourceType = 'usernameAndPassword';
SET OutputRoot.Properties.IdentitySourceToken = 'XXX';
SET OutputRoot.Properties.IdentitySourcePassword = 'PPP';

SET OutputRoot.HTTPRequestHeader."Authorization"='Basic '||BASE64ENCODE(CAST(uName||':'||uPassword as BLOB CCSID 1208));

but when i debug, the request comes out from the failure terminal of the Httpinput Node saying - 'password cannot be empty' & c the IdentitySourceToken,IdentitySourcePassword,.IdentitySourceType are empty but intertsingly i can find all of these before my HttpRequest Node .

why is this happening ??

& i get the same response saying 'password cannot be empty' even though i have wriiten all the credentials in the basic authentication tab of NetTool ...
why is this happening ?

n when i put the same request to the SOAPINPUT node , it says

The Login failed because of an exception: com.ibm.broker.axis2.MbSoapLoginException: IBM Integration Bus BIP2702 (authentication failure)</faultstring>
<detail>

plz help me !!!
Back to top
View user's profile Send private message
martinb
PostPosted: Fri May 30, 2014 11:39 pm    Post subject: Reply with quote

Master

Joined: 09 Nov 2006
Posts: 210
Location: UK
Hi
Hard to follow exactly what is going wrong from the information provided.

One thing I think I can see is that in the consumer flow you are attempting to have the Broker propagate the identity you are setting in Properties.IdentitySource... However I don't see you confirming that you have configured the HTTPRequest node with the "DefaultPropagation" security profile.

For understanding the issue at the consumer, I think more detail is required about the error message and the content of your security profile etc. Note that the logging of security issues is deliberately brief, to better cope with a denial of service attack using invalid credentials. As noted in the info centre topic "Diagnosing security problems" you should enable User Trace in the consumer flow to get more information on the issue.
Back to top
View user's profile Send private message
vickas
PostPosted: Mon Jun 02, 2014 9:22 am    Post subject: Reply with quote

Centurion

Joined: 18 Aug 2013
Posts: 126
Hie martinb,
I didnt configure the HTTPRequest node with the "DefaultPropagation" security profile.
Sry to ask u this way , should we configure security profile even to the consumer flow/request node ?
If so, should it be only the DefaultPropagation ? can we set with the newly created security profile ?
Back to top
View user's profile Send private message
martinb
PostPosted: Mon Jun 02, 2014 2:49 pm    Post subject: Reply with quote

Master

Joined: 09 Nov 2006
Posts: 210
Location: UK
To have a Consumer flow's Request node send the Security Credentials provided in the properties tree Identity fields you do need to configure the Request node with the DefaultPropagation security profile.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » Ws-Security 'password cannot be empty' @ soapinput Node
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.