cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Consuming a Web Service via SSL with Basic Authentication

Go to solution
Former Member

on ‎12-30-2005 12:35 PM

0 Kudos

Hello,

I have a simple web service (returns a parameter value) and want to consume it. Therefore I have generated a proxy for its in Netweaver Studio SP13.

When I set up the web service to be accessed via HTTP and Basic Authentication (Username/Password), everything is fine. When I set up the web service to communicate via HTTPS, I get the following error message in my client:

java.rmi.RemoteException: Service call exception; nested exception is:

java.lang.NullPointerException

at priv.senw04.wsproxy.multisec_ssl.SSLBindingStub.pingText(SSLBindingStub.java:87)

at priv.senw04.wsproxy.multisec_ssl.SSLBindingStub.pingText(SSLBindingStub.java:96)

at priv.se.wsclient.MultiSecSSL.main(MultiSecSSL.java:38)

Caused by: java.lang.NullPointerException

at com.sap.engine.services.webservices.jaxm.soap.HTTPSocket.disconnect(HTTPSocket.java:625)

at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.HTTPTransport.closeSession(HTTPTransport.java:396)

at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.MimeHttpBinding.call(MimeHttpBinding.java:1312)

at priv.senw04.wsproxy.multisec_ssl.SSLBindingStub.pingText(SSLBindingStub.java:80)

... 2 more

Testing the web service with WebServiceNavigator and/or by using a generated WebDynpro Client results in the following error:

000D604C66BE004E0000001300000AFC00040922E0160632 : An error occurred during processing the timestamp. The error was: com.sap.security.core.ws.wss.NoSecurityHeaderException No wsse:Security header has been defined for role soap:finalActor. Please verify the policy configuration..

But my main focus is on the client implementation based on a proxy. Here comes the client's code:

public class MultiSecSSL {

public static void main(String[] args) {

try {

MultiSecuritySSLAuthImpl serviceInterface = new MultiSecuritySSLAuthImpl();

SSLBindingStub service = (SSLBindingStub)serviceInterface.getLogicalPort(MultiSecuritySSLAuthViDocument.class);

SecurityProtocol protocol = (SecurityProtocol) service._getGlobalProtocols().getProtocol("SecurityProtocol");

AuthenticationContext auth = protocol.getAuthenticationContext();

auth.setIgnoreSSLServerCertificate(true);

auth.setUsername("cfpcompany");

auth.setPassword("demo");

String ret = service.pingText("Called service MultiSecurity via SSL");

System.out.println(ret);

} catch (Exception e) {

e.printStackTrace(System.out);

}

}

}

Here comes the logical port information of the generated proxy:

<?xml version="1.0" encoding="UTF-8"?>

<LogicalPorts Name='MultiSecuritySSLAuth' InterfaceName='priv.senw04.wsproxy.multisec_ssl.MultiSecuritySSLAuth'>

<LogicalPort Name='SSLPort_Document' Endpoint='https://192.168.129.76:50001/MultiSecuritySSLAuth/SSL?style=document' BindingName='SSLBinding' BindingUri='urn:MultiSecuritySSLAuthWsd/SSL/document' BindingImplementation='SOAP 1.1 HTTP Binding with Attachments' StubName='priv.senw04.wsproxy.multisec_ssl.SSLBindingStub' Default='true' InterfaceName='priv.senw04.wsproxy.multisec_ssl.MultiSecuritySSLAuthViDocument' Original='true' Valid='true'>

<globalFeatures>

<Feature Name='http://www.sap.com/webas/630/soap/features/headers/' Provider='SoapHeadersProtocol' Original='false'>

</Feature>

<Feature Name='http://www.sap.com/webas/630/soap/features/session/' Provider='SessionProtocol' Original='false'>

<Property Name='SessionMethod' Value='httpCookies'>

</Property>

</Feature>

<Feature Name='http://www.sap.com/webas/630/soap/features/authentication' Provider='SecurityProtocol' Original='true'>

<Property Name='AuthenticationLevel' Value='None'>

</Property>

<Property Name='AuthenticationMechanism' Value='HTTP'>

</Property>

<Property Name='AuthenticationMethod' Value='BasicAuth'>

</Property>

<Property Name='SupportsSSO2Authentication' Value='false'>

</Property>

</Feature>

<Feature Name='http://www.sap.com/webas/630/soap/features/transportguarantee' Original='true'>

<Property Name='Level' Value='No'>

</Property>

<Property Name='TLSType' Value='SSL'>

</Property>

</Feature>

</globalFeatures>

<localFeatures>

<Operation Name='pingText'>

<Feature Name='http://www.sap.com/webas/630/soap/features/wss' Original='true'>

<Property Name='RequestPolicy' Value='Signature'>

</Property>

<Property Name='ResponsePolicy' Value='None'>

</Property>

</Feature>

<Feature Name='http://sap.com/webservices/authorization' Original='true'>

</Feature>

</Operation>

</localFeatures>

</LogicalPort>

</LogicalPorts>

To me, this looks consistent. Any idea, what is misconfigured on my machine ?

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

martijndeboer
Advisor
Advisor
‎01-08-2006 6:46 PM
0 Kudos

Hi,

I think you mixed up transport and document security.

Transport security is i.e. SSL, HTTP Basic authentication etc. While document security is the OASIS WS Security standard (XML Signature, XML Encryption etc.)

You have configured parts to require an XML Signature, but did not configure service or proxy to send one.

While you intend to configure transport security, you have made some configuration settings for document security. Please check the settings in you IDE for the service and proxy.

