Topic
12 replies Latest Post - ‏2012-10-06T20:31:28Z by Santhosh61
Santhosh61
Santhosh61
38 Posts
ACCEPTED ANSWER

Pinned topic ID/PWD Authentication using Webservice Proxy

‏2012-10-05T13:24:30Z |
Hi All,

I'm trying to configure a user/password authentication prompt using a webservice proxy.
I have a WSDL and i need to prompt for entering username and password which will be validated in backend servers. Plz help
Updated on 2012-10-06T20:31:28Z at 2012-10-06T20:31:28Z by Santhosh61
  • swlinn
    swlinn
    1327 Posts
    ACCEPTED ANSWER

    Re: ID/PWD Authentication using Webservice Proxy

    ‏2012-10-05T13:39:40Z  in response to Santhosh61
    The userid and password are not provided in the request, for example a wsse:UsernameToken in the SOAP Header?

    Regards,
    Steve
    • Santhosh61
      Santhosh61
      38 Posts
      ACCEPTED ANSWER

      Re: ID/PWD Authentication using Webservice Proxy

      ‏2012-10-05T13:42:39Z  in response to swlinn
      No.

      My WSDL donot contain any User Id/PWD fields but i need to ask for prompt to enter and carry forward the same to backend servers. Users will be sending these credentials along with the request structures mentioned in WSDL.
      • Santhosh61
        Santhosh61
        38 Posts
        ACCEPTED ANSWER

        Re: ID/PWD Authentication using Webservice Proxy

        ‏2012-10-05T14:10:40Z  in response to Santhosh61
        Hi Steve,

        May be the interface are sending Id/Pwd thru soap header and which will be read by soap webservice hosted on backend servers. Can you please help me in getting the details and asking for prompt?/
        • swlinn
          swlinn
          1327 Posts
          ACCEPTED ANSWER

          Re: ID/PWD Authentication using Webservice Proxy

          ‏2012-10-05T14:32:30Z  in response to Santhosh61
          For Web Service / SOAP requests, there is no "prompt" from the web service to tell the consumer to provide credentials. Web service calls are not like web applications where the server can redirect their request to a login page. If the consumer does not provide credentials in their request, their request is rejected. It is the consumer's job to create the SOAP request that matches the provider's wsdl, which generally describes the SOAP Body schema. Security credentials can be provided in a number of ways by the consumer, but most typically in the SOAP Header, although I've seen HTTP Basic Auth headers too. The AAA action supports these mechanisms for client identification. Here's the spec on the ws security header that will specify the UsernameToken element, with examples. https://www.oasis-open.org/committees/wss/documents/WSS-Username-02-0223-merged.pdf

          Regards,
          Steve
          • Santhosh61
            Santhosh61
            38 Posts
            ACCEPTED ANSWER

            Re: ID/PWD Authentication using Webservice Proxy

            ‏2012-10-05T16:47:35Z  in response to swlinn
            Hi Steve,
            The web server in the backend requires basic authentication. So when client sends an soap request it inputs basic authentication credentials using Stub ( in axis it uses super.cachedEndpoint,cachedUsername,cachedPassword).
            We need to replicate the same using web proxy on the Front side.
            • Santhosh61
              Santhosh61
              38 Posts
              ACCEPTED ANSWER

              Re: ID/PWD Authentication using Webservice Proxy

              ‏2012-10-05T19:17:08Z  in response to Santhosh61
              Also, when i enter the web service url in browser it should prompt for user name n password
            • HermannSW
              HermannSW
              2818 Posts
              ACCEPTED ANSWER

              Re: ID/PWD Authentication using Webservice Proxy

              ‏2012-10-05T19:21:01Z  in response to Santhosh61
              > We need to replicate the same using web proxy on the Front side.
              >
              The WSP uses the Basic-Auth settings from the WSP's XMLManager's UserAgent.

              So in WebGUI
              • go to "Proxy Settings" tab of WSP
              • create new XML Manager or open existing
              • scroll down, and create new User Agent or open existing
              • goto "Basic-Auth Policy" tab
              • add a new Basic-Auth policy (consisting of URL Matching Expression, User Name and Password).

               
              Hermann<myXsltBlog/> <myXsltTweets/>
              • Santhosh61
                Santhosh61
                38 Posts
                ACCEPTED ANSWER

                Re: ID/PWD Authentication using Webservice Proxy

                ‏2012-10-06T03:26:07Z  in response to HermannSW
                Thanks,
                I have tried this, but failed while wsp connecting to back end web server it is not providing the username and password.
                do i need to give entire backend url in the url matching expression
                • HermannSW
                  HermannSW
                  2818 Posts
                  ACCEPTED ANSWER

                  Re: ID/PWD Authentication using Webservice Proxy

                  ‏2012-10-06T07:17:45Z  in response to Santhosh61
                  From InfoCenter:

                  4. Add a policy.
                  a. Click Add.
                  b. In the URL Matching Expression field, enter a shell-style expression to be the pattern to match against the URL set.
                  c. Define credentials for authentication.
                  i. In the User name field, enter the name of the user.
                  i.. In the Password and Confirm Password fields, enter the password for the user.
                  d. Click Save to add this policy to the list.

                  Just test with "*" for the URL Matching Expression first to get it working.
                  If it still does not work, please take a packet capture and let us know what HTTP headers get sent to backend.

                  You may want to modify/restrict the URL Matching Expression later after the connection works.

                   
                  Hermann<myXsltBlog/> <myXsltTweets/>
                  • Santhosh61
                    Santhosh61
                    38 Posts
                    ACCEPTED ANSWER

                    Re: ID/PWD Authentication using Webservice Proxy

                    ‏2012-10-06T09:33:57Z  in response to HermannSW
                    Thanks,
                    It worked with * in url expression.
                    But i have hard coded the user name and password here, but it requires the wsp to propmt for basic authentication and provide the same to back end web server( just how it worked with the user agent configuration).
                    • Santhosh61
                      Santhosh61
                      38 Posts
                      ACCEPTED ANSWER

                      Re: ID/PWD Authentication using Webservice Proxy

                      ‏2012-10-06T19:39:25Z  in response to Santhosh61
                      Hi ,
                      Can you guide to perfrom basic authentication using AAA ploicy.
                      I need to verify the username and passowrd coming in http request.
                      • Santhosh61
                        Santhosh61
                        38 Posts
                        ACCEPTED ANSWER

                        Re: ID/PWD Authentication using Webservice Proxy

                        ‏2012-10-06T20:31:28Z  in response to Santhosh61
                        Hi,
                        I have tried http authentication using AAA ploicy and authentication using AAA info file.
                        But while accessing wsp it didn't prompt me for user name and password, Could you please guide me here