I'm using Delphi XE 6 and TIdHttp component(Indy 10.6.0.5122) and trying to consume a SOAP service - http://www.webservicex.net/globalweather.asmx over a http proxy (CCProxy - http://www.youngzsoft.net/ccproxy/). The issue is that at the first attempt to connect to the webservice I receive an "Unauthorized" respone:
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /></head><body><h1>Unauthorized ...</h1>
<h2>IP Address: xxx.xxx.xxx.:61295<br>
MAC Address: <br>
Server Time: 2014-11-18 14:19:00<br>
Auth Result: </h2></body></html>
I've linked an IdSSLIOHandlerSocketOpenSSL and IdLogDebug1 components to IdHttp in order to debug the issue.
Logs of the operations performed
***********************IdSSLIOHandlerSocketOpenSSL1Status
Connecting to xxx.xxx.xxx.xxx.
***********************IdLogDebug1Send
POST http://www.webservicex.net/globalweather.asmx HTTP/1.1
Content-Type: text/xml; charset=utf-8
Content-Length: 388
SOAPAction: http://www.webserviceX.NET/GetCitiesByCountry
Host: www.webservicex.net
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: identity
User-Agent: Mozilla/3.0 (compatible; Indy Library)
***********************IdLogDebug1Send
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<GetCitiesByCountry xmlns="http://www.webserviceX.NET">
<CountryName>Romania</CountryName>
</GetCitiesByCountry>
</soap:Body>
</soap:Envelope>
***********************IdLogDebug1Receive
HTTP/1.0 407 Unauthorized
Server: Proxy
Proxy-Authenticate: Basic realm="CCProxy Authorization"
Cache-control: no-cache
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /></head><body><h1>Unauthorized ...</h1>
<h2>IP Address: xxx.xxx.xxx.xxx:61295<br>
MAC Address: <br>
Server Time: 2014-11-18 14:19:00<br>
Auth Result: </h2></body></html>
***********************IdSSLIOHandlerSocketOpenSSL1Status
Disconnected.
Now, what is interesting is that if I'm trying again to call the webservice everything works correctly. Log of the operations:
***********************IdSSLIOHandlerSocketOpenSSL1Status
Connecting to xxx.xxx.xxx.xxx.
***********************IdLogDebug1Send
POST http://www.webservicex.net/globalweather.asmx HTTP/1.1
Content-Type: text/xml; charset=utf-8
Content-Length: 388
SOAPAction: http://www.webserviceX.NET/GetCitiesByCountry
Host: www.webservicex.net
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: identity
User-Agent: Mozilla/3.0 (compatible; Indy Library)
Proxy-Authorization: Basic YW1ibzphbWJvIQ==
***********************IdLogDebug1Send
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<GetCitiesByCountry xmlns="http://www.webserviceX.NET">
<CountryName>Romania</CountryName>
</GetCitiesByCountry>
</soap:Body>
</soap:Envelope>
***********************IdLogDebug1Receive
HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 2456
***********************IdLogDebug1Receive
Content-Type: text/xml; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Tue, 18 Nov 2014 12:26:21 GMT
<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><GetCitiesByCountryResponse xmlns="http://www.webserviceX.NET"><GetCitiesByCountryResult><NewDataSet>
<Table>
<Country>Romania</Country>
<City>Arad</City>
</Table>
<Table>
<Country>Romania</Country>
<City>Bacau</City>
</Table>
......
And the response it's correct.
