[flexcoders] Re: Webservice Destination with Basic Authentication
Hi someguy, Based on the traffic that you sent it appears that your WS app server is not blocking access at this point - the error is occuring in your Axis web service rather than at the web container level. And this error is complaining that there is no auth header. Here's my series of educated guesses. - assuming that the contraints are set up properly you may have successfully authenticated at some point as far as the web container is concerned. Subsequently it sees your jsessionid and says, "Hey, this guy is already logged in so no need to ask for credentials again." - your web service is assuming that there will always be an auth header. Not true - it will only be sent in response to a challenge from the server. If the server recognizes the authenticated session then there will be no further challenge and therefore no auth header. If you need to do user verification from the service you will need to do manual checking of user info then you'll need to use request.getUserPrincipal(). Tom Ruggles FDS QA --- In flexcoders@yahoogroups.com, "Seth Hodgson" <[EMAIL PROTECTED]> wrote: > > Hi, > > Have you verified that the server hosting your web service has basic auth configured correctly? Your code looks correct so perhaps when the FDS proxy makes the call against the remote server it isn't being challenged for basic auth credentials? Try requesting your WSDL in a browser and verify that the browser's challenge box pops up. > > Best, > Seth > > > From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of someguy7_7 > Sent: Wednesday, August 23, 2006 8:17 AM > To: flexcoders@yahoogroups.com > Subject: [flexcoders] Re: Webservice Destination with Basic Authentication > > I cannot see the authorization header anywhere in the http dump. Here > is some more information on how I am testing. I deployed the fds > samples.war and placed my test mxml in the samples application. I > added the following definition to samples/WEB-INF/flex/proxy- config.xml. > > > > http://machine/app/webservice/wsdl > http://machine/app/services/myService > > > > Do I need to add some security constraints to the destination definition? > > Here is a dump of the request and response. > > POST /myapp/services/myservice HTTP/1.1 > user-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; > rv:1.8.0.6) Gecko/20060728 Firefox/1.5.0.6 > accept: > text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/p lain;q=0.8,image/png,*/*;q=0.5 > accept-language: en-us,en;q=0.5 > accept-charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 > keep-alive: 300 > pragma: akamai-x-cache-on, akamai-x-cache-remote-on, > akamai-x-check-cacheable, akamai-x-get-cache-key, > akamai-x-get-extracted-values, akamai-x-get-nonces, > akamai-x-get-ssl-client-session-id, akamai-x-serial-no > referer: http://localhost:8080/samples/WSTest.mxml.swf > SOAPAction: "searchIt" > Content-Type: text/xml; charset=utf-8 > Host: mymachine > Cookie: $Version=0; JSESSIONID=034C89B28DEB60ECC77ED6C10141E5A4 > Content-Length: 855 > > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/";> xmlns:ns0="http://www.server.com/myApi/xsd";>1 > HTTP/1.1 500 Internal Server Error > Server: Apache-Coyote/1.1 > Content-Type: text/xml;charset=utf-8 > Transfer-Encoding: chunked > Date: Wed, 23 Aug 2006 15:05:01 GMT > Connection: close > > xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";> /> xmlns:axis2="http://www.w3.org/2003/05/soap- envelope">axis2:Sender > Unauthorizedorg.apache. axis2.AxisFault: > Unauthorized; nested exception is: > java.lang.Exception: Missing HTTP Basic authentication header > --- In flexcoders@yahoogroups.com, Tom Chiverton > wrote: > > > > On Wednesday 23 August 2006 04:22, someguy7_7 wrote: > > > I have figured out the destination issue and my request is making it > > > to the webservice but the Authorization header is not being sent. I am > > > calling setRemoteCredentials before setting any params and > calling send. > > > > Hmm. > > You've dumped out the HTTP traffic to confirm this ? > > > > -- > > Tom Chiverton > > Helping to globally envisioneer end-to-end models > > > > > > > > This email is sent for and on behalf of Halliwells LLP. > > > > Halliwells LLP is a limited liability partnership registered in > England and Wales under reg
RE: [flexcoders] Re: Webservice Destination with Basic Authentication
