avatar image
Former Member

Webservice authentication in sap portal

Hi,

I have created one basic web service in NWDS and deployed it in portal. I tried to set authentication mechanism for my webservice. Ref: http://docs.oracle.com/javaee/5/tutorial/doc/bncbe.html#bncbn

below is my web.xml code

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
  <display-name>AuthenticateProj</display-name>
  <welcome-file-list>
    <welcome-file>index.html</welcome-file>
    <welcome-file>index.htm</welcome-file>
    <welcome-file>index.jsp</welcome-file>
    <welcome-file>default.html</welcome-file>
    <welcome-file>default.htm</welcome-file>
    <welcome-file>default.jsp</welcome-file>
  </welcome-file-list>
  <!-- LOGIN CONFIGURATION-->
 	<security-role>
    	<role-name>eu_core_role</role-name>
	</security-role>
  <security-constraint>        
        <web-resource-collection>
             <web-resource-name>AuthenticateService</web-resource-name>
            <url-pattern>/AuthenticateService</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>*</role-name>
        </auth-constraint>
        <user-data-constraint>
            <transport-guarantee>NONE</transport-guarantee>
        </user-data-constraint>
    </security-constraint>    
    <login-config>
        <auth-method>BASIC</auth-method>
    </login-config>
</web-app>

When i just used only below code in my web.xml

<login-config>
        <auth-method>BASIC</auth-method>
 </login-config>

It is not asking for any credentials. So I have added the security constraint tags. After adding security constraint tags when ever i access the wsdl from browser it is asking for credentials but when i give correct credentials it is not allowing me to login. I am getting the below exception in logs.

Invalid response code while loading WSDL: http://localhost:50000/AuthenticateProj/AuthenticateService?wsdl&mode=ws_policy, responseCode: 403
[EXCEPTION]
com.sap.engine.services.webservices.jaxrpc.exceptions.WebserviceClientException: GenericServiceFactory initialization problem. [Proxy Generator Error. Problem with WSDL file parsing. See nested message.]
at com.sap.engine.services.webservices.espbase.client.dynamic.GenericServiceFactory.createService_NewInstance(GenericServiceFactory.java:603)
at com.sap.engine.services.webservices.espbase.client.dynamic.GenericServiceFactory.createService(GenericServiceFactory.java:133)
at com.sap.esi.esp.wsnavigator.ManualTestView.createServiceByWSDL(ManualTestView.java:440)
at com.sap.esi.esp.wsnavigator.ManualTestView.onEventWSDLSelected(ManualTestView.java:1540)
at com.sap.esi.esp.wsnavigator.wdp.InternalManualTestView.wdInvokeEventHandler(InternalManualTestView.java:552)
at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.invokeEventHandler(DelegatingView.java:142)
at com.sap.tc.webdynpro.progmodel.components.Component.fireEvent(Component.java:492)
at com.sap.esi.esp.wsquery.ui.wsquerycomp.wdp.InternalWSQueryComp.wdFireEventWSDLSelected(InternalWSQueryComp.java:592)
at com.sap.esi.esp.wsquery.ui.wsquerycomp.WSQueryComp.getSelectedService(WSQueryComp.java:486)
at com.sap.esi.esp.wsquery.ui.wsquerycomp.wdp.InternalWSQueryComp.wdInvokeMethod(InternalWSQueryComp.java:465)
at com.sap.tc.webdynpro.progmodel.generation.ExternalControllerPI$ExternalInterfaceInvocationHandler.invoke(ExternalControllerPI.java:339)


If i don't use the security constraint tags I am able to execute wsdl without giving credentials but i want to impose basic authentication for my wsdl.

Please help me to resolve the issue.

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • avatar image
    Former Member
    Jun 22, 2017 at 08:36 AM

    Dear Pradeep,

    You can user UME api to force user to authenticate to access your application. Use the following code:

    IUser user =
    UMFactory.getAuthenticator().getLoggedInUser(request, response);if (null == user) {
    UMFactory.getAuthenticator().forceLoggedInUser(request,
    response);return;
    }

    Refer this link for more information.

    Best Regards,

    Kamal

    Add comment
    10|10000 characters needed characters exceeded

Skip to Content