Code of the application
unit Unit1;
interface
uses
Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, IdBaseComponent,
IdComponent, IdTCPConnection, IdTCPClient, IdHTTP, Soap.SOAPHTTPTrans,
IdAuthentication, IdHeaderList, IdIntercept, IdLogBase, IdLogDebug,
IdIOHandler, IdIOHandlerSocket, IdIOHandlerStack, IdSSL, IdSSLOpenSSL
,IdGlobal;
type
TForm1 = class(TForm)
IdHTTP1: TIdHTTP;
Button1: TButton;
HTTPReqResp1: THTTPReqResp;
Memo1: TMemo;
Button2: TButton;
Button3: TButton;
Button4: TButton;
IdSSLIOHandlerSocketOpenSSL1: TIdSSLIOHandlerSocketOpenSSL;
IdLogDebug1: TIdLogDebug;
Memo2: TMemo;
procedure Button1Click(Sender: TObject);
procedure Button2Click(Sender: TObject);
procedure Button3Click(Sender: TObject);
procedure Button4Click(Sender: TObject);
procedure FormCreate(Sender: TObject);
procedure IdHTTP1ProxyAuthorization(Sender: TObject;
Authentication: TIdAuthentication; var Handled: Boolean);
procedure IdSSLIOHandlerSocketOpenSSL1StatusInfo(const AMsg: string);
procedure IdSSLIOHandlerSocketOpenSSL1Status(ASender: TObject;
const AStatus: TIdStatus; const AStatusText: string);
procedure IdLogDebug1Receive(ASender: TIdConnectionIntercept;
var ABuffer: TIdBytes);
procedure IdLogDebug1Send(ASender: TIdConnectionIntercept;
var ABuffer: TIdBytes);
procedure IdHTTP1Authorization(Sender: TObject;
Authentication: TIdAuthentication; var Handled: Boolean);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.dfm}
procedure TForm1.Button1Click(Sender: TObject);
var
postData: TMemoryStream;
begin
postData := TMemoryStream.Create;
try
Memo1.Lines.Clear;
postData.LoadFromFile('..\..\soap1.1.txt');
IdHTTP1.Request.ContentType := 'text/xml';
IdHTTP1.Request.Charset := 'utf-8';
IdHTTP1.Request.CustomHeaders.Values['SOAPAction'] := 'http://www.webserviceX.NET/GetCitiesByCountry';
IdHTTP1.ProtocolVersion := pv1_1;
IdHTTP1.HTTPOptions := IdHTTP1.HTTPOptions + [hoKeepOrigProtocol];
Memo1.Lines.Text := IdHTTP1.Post('http://www.webservicex.net/globalweather.asmx', postData);
finally
postData.Free;
end;
end;
procedure TForm1.FormCreate(Sender: TObject);
begin
with IdHTTP1.ProxyParams do
begin
ProxyServer := 'xxx.xxx.xxx.xxx';
ProxyPort := 808;
ProxyUsername := 'User-001';
ProxyPassword := 'User-001!';
end;
end;
procedure TForm1.IdHTTP1Authorization(Sender: TObject;
Authentication: TIdAuthentication; var Handled: Boolean);
begin
//
Authentication.Username := 'User-001';
Authentication.Password := 'User-001!';
end;
procedure TForm1.IdHTTP1ProxyAuthorization(Sender: TObject;
Authentication: TIdAuthentication; var Handled: Boolean);
begin
//
// Authentication.Username := 'User-001';
// Authentication.Password := 'User-001!';
// Handled := true;
end;
procedure TForm1.IdLogDebug1Receive(ASender: TIdConnectionIntercept;
var ABuffer: TIdBytes);
begin
Memo2.Lines.Add(#13#10+'***********************IdLogDebug1Receive '+#13#10+BytesToString(ABuffer))
end;
procedure TForm1.IdLogDebug1Send(ASender: TIdConnectionIntercept;
var ABuffer: TIdBytes);
begin
Memo2.Lines.Add(#13#10+'***********************IdLogDebug1Send '+#13#10+BytesToString(ABuffer))
end;
procedure TForm1.IdSSLIOHandlerSocketOpenSSL1Status(ASender: TObject;
const AStatus: TIdStatus; const AStatusText: string);
begin
Memo2.Lines.Add(#13#10+'***********************IdSSLIOHandlerSocketOpenSSL1Status '+#13#10+AStatusText)
end;
procedure TForm1.IdSSLIOHandlerSocketOpenSSL1StatusInfo(const AMsg: string);
begin
Memo2.Lines.Add(#13#10+'***********************IdSSLIOHandlerSocketOpenSSL1StatusInfo '+#13#10+AMsg)
end;
end.
How should I make the authentication in order to work from the first attempt?
PS : I've already read this question - Authorization failure TIdHTTP over HTTPS.
ANSWER : based on the indications of Remy Lebeau problem was solved by setting up the
OnProxySelectAuthorization
event and add the hoInProcessAuth to the
IdHTTP1.HTTPOptions
Make sure you have added the IdAuthentication unit to your uses clause so TIdHTTP can process Proxy-Authorization headers in a 407 reply, and also make sure you have a TIdHTTP.OnProxyAuthorization event handler assigned (even if it just returns Handled:=True) otherwise TIdHTTP will not attempt proxy authorization while processing a 407 reply, even though you have provided a username/password in the TIdHTTP.ProxyParams property.
What is most likely happening is that the TIdHTTP.ProxyParams.Authentication property is initially nil during the first request, and gets filled in with a TIdBasicAuthentication object while processing the 407 reply, but a missing OnProxyAuthorization event handler causes TIdHTTP to skip authorization, and then the TIdHTTP.ProxyParams.Authentication property is not nil anymore when the second request is made, so it attempts authorization at that time.
Skipping proxy authorization if the TIdHTTP.OnProxyAuthorization event is not assigned appears to be a bug, IMHO. By comparison, the TIdHTTP.OnAuthorization event can be unassigned as long as a non-empty value is assigned to the TIdHTTP.Request.Password property. I have now updated TIdHTTP with similar logic for the OnProxyAuthorization event regarding the TIdHTTP.ProxyParams.Password property.
So, either update to the latest SVN snapshot, or just assign a TIdHTTP.OnProxyAuthorization event handler, then you should be OK:
procedure TForm1.IdHTTP1ProxyAuthorization(Sender: TObject; Authentication: TIdAuthentication; var Handled: Boolean);
begin
// prompt the user for username/password (optional) and store them
// in the Authentication.Username and Authentication.Password
// properties, respectively. By default, they are initialized with
// the current values of the ProxyParams.UserName and
// ProxyParams.Password properties...
Handled := True;
end;
Related
I recently developped a SOAP web service.
I started to implement it without authentication. It works fine : the service, the call with SOAP UI and the gatling tests.
I added a digest authentication and now I cannot make my gatling test work (the test with SOAP UI is still successful).
According to the gatling documentation (here), I am supposed to call .digestAuth(login, pass) on my http request:
val scn = scenario("scenario")
.feed(feeder)
.feed(feeder2)
.forever{
exec(
http("myRequest")
.post(target)
.digestAuth("login","pass")
.body(ELFileBody("Request.wsdl"))
.headers(headers_2)
)
}
The answer from the server is always a 500 error with the message :
Jul 07, 2015 4:27:31 PM com.sun.xml.wss.impl.SecurityRecipient processMessagePolicy
SCHWERWIEGEND: WSS0253: Message does not conform to configured policy: No Security Header found in message
UPDATE :
I'm using the latest version of gatling 2.1.6
I cannot share my webservice but here is how it is configured.
spring-servlet.xml
<sws:interceptors>
<bean id="wsSecurityInterceptor"
class="org.springframework.ws.soap.security.xwss.XwsSecurityInterceptor">
<property name="policyConfiguration" value="classpath:securityPolicy.xml" />
<property name="callbackHandlers">
<list>
<ref bean="passwordValidationHandler" />
</list>
</property>
</bean>
</sws:interceptors>
<bean id="passwordValidationHandler"
class="org.springframework.ws.soap.security.xwss.callback.SimplePasswordValidationCallbackHandler">
<property name="users">
<props>
<prop key="user">password</prop>
</props>
</property>
</bean>
And the securityPolicy.xml
<?xml version="1.0" encoding="UTF-8"?>
<xwss:SecurityConfiguration xmlns:xwss="http://java.sun.com/xml/ns/xwss/config">
<xwss:RequireUsernameToken passwordDigestRequired="true" nonceRequired="true" />
</xwss:SecurityConfiguration>
UPDATE 2:
Here is the full request and response from gatling logs:
10:06:57.243 [WARN ] i.g.h.a.AsyncHandlerActor - Request 'post_Addresscheck' failed:
status.find.in(200,304,201,202,203,204,205,206,207,208,209), but
actually found 500
10:06:57.244 [TRACE] i.g.h.a.AsyncHandlerActor - http://localhost:8000/ROOT/checkAddresshttp://localhost:8000/ROOT/checkAddress
headers=
Accept-Encoding: gzip,deflate
Content-Type: text/xml;charset=UTF-8
Content-Length: 1830
Connection: keep-alive
Host: localhost:8000
Accept: */*
realm=Realm{principal='user', password='password', scheme=DIGEST, realmName='', nonce='', algorithm='MD5', response='', qop='auth', nc='00000001', cno
nce='', uri='null', methodName='GET', useAbsoluteURI='true', omitQuery='false'}
=========================
HTTP response:
status=
500 Internal Server Error
headers=
Server: [Apache-Coyote/1.1]
Accept: [text/xml, text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2]
SOAPAction: [""]
Content-Type: [text/xml;charset=utf-8]
Content-Length: [605]
Date: [Thu, 09 Jul 2015 08:06:57 GMT]
Connection: [close]
Did I miss something in my test definition?
