Results 1 to 4 of 4

Thread: authentication in soap header

  1. Sep 22nd, 2008, 07:37 AM #1
    simranveer
    simranveer is offline Junior Member
    Join Date
    Jun 2008
    Posts
    11

    Unhappy authentication in soap header

    Hi

    Im using soapUI to test my webservice and in the soap header i have added the following snippet :

    <soapenv:Header>
    <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
    xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
    soapenv:mustUnderstand="1">
    <wsse:UsernameToken>
    <wsse:Username>mmt</wsse:Username>
    <wsse:Password>mmt</wsse:Password>
    </wsse:UsernameToken>
    </wsse:Security>
    </soapenv:Header>


    I am handling the authentication using the SimplePasswordValidationCallbackHandler

    but when i submit my request,im getting the following error message :

    "The security token could not be authenticated or authorized; nested exception is org.apache.ws.security.WSSecurityException: The security token could not be authenticated or authorized"

    How do i resolve this issue...pls help...??
    Please tell me if im missing something in what i have done so far...??
    Reply With Quote Reply With Quote
  2. Sep 23rd, 2008, 05:23 PM #2
    tareq
    tareq is offline Senior Member
    Join Date
    Aug 2004
    Posts
    278

    Default

    The security header you added doesn't seem to be valid. How did you generate it? You can use SoapUI to add valid WS-Security headers to your requests.
    Tareq Abedrabbo

    My Twitter
    My Blog
    Reply With Quote Reply With Quote
  3. Sep 24th, 2008, 09:18 AM #3
    pedanen
    pedanen is offline Junior Member
    Join Date
    Sep 2008
    Posts
    1

    Default UserNameToken Header

    Had the same problem. Created a header with soapUI.

    Unfortunately I am only allowed to post URLs to other sites after a have made 15 posts or more.

    So I replaced http colon slash slash with HTTP

    <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="HTTPdocs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
    <wsse:UsernameToken wsu:Id="UsernameToken-27777511" xmlns:wsu="HTTPdocs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
    <wsse:Username>Bert</wsse:Username>
    <wsse:Password Type="HTTPdocs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">Ernie</wsse:Password>
    </wsse:UsernameToken>
    </wsse:Security>

    The password type attribute solved the problem.
    Reply With Quote Reply With Quote
  4. Sep 25th, 2008, 01:13 AM #4
    simranveer
    simranveer is offline Junior Member
    Join Date
    Jun 2008
    Posts
    11

    Default

    Quote Originally Posted by pedanen View Post
    Had the same problem. Created a header with soapUI.

    Unfortunately I am only allowed to post URLs to other sites after a have made 15 posts or more.

    So I replaced http colon slash slash with HTTP

    <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="HTTPdocs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
    <wsse:UsernameToken wsu:Id="UsernameToken-27777511" xmlns:wsu="HTTPdocs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
    <wsse:Username>Bert</wsse:Username>
    <wsse:Password Type="HTTPdocs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">Ernie</wsse:Password>
    </wsse:UsernameToken>
    </wsse:Security>

    The password type attribute solved the problem.
    ya.....i also found out the problem to be the password type while debugging the source code.......thanks for the reply though
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules