Skip to Content
0
Former Member
Oct 28, 2011 at 10:48 AM

Unexpected WebService SOAP Message Authentication Error

36 Views

NetWeaver 7.3 -> NWA -> SOAP -> Single Service Administration

What might be the problem if I can't use the SOAP "Message Authentication" with "User ID/Password"?

I want to call a WebService from SAP ME 6.0, which requires BASIC authentication level. I activated the "User ID/Password" for "Message Authentication". Afterwards you should be able to call the WebService with SOAP Authentication.

SOAP Authentication Example

<soapenv:Envelope xmlns:me="http://sap.com/xi/ME" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <soapenv:Header>
    <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>
      <wsse:UsernameToken wsu:Id="UsernameToken-35" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
        <wsse:Username>ME_INTEGRATOR_USER</wsse:Username>
        <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">MyPassword</wsse:Password>
        <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">r9ccFMjiZgrvpfsqTIceig==</wsse:Nonce>
        <wsu:Created>2011-10-26T13:12:06.268Z<;/wsu:Created>
      </wsse:UsernameToken>
    </wsse:Security>
  </soapenv:Header>
  <soapenv:Body>
  ...

But if I call the WebService with SOAP authentication, NetWeaver sends an HTML ⚠️ error page indicating an "401 Unauthorized" error. The user is a technical user with all SAP ME rolles and the administrator group assigned.

+ Why does the authorization not work?

+ Why was an HTML error page delivered instead of a SOAP error message?

+ Does NetWeaver produce this page or might it be a problem within the WebService implementation?

Best regards,

Martin