I think there might be a confusion here: Gatling supports HTTP digest auth, not WSS digest auth (where creds are passed as a SOAP header, inside the body, instead of a HTTP header).
I am trying to call GetAuthToken from Amazon Web Services:
http://docs.developer.amazonservices.com/en_US/auth_token/AuthToken_GetAuthToken.html
I checked the C# client library and I cannot find GetAuthToken as a method. Has this been implemented? I tried to do a POST request without the library and it fails. Here is my request and response that I wrote manually:
Request
POST https://mws.amazonservices.com/ HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: mws.amazonservices.com
Content-Length: 238
Expect: 100-continue
Connection: Keep-Alive
AWSAccessKeyId=XX&Action=GetAuthToken&SellerId=XX&SignatureMethod=HmacSHA256&SignatureVersion=2&Timestamp=2014-09-01T16%3A41%3A16Z&Version=2011-07-01&Signature=vRBxMEXAMPLES2y0FGPufG4u7WY2HqhcsYUW6IVI9%2BQ%3D
Response:
HTTP/1.1 404 Not Found
Date: Fri, 03 Oct 2014 17:14:53 GMT
Server: AmazonMWS
x-mws-request-id: 1a0bd189-d3e9-40b8-a55d-a420c9ed4805
x-mws-timestamp: 2014-10-03T17:14:54.195Z
x-mws-response-context: VaGpX6JmTb+cM7WqwM6Fs8/E4oExbxl5c7li/EU0ho2j0/WpcYuG1XZSQzkuyrlr+kVTKBdKeG6F 3nwhM5s2gg==
Content-Type: text/xml
Content-Length: 368
Vary: User-Agent
<?xml version="1.0"?>
<ErrorResponse xmlns="https://mws.amazonservices.com/">
<Error>
<Type>Sender</Type>
<Code>InvalidAddress</Code>
<Message>Resource / is not found on this server. API Section is missing or you have provided an invalid operation name.</Message>
</Error>
<RequestID>1a0bd189-d3e9-40b8-a55d-a420c9ed4805</RequestID>
</ErrorResponse>
You have wrong ServiceURL setting. You can not have it as "mws.amazonservices.com", you have to specify proper ServiceURL according to the shop location. Use one of the following settings (taken from Amazon library samples) or check out more complete Developer Guide:
// North America:
$serviceUrl = "https://mws.amazonservices.com/Products/2011-10-01";
// Europe
$serviceUrl = "https://mws-eu.amazonservices.com/Products/2011-10-01";
// Japan
$serviceUrl = "https://mws.amazonservices.jp/Products/2011-10-01";
// China
$serviceUrl = "https://mws.amazonservices.com.cn/Products/2011-10-01";
I am trying to invoke the service which was in another domain from the javascript itself. I could able to request the cross domain service . But I cant retrieve the information from the service. Some how I have been blocked by the same origin policy. Please help me to find the errors in the code.
