Skip to Content
0
Former Member
Oct 26, 2011 at 01:37 PM

Another ME 6.0 Webservice Authorization Problem

18 Views

Hello,

in ME 5.2 on NetWeaver 7.1 it was possible to go to NWA's SOAP Single Service Administration and activate the "User ID/Passwort" for "HTTP Authentication" AND for "Message Authentication". Afterwards you may call the webservice with either HTTP Basic Authentication or SOAP Authentication.

SOAP Authentication Example

<soapenv:Envelope xmlns:me="http://sap.com/xi/ME" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <soapenv:Header>
    <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
      <wsse:UsernameToken wsu:Id="UsernameToken-35" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
        <wsse:Username>ME_INTEGRATOR_USER</wsse:Username>
        <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">MyPassword</wsse:Password>
        <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">r9ccFMjiZgrvpfsqTIceig==</wsse:Nonce>
        <wsu:Created>2011-10-26T13:12:06.268Z</wsu:Created>
      </wsse:UsernameToken>
    </wsse:Security>
  </soapenv:Header>
  <soapenv:Body>
  ...

In ME 6.0 on NetWeaver 7.3 this seems to be no longer possible. NetWeaver sends an HTML ⚠️ error page indicating an "401 Unauthorized" error.

@ME Developers: Have you changed something? What has to be done to make it work again?

Please don't tell me just to use the Basic Authentication. It is not possible to change the HTTP Header in an Adobe Flex Application. The Browser does not allow it. We have to use the SOAP Authentication.

Best regards,

Martin