Thank you for your answer. Is that the correct way to implement security for SOAP Services ? Does it work with the "DOMAIN" Flag for Apache HTTPD / Tomcat Server ?
How Do you can use the Authentication within a Java Client ? (API-RTFM
:) )
On Mon, 2002-02-18 at 11:25, Thomas Börkel wrote:
> HI!
>
> .NET does everything automatically on the client side. If you for example deploy
>your service on a web server that forces basic HTTP authentication, then .NET will
>use this. You just have to set the credentials on the .NET side before the first
>method call like this:
>
> myGeneratedProxyClass.Credentials = new NetworkCredential("name", "password",
>"domain");
>
> When using basic authentication, .NET will send user="domain\name" and
>password="password" in the HTTP header.
>
> On the Axis side, I guess it depends on which web server you are using.
>
> Regards,
> Thomas
>
> > -----Original Message-----
> > From: Sascha Kulawik [mailto:[EMAIL PROTECTED]]
> > Sent: Montag, 18. Februar 2002 11:22
> > To: [EMAIL PROTECTED]
> > Subject: RE: Off topic .NET question
> >
> >
> > Im currently working with ServerSite created GUID for the
> > authentication
> > of the Client.
> > Currently I havent knew, that it would be possible, to use
> > "normal" HTTP
> > Authentication for authenticate a valid SOAP Client.
> > Can anybody tell me, how this would be implemented either in a .NET
> > Application for the Clientsite or a Java-Program with AXIS ?
> >
> > I was really surprised about AXIS - after working with Apache
> > SOAP (and
> > the ugly Descriptors) Im currently only deploying the
> > Services with the
> > jws extension - ans - it works. Also with WSDL and .NET Code - great
> > work.
> >
> > On Mon, 2002-02-18 at 11:10, Thomas Börkel wrote:
> > > HI!
> > >
> > > We do not use an Axis AuthHandler. We have our own
> > transport (our own HTTP server), so that's no problem for us.
> > >
> > > Regards,
> > > Thomas
> > >
> > > > -----Original Message-----
> > > > From: Adam.Leggett [mailto:[EMAIL PROTECTED]]
> > > > Sent: Montag, 18. Februar 2002 10:54
> > > > To: '[EMAIL PROTECTED]'
> > > > Subject: RE: Off topic .NET question
> > > >
> > > >
> > > > Thomas,
> > > >
> > > > Thanks for the feedback. We have the exact same problem i.e
> > > > PreAuthenticate=true does not appear to work for us either.
> > > > In the meantime on the Java side I have created a version of
> > > > my AuthHandler
> > > > that parses the SOAP header instead for auth details. At this
> > > > point we are
> > > > at the stage of trying to create an .NET 'acceptable' WSDL
> > > > with the correct
> > > > <soap:header> element described in the operation. We are
> > > > having some trouble
> > > > with this so far.
> > > >
> > > > Im curious as to how you would make a handler force a 401 to
> > > > be returned.
> > > > What would be your approach to this?
> > > >
> > > > Adam
> > > >
> > > > -----Original Message-----
> > > > From: Thomas Börkel [mailto:[EMAIL PROTECTED]]
> > > > Sent: Monday, February 18, 2002 9:38 AM
> > > > To: [EMAIL PROTECTED]
> > > > Subject: RE: Off topic .NET question
> > > >
> > > >
> > > > HI!
> > > >
> > > > All proxy classes derive from WebClientProtocol in .NET. And
> > > > this class has
> > > > a property named "PreAuthenticate" which should exactly do
> > > > that. But it does
> > > > not work here. Maybe it CANNOT work, because how should .NET
> > > > know that you
> > > > want basic authentication and not, for example, NTLM
> > authentication?
> > > >
> > > > If you find out how to get this to work, I would be very
> > > > interested. If not,
> > > > Axis has to return 401 to make it work.
> > > >
> > > > Regards,
> > > > Thomas
> > > >
> > > > > -----Original Message-----
> > > > > From: Adam.Leggett [mailto:[EMAIL PROTECTED]]
> > > > > Sent: Freitag, 15. Februar 2002 14:46
> > > > > To: '[EMAIL PROTECTED]'
> > > > > Subject: RE: Off topic .NET question
> > > > >
> > > > >
> > > > > Thanks thomas,
> > > > >
> > > > > But im slightly confused here. To authenticate to my AXIS
> > > > > service(s) I have
> > > > > a handler sitting in the request flow, that returns a SOAP
> > > > > Fault in the SOAP
> > > > > response if user cannot be authenticated. The AxisFault
> > > > > generated in the
> > > > > Handler is rethrown as ServletException so a 500 server error
> > > > > is returned as
> > > > > well.