Hi, Have you verified that the server hosting your web service has basic auth configured correctly? Your code looks correct so perhaps when the FDS proxy makes the call against the remote server it isn't being challenged for basic auth credentials? Try requesting your WSDL in a browser and verify that the browser's challenge box pops up. Best, Seth From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of someguy7_7 Sent: Wednesday, August 23, 2006 8:17 AM To: flexcoders@yahoogroups.com Subject: [flexcoders] Re: Webservice Destination with Basic Authentication I cannot see the authorization header anywhere in the http dump. Here is some more information on how I am testing. I deployed the fds samples.war and placed my test mxml in the samples application. I added the following definition to samples/WEB-INF/flex/proxy-config.xml. http://machine/app/webservice/wsdl http://machine/app/services/myService Do I need to add some security constraints to the destination definition? Here is a dump of the request and response. POST /myapp/services/myservice HTTP/1.1 user-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 Firefox/1.5.0.6 accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 accept-language: en-us,en;q=0.5 accept-charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 keep-alive: 300 pragma: akamai-x-cache-on, akamai-x-cache-remote-on, akamai-x-check-cacheable, akamai-x-get-cache-key, akamai-x-get-extracted-values, akamai-x-get-nonces, akamai-x-get-ssl-client-session-id, akamai-x-serial-no referer: http://localhost:8080/samples/WSTest.mxml.swf SOAPAction: "searchIt" Content-Type: text/xml; charset=utf-8 Host: mymachine Cookie: $Version=0; JSESSIONID=034C89B28DEB60ECC77ED6C10141E5A4 Content-Length: 855 http://www.w3.org/2001/XMLSchema-instance"; xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/";>http://www.server.com/myApi/xsd";>1 HTTP/1.1 500 Internal Server Error Server: Apache-Coyote/1.1 Content-Type: text/xml;charset=utf-8 Transfer-Encoding: chunked Date: Wed, 23 Aug 2006 15:05:01 GMT Connection: close http://schemas.xmlsoap.org/soap/envelope/";>http://www.w3.org/2003/05/soap-envelope";>axis2:Sender Unauthorizedorg.apache.axis2.AxisFault: Unauthorized; nested exception is: java.lang.Exception: Missing HTTP Basic authentication header --- In flexcoders@yahoogroups.com, Tom Chiverton <[EMAIL PROTECTED]> wrote: > > On Wednesday 23 August 2006 04:22, someguy7_7 wrote: > > I have figured out the destination issue and my request is making it > > to the webservice but the Authorization header is not being sent. I am > > calling setRemoteCredentials before setting any params and calling send. > > Hmm. > You've dumped out the HTTP traffic to confirm this ? > > -- > Tom Chiverton > Helping to globally envisioneer end-to-end models > > > > This email is sent for and on behalf of Halliwells LLP. > > Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at St James's Court Brown Street Manchester M2 2JF. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by the Law Society. > > CONFIDENTIALITY > > This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 8008. > > For more information about Halliwells LLP visit www.halliwells.com. > -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
[flexcoders] Re: Webservice Destination with Basic Authentication
I cannot see the authorization header anywhere in the http dump. Here is some more information on how I am testing. I deployed the fds samples.war and placed my test mxml in the samples application. I added the following definition to samples/WEB-INF/flex/proxy-config.xml. http://machine/app/webservice/wsdl http://machine/app/services/myService Do I need to add some security constraints to the destination definition? Here is a dump of the request and response. POST /myapp/services/myservice HTTP/1.1 user-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 Firefox/1.5.0.6 accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 accept-language: en-us,en;q=0.5 accept-charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 keep-alive: 300 pragma: akamai-x-cache-on, akamai-x-cache-remote-on, akamai-x-check-cacheable, akamai-x-get-cache-key, akamai-x-get-extracted-values, akamai-x-get-nonces, akamai-x-get-ssl-client-session-id, akamai-x-serial-no referer: http://localhost:8080/samples/WSTest.mxml.swf SOAPAction: "searchIt" Content-Type: text/xml; charset=utf-8 Host: mymachine Cookie: $Version=0; JSESSIONID=034C89B28DEB60ECC77ED6C10141E5A4 Content-Length: 855 http://www.w3.org/2001/XMLSchema-instance"; xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/";>http://www.server.com/myApi/xsd";>1 HTTP/1.1 500 Internal Server Error Server: Apache-Coyote/1.1 Content-Type: text/xml;charset=utf-8 Transfer-Encoding: chunked Date: Wed, 23 Aug 2006 15:05:01 GMT Connection: close http://schemas.xmlsoap.org/soap/envelope/";>http://www.w3.org/2003/05/soap-envelope";>axis2:Sender Unauthorizedorg.apache.axis2.AxisFault: Unauthorized; nested exception is: java.lang.Exception: Missing HTTP Basic authentication header --- In flexcoders@yahoogroups.com, Tom Chiverton <[EMAIL PROTECTED]> wrote: > > On Wednesday 23 August 2006 04:22, someguy7_7 wrote: > > I have figured out the destination issue and my request is making it > > to the webservice but the Authorization header is not being sent. I am > > calling setRemoteCredentials before setting any params and calling send. > > Hmm. > You've dumped out the HTTP traffic to confirm this ? > > -- > Tom Chiverton > Helping to globally envisioneer end-to-end models > > > > This email is sent for and on behalf of Halliwells LLP. > > Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at St James's Court Brown Street Manchester M2 2JF. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by the Law Society. > > CONFIDENTIALITY > > This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 8008. > > For more information about Halliwells LLP visit www.halliwells.com. > -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
