I am using JMeter to make test calls to Dynamics CRM 2011 web services.
I have a SOAP/XML-RPC Request configured to call the Retrieve operation. The URL is set to http://<>/XRMServices/2011/Organization.svc/web and the SOAPAction is set to Retrieve.
When I run the test, I get 401 (Unauthorized) error.
I tried adding an HTTP Authorization Manager with the username and password as well but still no joy.
Can anyone help?
Make sure that you're using BASIC_DIGEST and enter the base domain name in the realm and the domain of your user.
--Example--
Base URL: <- Leave This Blank
Username: SomeUserName
Password: Your Password
Domain: CONTOSO
Realm: CONTOSO.LOCAL (Or .com .org or however you have your domain configured)
Mechanism: BASIC_DIGEST
Related
I made a self-hosted web service in C# (but I don't think the language and framework matter here). The service requires NTLM authentication. When I test the service from Chrome everything works. If I test it from Postman then a certain check fails in the service. In my ApiController I call ((WindowsIdentity)User.Identity).Owner.IsAccountSid() and this method returns false when web calls are made from Postman. The owner's SID is S-1-5-32-544 (Administrators group), which is not an account.
In Postman I did set the username and password, as suggested in another answer. If I change the password, I get 401 Unauthorized, so this tells me I configured Postman correctly. But it doesn't work for me.
Is there a way to make Postman behave more like Chrome (where both direct link and call from JavaScript work correctly)?
The WSO2 APIM version is 3.2.0.
Created a JBDC secondary userstore opera in WSO2 APIM and added some users say user1.
There was an application created in devportal - GUI_APP
When I try to access the token API with the user in opera, I'm getting the below error.
"Users in the tenant domain : opera do not have access to application admin_GUI_APP_PRODUCTION"
API details below:
Request URL:
https://{APIM_IP}:8243/token
Request Method:
POST
Request Headers:
Content-Type:application/x-www-form-urlencoded
Authorization:Basic (base64 encoded key:secret of GUI_APP)
Request Body:
grant_type:password
username:user1#opera
password:{pwd}
Kindly let me know what change needs to be done, to get the token for users in secondary user store .
The user store domain should be prepended to the username in the following format. The # symbol is used to append the tenant domain to the username.
UserStoreDomain/Username
Also, it is not mandatory to prepend the user store domain. When the user store domain is not prepended, it will first search the username in the PRIMARY and then search for all the secondary user stores.
I'm using Postman 6.7.3. Instead of typing in the Username and Password values for the Authorization (tab) NTLM Authentication (type), alternatively, I'd like Postman to retrieve the needed information from the logged-on user. Is that possible today? I'm running a "corporate"-configured version of Windows 10 that resides on an (AD) domain (that we call "US").
FWIW, my "web api" calls work just fine when I do type-in the credentials for myself in the Postman Authorization screen. (just looking to do "less typing"...and perhaps avoid the security risk of exposing my domain password)
I am trying to create an authentication in ADF mobile where the login URL is the peoplesoft login page. When i give in the username and password in the emulator, it throws an error.\
Terminating
Authentication URL responded with an illegal response code.
It is not basic authentication end point.
Please contact administrator
I have followed the following tutorial
https://blogs.oracle.com/shay/entry/accessing_secure_web_services_from
Here instead of creating a remote secured login server, I want to use peoplesoft to authenticate.Any Ideas?
I have also seen somewhere that you can authenticate each web service you call by adding the username and password in the SOAP header. Any tutorials for ADF would be much appreciated and #Shay Shmeltzer any ideas would be helpful
Thanks
Oracle MAF only supports security authentication against HTTP Basic Authentication pages, so I don't think you can use peoplesoft login page to authenticate neither your application nor you web services.
Otherwise you can create a secure ADF page the validates login through peoplesoft login credentials(username-password) then deploy that page to a server and secure your MAF application using that page.
Some useful links
Accessing Secure Web Services from ADF Mobile
ADF Mobile - Secured Web Service Access
ADF Mobile Application Security
And about your second question yes you can customize the envelop header being send from MAF application to a soap webservice (add username and password or any other attributes) by extending the SOAPProvider class and add it to the datacontrol.dcx file as the provider for the webservice.
The only example I can find online
http://docs.oracle.com/cd/E37975_01/doc.111240/e24475/amxwebservices.htm#autoId3
I have a webpage that need to access webservice at other domain. Due to cross domain policy in browser, I create a server side service as a proxy. I'm using server side HttpWebRequest (.net) to call a web service that require authentication and return the json to the javascript. However, i faced few issues :
I'm currently hardcode the username and password because HttpWebRequest seems to have no function to allow me to prompt for username and password. There is no popup dialog for login. So, can I force the HttpWebRequest to prompt for username and password just like the XMLHttpRequest (javascipt version) do?
Due to the 1st issue, i noticed that i might need to create a dummy login page that get username and pwd and then send request to the web service. if it success, then it means the login credential is correct. However, right after this, i still have alot of other request to the webservice. The cookie of the HttpWebRequest seems to last only for that request call only. It is not stored inside the normal local cookie storage. (I check the browser and dont find it). How can I store the cookies inside the CookieContainer to the HttpContext.Current.Response.Cookies so that i dont need to login again. I dont want to handle every request call by attaching the CookieContainer because there's a lot of request.