My Client side Javascript Code :
var requestJsonData;
function crossDomainCall(){ ** It will be called by button click **
requestJsonData = createCORSRequest('POST', 'IPAddress/servicePath');
if (requestJsonData){
requestJsonData.onreadystatechange = handler;
requestJsonData.send();
}
else {
alert('Cross Domain Call is not invoked');
}
}
function handler(evtXHR) {
if(requestJsonData.readyState == 4) {
if(requestJsonData.status == 200) {
var response = requestJsonData.responseText;
}
else {
alert(" Invocation Errors Occured " + requestJsonData.readyState + " and the status is " + requestJsonData.status);
}
}
else {
alert("currently the application is at " + requestJsonData.readyState);
}
}
function createCORSRequest(method, url){
var xhr;
xhr = new XMLHttpRequest();
if ("withCredentials" in xhr){
xhr.open(method, url, true);
xhr.setRequestHeader('X-PINGOTHER', 'pingpong');
} else if (typeof XDomainRequest != "undefined"){
xhr = new XDomainRequest();
xhr.open(method, url);
} else {
xhr = null;
}
return xhr;
}
Service code :
#OPTIONS
#Path("/servicePath")
#Produces("*/*")
#Consumes("*/*")
public Response corsRequest() {
Response response = null;
ResponseBuilder builder = null;
builder = Response.ok();
builder.header("Access-Control-Allow-Headers", "X-PINGOTHER");
builder.header("Access-Control-Max-Age","1728000");
builder.header("Access-Control-Allow-Origin","Origin_Ip_Address");
builder.header("Access-Control-Allow-Methods", "POST, GET, OPTIONS");
builder.header("Content-Type","text/plain");
builder.header("Connection", "Keep-Alive");
response = builder.build();
System.out.println("Exited from Options method");
return response;
}
#POST
#Path("/servicePath")
#Produces("application/json")
public String drawRegions() {
System.out.println("Entered inside Post method");
// Some calculation to arrive jsonObject.
return jsonObject;
}
From the code, I have received the following as a results.
OPTIONS Method Request and Response Headers
Request Headers :
OPTIONS /SolartisGeoCodeLookUpService/Service/drawRegions HTTP/1.1
Host: Cross_Domain_IP_Address
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:25.0) Gecko/20100101 Firefox/25.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: Origin_IP_Address
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-pingother
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Response Headers
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Access-Control-Allow-Headers: X-PINGOTHER
Connection: Keep-Alive
access-control-allow-origin: Origin_IP_Address
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain
Content-Length: 0
Date: Thu, 12 Dec 2013 12:39:27 GMT
Response Cache Header
Response Headers From Cache
Access-Control-Allow-Head... X-PINGOTHER
Access-Control-Allow-Meth... POST, GET, OPTIONS
Access-Control-Max-Age 1728000
Connection Keep-Alive
Content-Length 0
Content-Type text/plain
Date Thu, 12 Dec 2013 12:39:27 GMT
Server Apache-Coyote/1.1
access-control-allow-original Origin_IP_Address
POST Method Request and Response Headers
Request Headers
POST /servicePath HTTP/1.1
Host: crossDomain_IP_Address
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:25.0) Gecko/20100101 Firefox/25.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-PINGOTHER: pingpong
Origin: Origin_IP_Address
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
Response Headers
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/json
Content-Length: 128
Date: Thu, 12 Dec 2013 12:39:27 GMT
ADDITIONAL INFO
From the javascript two times the handler method has been called. At the First time, It is comeup with "currently the application is at 2" - readyState value. At the Second time, It is comeup with "Invocation Errors Occured 4(readyState value) and status code is 0 (response status code)". The second time response clearly says, invoking the service has been stopped by the same origin policy. But I dont know How to overcome from this problem and have to access the resource. Please help me by correcting my code.
Instead of dealing with X domain calls in javascript, why don't you develop a service local to your application that consumes the web service in the other domain, then you can call you local service from javascript.
I would suggest also, and alternatively, that you use jQuery to perform that Cross Domain Ajax call, see this link: http://www.pureexample.com/jquery/cross-domain-ajax.html.
There is no need to deal with XHR directly since you have jQuery to do it for you.
Hope this helps,
Regards.
I am using a SAP odata service and I added it as a web reference in visual studio 2012.
Uri serviceUri = new Uri("http://zbc.net:4521/sap/opu/odata/sap/Emp/", UriKind.Absolute);
Emp context = new Emp(serviceUri);
context.Credentials = new System.Net.NetworkCredential("loginanme", "pass");
var query = from b in context.Employees
where b.Role == "Admin"
select b;
foreach (var myObject in query)
{
Console.WriteLine("\n name: {0} | role: {1}", myObject.name, myObject.Role);
}
When I execute the code above, I get the following error:
"An error occurred while processing this request."
