cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

403 Forbidden Error on Inbound Web Service Call

Former Member

on ‎07-10-2007 6:37 PM

0 Kudos

Hi XI Gurus.

We have been using an ID for a while now to login to the XI server to post SOAP messages to the adapter. For some unknown reason we now receive 403 Forbidden messages. The user has the exact same roles and authorizations as the corresponding user in another environment where this works fine. I know it's not related to any of the solutions posted here because using my ID works fine.

We have assigned the user SAP_XI_APPL_SERV_USER and S_RFC auth's for a few RFC groups that the interface will need to invoke. Again, this works perfectly in our other environment.

A few questions:

1) How can we see the error logs when this error gets thrown? J2EE Admin?

2) What would cause this? It doesn't seem to be authorizations at the XI level. Is it something at the J2EE level?

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (4)

Answers (4)

henrique_pinto
Active Contributor
‎07-10-2007 6:53 PM
0 Kudos

> I know it's not

> related to any of the solutions posted here because

> using my ID works fine.

Then copy your user into this one.

Regards,

Henrique.

Show replies
Show replies
Former Member
‎07-12-2007 3:12 PM
0 Kudos

ok ive established the following:

1) user is not locked. When I lock it, i get 401 Unauthorized errors. Unlocking gives the 403 error still.

2) Tried copying user giving problems to brand new one just for kicks. Now I get 302 Found messages back?

Im at a loss at this point.. Any ideas?

henrique_pinto
Active Contributor
‎07-12-2007 7:20 PM
0 Kudos

302 means that the service was temporarily moved to other address.

Theoretically, when that happens to http requests, the client application (usually browsers) would need to automatically repeat the post to the other address.

As for the Soap call, I would expect the adapter to have the same behavior, but I'm not so sure. You could check the expected client behavior at SOAP especification.

Regards,

Henrique.

Former Member
‎07-10-2007 6:41 PM
0 Kudos

This might be a silly question but the user is not locked?

You can always create a trace in the Java Admin Console:

Traces are used to analyze runtime errors. By setting a specific trace level for specific locations, you can analyze the behavior of individual code segments at class and method level. This is done with the help of the log configurator service:

Log onto Java Admin Console

 Services

 Log Configurator

 Locations

 Choose the location (Java package) and the tracing level (severity)

(for example, com.sap.aii.adapter.rfc)

 Root Location > com > sap > aii > RFC

 Set the severity to Debug (or all) and choose Copy Severity to Subtree.

Run end to end process and check the log file in the standalone log viewer.

Show replies
Show replies
former_member184619
Active Contributor
‎07-10-2007 6:40 PM
0 Kudos

hi James,

4) Error: HTTP 403 Forbidden

Description: The server understood the request, but is refusing to fulfill it

Possible Tips:

Path sap/xi/engine not active

• HTTP 403 during cache refresh of the adapter framework - Refer SAP Note -751856

• Because of Inactive Services in ICF –Go to SICF transaction and activate the services. Refer SAP Note -517484

• Error in RWB/Message Monitoring- because of J2EE roles – Refer SAP Note -796726

• Error in SOAP Adapter - "403 Forbidden" from the adapter's servlet. –Because of the URL is incorrect or the adapter is not correctly deployed.

check this for detail : /people/krishna.moorthyp/blog/2006/07/23/http-errors-in-xi

Sachin

Show replies
Show replies
MichalKrawczyk
Active Contributor
‎07-10-2007 6:38 PM
0 Kudos

Hi,

check in su01 if the user is not locked

Regards,

michal

Show replies
Show replies
Ask a Question