> > > > >
> > > > > Can you not force the .NET to send basic auth 1st time
> > > > > round..surely u can?
> > > > > In my scenario, developers will know at design time that the
> > > > > service is
> > > > > password protected.
> > > > >
> > > > > Cheers
> > > > >
> > > > > Adam
> > > > >
> > > > > -----Original Message-----
> > > > > From: Thomas Börkel [mailto:[EMAIL PROTECTED]]
> > > > > Sent: Friday, February 15, 2002 1:04 PM
> > > > > To: [EMAIL PROTECTED]
> > > > > Subject: RE: Off topic .NET question
> > > > >
> > > > >
> > > > > HI!
> > > > >
> > > > > This (basic HTTP authentication) works here. .NET does
> > not send the
> > > > > authorization info with the first attempt, but it sends
> > it with the
> > > > > second attempt if the first attempt has been refused
> > with HTTP error
> > > > > 401 and the
> > > > > correct challenge. It does the second attempt automatically,
> > > > > if the first
> > > > > one failed correctly. From then on, it sends the
> > > > > authorization always at the
> > > > > first attempt. This is normal HTTP client behavior AFAIK.
> > > > > Your are doing it
> > > > > correctly in your example, so it *should* work.
> > > > >
> > > > > Regards,
> > > > > Thomas
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: Adam.Leggett [mailto:[EMAIL PROTECTED]]
> > > > > > Sent: Freitag, 15. Februar 2002 13:05
> > > > > > To: Axis User ([EMAIL PROTECTED])
> > > > > > Subject: Off topic .NET question
> > > > > >
> > > > > >
> > > > > > Currently, I am working to interop with an MS colleague
> > > > using .NET
> > > > > > client with my AXIS service. I have a handler chain that
> > > > uses LDAP
> > > > > > to authenticate/authorize access to my deployed service. Works
> > > > > > fine with my
> > > > > > AXIS client. Trouble is, we cant seem to be able to get .NET
> > > > > > to send the
> > > > > > required Authorization: Basic pair in the HTTP header. When
> > > > > looking at
> > > > > > tcpmon it doesn't appear.
> > > > > >
> > > > > > Heres the c# client code we think should set the basic
> > > > auth, but it
> > > > > > doesn't.
> > > > > >
> > > > > > ICredentials credentials = new
> > > > > > NetworkCredential("username","password","mydomain");
> > > > > > serviceInstance.Credentials =
> > credentials;
> > > > > >
> > > > > > serviceResponse response =
> > > > > > serviceInstance.serviceMethod(serviceRequest);
> > > > > >
> > > > > > I know this is off topic, so any effort in answering
> > this will be
> > > > > > even more appreciated here than usual.
> > > > > >
> > > > > > TIA
> > > > > >
> > > > > > Adam Leggett
> > > > > > UPCO
> > > > > > Direct Line: 0113 20 10 631
> > > > > > Fax: 0113 20 10 666
> > > > > > <http://www.upco.co.uk>
> > > > > > The contents of this email are intended for the named
> > > > addressees and
> > > > > > may contain confidential and / or privileged material. If
> > > > > > received in error,
> > > > > > please contact UPCO on +44 (0)113 20 10 600 and then delete
> > > > > > the entire email
> > > > > > from your system. Unauthorised review, distribution,
> > > > > > disclosure or other use
> > > > > > of this information could constitute a breach of
> > confidence. Your
> > > > > > co-operation in this matter is greatly appreciated.
> > > > > >
> > > > > >
> > > > > >
> > > > >
> > > >
> > >
> > >
> > >
> > --
> > Mit freundlichen Grüßen,
> >
> > Sascha Kulawik
> > Mail: [EMAIL PROTECTED]
> > Tel: +49 (172) 4318354
> >
> > Lustige Variablennamen erheitern den Programmierer
> > Send with Evolution under Debian 3.0 (GNU/Linux 2.4.16-K7)
> >
>
>
>
--
Mit freundlichen Grüßen,
Sascha Kulawik
Mail: [EMAIL PROTECTED]
Tel: +49 (172) 4318354
Lustige Variablennamen erheitern den Programmierer
Send with Evolution under Debian 3.0 (GNU/Linux 2.4.16-K7)
signature.asc
Description: This is a digitally signed message part
