cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SOAP adapter - WS authorization

Go to solution
Former Member

on ‎11-12-2006 9:24 AM

0 Kudos

Hello,

I am trying to expose an RFC as a web service using the SOAP Adapter.

The problem is that in order to consume this web service, authorization is required by the client application(Otherwise the call returns code 401 - Unauthorized)

Is it possible to allow anonymous calls to the WS ?

If not, can anyone instruct me how to provide authorization data during the call to the WS (using C#) ?

Thanks,

Elad.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎11-12-2006 7:26 PM
0 Kudos

Hi,

You have to create user in XI system (transaction SU01) or use the existing user. And use this user and password to call the web service.

Regards,

Wojciech

Show replies
Show replies
Former Member
‎11-13-2006 6:34 AM
0 Kudos

Hi all,

I understand that I have to provide username and password in order to execute the WS.

My question is, how do I do it ?

Thanks,

Elad.

bhavesh_kantilal
Active Contributor
‎11-13-2006 6:39 AM
0 Kudos

Elad,

You need to expose your Interface as a webservice in XI.

To do this you need to create a WSDL out of your Message Interface.

take a look at section 3 in this document,

https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/d23cbe11-0d01-0010-5287-873...

You will then load the WSDL you created in the document above into a Webservice Client like XML Spy and you can test your scenario.

Regards,

Bhavesh

Former Member
‎11-13-2006 6:54 AM
0 Kudos

Hi,

Maybe I am not clear about my problem.

My scenario is complete, and working perfrect as far as the XI is concerned.

My problem is that I need help with providing username and password from the client application.

Or on the other hand allow anonymous execution of the WS.

Thanks,

Elad.

bhavesh_kantilal
Active Contributor
‎11-13-2006 7:11 AM
0 Kudos

Elad,

><i>Or on the other hand allow anonymous execution of the WS.</i>

For anonymous login, I have posted the answer above pointing to the thread that contains the solution as well as the actual answer. do the same for anonymous log on.

If you need a log on based system, then the user id should be an XI user id with the role of <b>XIAPPLUSER.</b> make sure you are using an user id with XIAPPLUSER's crendetials.

Regards,

Bhavesh

Former Member
‎11-13-2006 10:10 AM
0 Kudos

Hi,

Create service user in SU01.

Add this role to this user SAP_XI_APPL_SERV_USER.

Use this user in web service call.

Regards,

Wojciech

Answers (2)

Answers (2)

Former Member
‎11-13-2006 1:07 AM
0 Kudos

Hi,

This error will popup when you give the wrong username and password ...

if you are doing SOAP to RFC scienario then you meight have given wrong password for R/3 system of the RFC...

are visaversa

cheak the username and password once and tryonce again

Amaresh

Show replies
Show replies
bhavesh_kantilal
Active Contributor
‎11-13-2006 3:08 AM
0 Kudos

Hi,

From the thread , <u><b>

<i>in order to turn off the authentication for SOAP interface, please remove the authentication

restriction in web.xml for aii_af_soapadapter.sda.

Extract the SOAP-adapters WAR-file from the corresponding sda. Then extract the deployment-descriptor from the war-file and delete the related security-constraint, login-config and security-role sections (makes absolutely sense to save the original descriptor beforehand). ZIP the files again with the new deployment descriptor and deploy the SDA via SDM.

comment the following portion.( It's already commented below).

<! security-constraint >

<><security-constraint>

<display-name>message</display-name>

<web-resource-collection>

<web-resource-name>message</web-resource-name>

<url-pattern>MessageServlet</url-pattern>

</web-resource-collection>

<auth-constraint>

<role-name>xi_adapter_soap_message</role-name>

</auth-constraint>

</security-constraint>

<security-constraint>

<display-name>helper</display-name>

<web-resource-collection>

<web-resource-name>helper</web-resource-name>

<url-pattern>HelperServlet</url-pattern>

</web-resource-collection>

<auth-constraint>

<role-name>xi_adapter_soap_helper</role-name>

</auth-constraint>

</security-constraint>

>

<! login-config >

<><login-config>

<auth-method>BASIC</auth-method>

<realm-name>XISOAPApps</realm-name>

</login-config>

>

<! security-role >

<><security-role>

<role-name>xi_adapter_soap_message</role-name>

</security-role>

<security-role>

<role-name>xi_adapter_soap_helper</role-name>

</security-role>

>

The safest way to change this web.xml is described as followed, you

could do the changes also direct on the file system, but it will need

reboot of J2EE and does not guarantee to work.

The web.xml is located in the aii_af_soapadapter.sda, please extract

this sda file with normal zip function. There is one

aii_af_soapadapter.war inside, please extract this war file again,

change the web.xml as described above. Please zip the folder with

modified web.xml for aii_af_soapadapter.war and than for the

aii_af_soapadapter.sda. Please do not modify the folder structure.

Deploy this modified sda with SDM. After the deployment you can double

check whether changes for web.xml is done on the file system, this

web.xml is located under

/usr/sap/xxx/DVEBMGS00/j2ee/cluster/server0/apps/sap.com/com.sap

.aii.af.soapadapter/servlet_jsp/XISOAPAdapter/root/WEB-INF.

I am not sure whether you will need to restart the J2EE after this

deployment to make the changes from web.xml active, please try it out.</i>

Regards,

Bhavesh

Former Member
‎11-12-2006 10:20 PM
0 Kudos

You can configure a soap and rfc scenario, create a wsdl on the outbound interface and set the anonymous user for your webservice using the Visual Admin tool.

Show replies
Show replies
Ask a Question