InnerException: "A missing or empty content type header was found when trying to read a message. The content type header is required."
this is the query that VS2012 produces:
Query: {http://zbc.net:4521/sap/opu/odata/sap/Emp/Employees()?$filter=Role eq 'Admin'}
StackTrace:
at Microsoft.Data.OData.ODataMessageReader.GetContentTypeHeader()
at Microsoft.Data.OData.ODataMessageReader.TryGetSinglePayloadKindResultFromContentType(IEnumerable`1& payloadKindResults, MediaType& contentType, Encoding& contentEncoding)
at Microsoft.Data.OData.ODataMessageReader.DetectPayloadKind()
at System.Data.Services.Client.Materialization.ODataMaterializer.CreateODataMessageReader(IODataResponseMessage responseMessage, ResponseInfo responseInfo, Boolean projectionQuery, ODataPayloadKind& payloadKind)
at System.Data.Services.Client.Materialization.ODataMaterializer.CreateMaterializerForMessage(IODataResponseMessage responseMessage, ResponseInfo responseInfo, Type materializerType, QueryComponents queryComponents, ProjectionPlan plan, ODataPayloadKind payloadKind)
at System.Data.Services.Client.MaterializeAtom..ctor(ResponseInfo responseInfo, QueryComponents queryComponents, ProjectionPlan plan, IODataResponseMessage responseMessage, ODataPayloadKind payloadKind)
at System.Data.Services.Client.QueryResult.CreateMaterializer(ProjectionPlan plan, ODataPayloadKind payloadKind)
at System.Data.Services.Client.QueryResult.ProcessResult[TElement](ProjectionPlan plan)
at System.Data.Services.Client.DataServiceRequest.Execute[TElement](DataServiceContext context, QueryComponents queryComponents)
Response from RESTClient (firefox add-on)
Status Code: 200 OK
Content-Encoding: gzip
Content-Length: 566
Content-Type: application/xml
Last-Modified: Tue, 09 Jul 2013 13:03:22 GMT
Server: SAP NetWeaver Application Server / ABAP 731
dataserviceversion: 2.0
Response body
<?xml version="1.0" encoding="utf-8"?>
<edmx:Edmx Version="1.0" xmlns:edmx="http://schemas.microsoft.com/ado/2007/06/edmx"
xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata"
xmlns:sap="http://www.sap.com/Protocols/SAPData">
<edmx:DataServices m:DataServiceVersion="2.0">
<Schema Namespace="Emp" xml:lang="en" xmlns="http://schemas.microsoft.com/ado/2008/09/edm">
<EntityType Name="Bank" sap:content-version="1">
<Key>
<PropertyRef Name="Admin"/>
</Key>
<Property Name="Name" Type="Edm.String" MaxLength="35" sap:label="Name"/>
<Property Name="street" Type="Edm.String" MaxLength="35" sap:label="Street"/>
<Property Name="Role" Type="Edm.String" MaxLength="35" sap:label="Role"/>
<Property Name="Region" Type="Edm.String" MaxLength="3" sap:label="Region"/>
</EntityType>
<EntityContainer Name="Emp" m:IsDefaultEntityContainer="true">
<EntitySet Name="Employees" EntityType="Emp.Employee" sap:deletable="false" sap:content-version="1"/>
</EntityContainer>
<atom:link rel="self" href="http://zbc.net:4521/sap/opu/odata/sap/Emp/$metadata" xmlns:atom="http://www.w3.org/2005/Atom"/>
<atom:link rel="latest-version" href="http://zbc.net:4521/sap/opu/odata/sap/Emp/$metadata"
xmlns:atom="http://www.w3.org/2005/Atom"/>
</Schema>
</edmx:DataServices>
</edmx:Edmx>
From Fiddler I get the following response:
HTTP/1.1 401 Unauthorized
www-authenticate: Basic realm="SAP NetWeaver Application Server [SVD/800]"
content-length: 2180
content-type: text/html; charset=utf-8
server: SAP NetWeaver Application Server / ABAP 731
How come in fiddler I get a 401? How can I provide a login and pass in Fiddler so that I don't get a 401?