Re: [flexcoders] Re: Webservice Destination with Basic Authentication
On Wednesday 23 August 2006 04:22, someguy7_7 wrote: > I have figured out the destination issue and my request is making it > to the webservice but the Authorization header is not being sent. I am > calling setRemoteCredentials before setting any params and calling send. Hmm. You've dumped out the HTTP traffic to confirm this ? -- Tom Chiverton Helping to globally envisioneer end-to-end models This email is sent for and on behalf of Halliwells LLP. Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at St James's Court Brown Street Manchester M2 2JF. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by the Law Society. CONFIDENTIALITY This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 8008. For more information about Halliwells LLP visit www.halliwells.com. -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
[flexcoders] Re: Webservice Destination with Basic Authentication
I have figured out the destination issue and my request is making it to the webservice but the Authorization header is not being sent. I am calling setRemoteCredentials before setting any params and calling send. Here is my webservice definition. Am I missing a step somewhere? --- In flexcoders@yahoogroups.com, Tom Chiverton <[EMAIL PROTECTED]> wrote: > > On Tuesday 22 August 2006 01:40, someguy7_7 wrote: > > faultString=[MessagingError message='Unknown destination 'mytest'." > > What do I need to do besides add the destination to the > > WEB-INF/flex/proxy-config.xml of my application so my app can find the > > It doesn't appear to be in the services-config.xml of the server you are > connecting too. > > -- > Tom Chiverton > Helping to centrally mesh fourth-generation m-commerce > > > > This email is sent for and on behalf of Halliwells LLP. > > Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at St James's Court Brown Street Manchester M2 2JF. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by the Law Society. > > CONFIDENTIALITY > > This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 8008. > > For more information about Halliwells LLP visit www.halliwells.com. > -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
Re: [flexcoders] Re: Webservice Destination with Basic Authentication
On Tuesday 22 August 2006 15:34, someguy7_7 wrote: > I don't understand what you mean. Are you saying that the webservice I > am trying to connect to has to have a services-config.xml? What > information needs to be in the services-config.xml. I am connecting to > a j2ee webservice. Maybe you should post some code then, because I think the error is coming from a call to RemoteObject - it says 'RPC fault'. -- Tom Chiverton Helping to continually establish eligible appliances This email is sent for and on behalf of Halliwells LLP. Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at St James's Court Brown Street Manchester M2 2JF. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by the Law Society. CONFIDENTIALITY This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 8008. For more information about Halliwells LLP visit www.halliwells.com. -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
[flexcoders] Re: Webservice Destination with Basic Authentication
I don't understand what you mean. Are you saying that the webservice I am trying to connect to has to have a services-config.xml? What information needs to be in the services-config.xml. I am connecting to a j2ee webservice. --- In flexcoders@yahoogroups.com, Tom Chiverton <[EMAIL PROTECTED]> wrote: > > On Tuesday 22 August 2006 01:40, someguy7_7 wrote: > > faultString=[MessagingError message='Unknown destination 'mytest'." > > What do I need to do besides add the destination to the > > WEB-INF/flex/proxy-config.xml of my application so my app can find the > > It doesn't appear to be in the services-config.xml of the server you are > connecting too. > > -- > Tom Chiverton > Helping to centrally mesh fourth-generation m-commerce > > > > This email is sent for and on behalf of Halliwells LLP. > > Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at St James's Court Brown Street Manchester M2 2JF. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by the Law Society. > > CONFIDENTIALITY > > This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 8008. > > For more information about Halliwells LLP visit www.halliwells.com. > -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