Regards,

Martijn

Show replies
Show replies
Former Member
‎01-09-2006 11:14 AM
0 Kudos

Hi Martijn,

I have fixed the settings and recreated the standalone proxy. After making it pypassing my proxyserver (does not accept SSL connections via port 50001), I have started the client again, and the errormessage remains the same.

I then debugged the generated Stub of the proxy and found, that calling

this.transportBinding.call(this.stubConfiguration,this.globalProtocols,_getOperationProtocols("pingText"));

leads to the NullPointerException.

Do you have any further ideas, what might be missing ?

Thanks,

Stefan

martijndeboer
Advisor
Advisor
‎01-09-2006 11:47 AM
0 Kudos

Hi Stefan,

To me it seems you have configured document security in the service you are calling. Can you check the configuration of the service in the IDE and in the Visual Administrator?

Regards,

Martijn

Former Member
‎01-09-2006 12:42 PM
0 Kudos

Hi Martijn,

I did check the IDE and Visual Administrator again and recreated the standalone proxy. The lports_1.xml of the proxy has changed only in one line:

old: <Property Name='RequestPolicy' Value='Signature'>

new: <Property Name='RequestPolicy' Value='None'>

Is there anything else to change for getting rid off the Document Security ?

My assumption is, that I just missed to set any parameter in the client when calling the service.

BTW: When I use a deployable proxy, where all communication settings are done in the Visual Administrator, everything is fine.

Regards,

Stefan

martijndeboer
Advisor
Advisor
‎01-09-2006 1:17 PM
0 Kudos

Hi Stefan,

I my last message I was talking about the configuration of the <i>service</i>, not the proxy. To me it looks like your service has document security configured, so you also need to remove the setting from the configuration of the web service.

Regards,

Martijn

Former Member
‎01-09-2006 1:59 PM
0 Kudos

Hi Martin,

that is exactly, what I did.

- Change Web Service Configuration in IDE

- Build and Deploy the Service to my local Server

- Check Service in Visual Administrator

- Deleted and Regenerated the Standalone Proxy

- Deleted and Recreated the link between CLient and Proxy Project in IDE

- Started Client

Here comes the section of the ws-deployment-descriptor.xml of the service. For me, it matches, what the proxy generated.

<webservice>

<guid>ed8363_10876a54b6d__7fe9_192_168_129_76_1135862193037</guid>

<ejb-name-temp>MultiSecWSBean</ejb-name-temp>

<webservice-name>

<namespaceURI>urn:MultiSecuritySSLAuthWsd</namespaceURI>

<localName>MultiSecuritySSLAuth</localName>

</webservice-name>

<webservice-internal-name>MultiSecuritySSLAuth</webservice-internal-name>

<standard-namespaceURI>urn:MultiSecuritySSLAuthWsd</standard-namespaceURI>

<ws-configuration>

<configuration-name>SSL</configuration-name>

<ejb-name>MultiSecWSBean</ejb-name>

<service-endpoint-name>

<namespaceURI>urn:MultiSecuritySSLAuthWsd</namespaceURI>

<localName>SSLPort</localName>

</service-endpoint-name>

<wsdl-porttype-name>

<namespaceURI>urn:MultiSecuritySSLAuthWsd</namespaceURI>

<localName>MultiSecuritySSLAuthVi</localName>

</wsdl-porttype-name>

<webservice-definition-ref>

<package>com.technidata.cfp.i3rdparty.cfpxml</package>

<name>MultiSecuritySSLAuthWsd.wsdef</name>

</webservice-definition-ref>

<service-endpoint-vi-ref>

<package>com.technidata.cfp.i3rdparty.cfpxml</package>

<name>MultiSecuritySSLAuthVi.videf</name>

</service-endpoint-vi-ref>

<transport-binding name="SOAPHTTP_TransportBinding">

<wsdl-binding-name>

<namespaceURI>urn:MultiSecuritySSLAuthWsd</namespaceURI>

<localName>SSLBinding</localName>

</wsdl-binding-name>

</transport-binding>

<transport-address>/MultiSecuritySSLAuth/SSL</transport-address>

<global-features>

<feature name="http://www.sap.com/webas/630/soap/features/transportguarantee" protocol="SecurityProtocol">

<property name="TLSType" value="SSL"/>

</feature>

<feature name="http://www.sap.com/webas/630/soap/features/authorization" protocol="SecurityProtocol"/>

<feature name="http://www.sap.com/webas/630/soap/features/authentication" protocol="SecurityProtocol">

<property name="AuthenticationMethod" value="BasicAuth"/>

<property name="AuthenticationMechanism" value="HTTP"/>

<property name="SupportsSSO2Authentication" value="false"/>

</feature>

</global-features>

<operation-configuration uniqueViName="pingText(java.lang.String)">

<transport-binding-configuration>

<input>

<property name="soapAction" value=""/>

<property name="encodingStyle" value="http://schemas.xmlsoap.org/soap/encoding/"/>

</input>

<output>

<property name="encodingStyle" value="http://schemas.xmlsoap.org/soap/encoding/"/>

</output>

</transport-binding-configuration>

<feature name="http://www.sap.com/webas/630/soap/features/wss" protocol="SecurityProtocol">

<property name="RequestPolicy" value="None"/>

<property name="ResponsePolicy" value="None"/>

</feature>

<feature name="http://sap.com/webservices/authorization" protocol="SecurityProtocol">

<property name="security-roles">

<property name="role1" value="use_multisec_service"/>

</property>

</feature>

</operation-configuration>

</ws-configuration>

</webservice>

Regards,

Stefan

Answers (0)

Ask a Question