Thanks Vitek Karas MSFT for your suggestion. The issue is sovled by installing the latest version of WCF Data Services 5.6.0. and thanks to Maikel who tried in on our dev and was able to solve the issue.
I m working on wso2 admin services. I get url as http://localhost:9763/services/AuthenticationAdmin?wsdl for AuthencticationAdmin.
Now, when I hit the login operation, with admin,admin,127.0.0.1, I get true as return.
ESB console shows logged in.
Now, when I hit logout operation, I dont get any response.
Also I notice that header of the response does not contain any session ID.
My ESB is 4.6.0.
login request :
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:aut="http://authentication.services.core.carbon.wso2.org">
<soapenv:Header/>
<soapenv:Body>
<aut:login>
<!--Optional:-->
<aut:username>admin</aut:username>
<!--Optional:-->
<aut:password>admin</aut:password>
<!--Optional:-->
<aut:remoteAddress>127.0.0.1</aut:remoteAddress>
</aut:login>
</soapenv:Body>
</soapenv:Envelope>
login response :
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Body>
<ns:loginResponse xmlns:ns="http://authentication.services.core.carbon.wso2.org">
<ns:return>true</ns:return>
</ns:loginResponse>
</soapenv:Body>
</soapenv:Envelope>
In the response, when I hit login I see, at bottom I only get 6 elements in header as follows :
> Date Tue, 25 Jun 2013 14:31:42 GMT
> Transfer-Encoding chunked
> #status# HTTP/1.1 200 OK
> Content-Type text/xml; charset=UTF-8
> Connection Keep-Alive
> Server WSO2-PassThrough-HTTP
Now, I dont get session ID. Can you please point out where m I going wrong?
My scenario is that I want to login to WSO2 and then hit some other admin service operation.
After some time debugging with the java client (see my other answer), I noticed that the SOAPUI Endpoint was not using the 9443 port that I was using in the Java client. See the image below.
The 8243 port was picked up from the WSDL by SOAPUI.
When I changed the SOAP UI Endpoint port from 8243 to 9443, the JSESSIONID gets returned in the response, as seen below:
HTTP/1.1 200 OK
Set-Cookie: JSESSIONID=573D42750DE6C0A287E1582239EB5847; Path=/; Secure; HttpOnly
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Date: Wed, 26 Jun 2013 22:14:20 GMT
Server: WSO2 Carbon Server
<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Body><ns:loginResponse xmlns:ns="http://authentication.services.core.carbon.wso2.org"><ns:return>true</ns:return></ns:loginResponse></soapenv:Body></soapenv:Envelope>
I have no idea what the difference is between the ports 8243 and 9443, or why one returns a JSESSIONID and the other doesn't.
You could try accessing the server using a java client. There is an example here. You could try this example and dump out the SOAP message to see the difference against what you are seeing in SOAPUI.
I'm wondering if the example axis client's setManageSession(true) does some magic on the session:
public static void main(String[] args) throws
RemoteException, AuthenticationAdminAuthenticationExceptionException {
System.setProperty("javax.net.ssl.trustStore",
SampleConstants.CLIENT_TRUST_STORE_PATH);
System.setProperty("javax.net.ssl.trustStorePassword",
SampleConstants.KEY_STORE_PASSWORD);
System.setProperty("javax.net.ssl.trustStoreType",
SampleConstants.KEY_STORE_TYPE);
AuthenticationAdminStub stub =
new AuthenticationAdminStub(
"https://localhost:9443/services/AuthenticationAdmin");
ServiceClient client = stub._getServiceClient();
Options options = client.getOptions();
options.setManageSession(true);
Login login = new Login();
login.setUsername("admin");
login.setPassword("admin");
stub.login(login);
ServiceContext serviceContext = stub.
_getServiceClient().getLastOperationContext().getServiceContext();
String sessionCookie = (String) serviceContext
.getProperty(HTTPConstants.COOKIE_STRING);
System.out.println(sessionCookie);
}
The above code prints out something similar to the following:
JSESSIONID=844ECBED015805A24FF9DBD5F5A56C8D; Path=/; Secure=null; HttpOnly=null