Hi someguy, Based on the traffic that you sent it appears that your WS app server is not blocking access at this point - the error is occuring in your Axis web service rather than at the web container level. And this error is complaining that there is no auth header. Here's my series of educated guesses.
- assuming that the contraints are set up properly you may have successfully authenticated at some point as far as the web container is concerned. Subsequently it sees your jsessionid and says, "Hey, this guy is already logged in so no need to ask for credentials again." - your web service is assuming that there will always be an auth header. Not true - it will only be sent in response to a challenge from the server. If the server recognizes the authenticated session then there will be no further challenge and therefore no auth header. If you need to do user verification from the service you will need to do manual checking of user info then you'll need to use request.getUserPrincipal(). Tom Ruggles FDS QA --- In flexcoders@yahoogroups.com, "Seth Hodgson" <[EMAIL PROTECTED]> wrote: > > Hi, > > Have you verified that the server hosting your web service has basic auth configured correctly? Your code looks correct so perhaps when the FDS proxy makes the call against the remote server it isn't being challenged for basic auth credentials? Try requesting your WSDL in a browser and verify that the browser's challenge box pops up. > > Best, > Seth > > ________________________________________ > From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of someguy7_7 > Sent: Wednesday, August 23, 2006 8:17 AM > To: flexcoders@yahoogroups.com > Subject: [flexcoders] Re: Webservice Destination with Basic Authentication > > I cannot see the authorization header anywhere in the http dump. Here > is some more information on how I am testing. I deployed the fds > samples.war and placed my test mxml in the samples application. I > added the following definition to samples/WEB-INF/flex/proxy- config.xml. > <destination id="mytest"> > <adapter ref="soap-proxy" /> > <properties> > <wsdl>http://machine/app/webservice/wsdl</wsdl> > <soap>http://machine/app/services/myService</soap> > </properties> > </destination> > > Do I need to add some security constraints to the destination definition? > > Here is a dump of the request and response. > > POST /myapp/services/myservice HTTP/1.1 > user-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; > rv:1.8.0.6) Gecko/20060728 Firefox/1.5.0.6 > accept: > text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/p lain;q=0.8,image/png,*/*;q=0.5 > accept-language: en-us,en;q=0.5 > accept-charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 > keep-alive: 300 > pragma: akamai-x-cache-on, akamai-x-cache-remote-on, > akamai-x-check-cacheable, akamai-x-get-cache-key, > akamai-x-get-extracted-values, akamai-x-get-nonces, > akamai-x-get-ssl-client-session-id, akamai-x-serial-no > referer: http://localhost:8080/samples/WSTest.mxml.swf > SOAPAction: "searchIt" > Content-Type: text/xml; charset=utf-8 > Host: mymachine > Cookie: $Version=0; JSESSIONID=034C89B28DEB60ECC77ED6C10141E5A4 > Content-Length: 855 > > <?xml version="1.0" encoding="utf-8"?><SOAP-ENV:Envelope > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" > xmlns:xsd="http://www.w3.org/2001/XMLSchema" > xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"><SOAP- ENV:Body><ns0:myParam > xmlns:ns0="http://www.server.com/myApi/xsd"><ns0:handle>1</ns0:handle ></ns0:myParam></SOAP-ENV:Body></SOAP-ENV:Envelope> > HTTP/1.1 500 Internal Server Error > Server: Apache-Coyote/1.1 > Content-Type: text/xml;charset=utf-8 > Transfer-Encoding: chunked > Date: Wed, 23 Aug 2006 15:05:01 GMT > Connection: close > > <?xml version='1.0' encoding='utf-8'?><soapenv:Envelope > xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:He ader > /><soapenv:Body><soapenv:Fault > xmlns:axis2="http://www.w3.org/2003/05/soap- envelope"><faultcode>axis2:Sender</faultcode> > <faultstring>Unauthorized</faultstring><detail><Exception>org.apache. axis2.AxisFault: > Unauthorized; nested exception is: > java.lang.Exception: Missing HTTP Basic authentication header > --- In flexcoders@yahoogroups.com, Tom Chiverton <tom.chiverton@> > wrote: > > > > On Wednesday 23 August 2006 04:22, someguy7_7 wrote: > > > I have figured out the destination issue and my request is making it > > > to the webservice but the Authorization header is not being sent. I am > > > calling setRemoteCredentials before setting any params and > calling send. > > > > Hmm. > > You've dumped out the HTTP traffic to confirm this ? > > > > -- > > Tom Chiverton > > Helping to globally envisioneer end-to-end models > > > > **************************************************** > > > > This email is sent for and on behalf of Halliwells LLP. > > > > Halliwells LLP is a limited liability partnership registered in > England and Wales under registered number OC307980 whose registered > office address is at St James's Court Brown Street Manchester M2 2JF. > A list of members is available for inspection at the registered > office. Any reference to a partner in relation to Halliwells LLP means > a member of Halliwells LLP. Regulated by the Law Society. > > > > CONFIDENTIALITY > > > > This email is intended only for the use of the addressee named above > and may be confidential or legally privileged. If you are not the > addressee you must not read it and must not use any information > contained in nor copy it nor inform any person other than Halliwells > LLP or the addressee of its existence or contents. If you have > received this email in error please delete it and notify Halliwells > LLP IT Department on 0870 365 8008. > > > > For more information about Halliwells LLP visit www.halliwells.com. > > > -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/