Solving Authentication Issue by using TCPMON Tool
Scenario: SOAP to RFC Scenario.
Problem: For our client requirement, we have done the SOAP to RFC scenario development. We generated the WSDL file and tested the interface by using SOAP UI tool and it is working perfectly. When Web sphere commerce team started testing the interface, they are getting 401 unauthorized errors; though they are using the same credentials.
Investigation: We tried to different options like
- Anonymous login (disable the options in PI) but later we realize that this is not possible for one scenario
- Implement HTTP to RFC scenario (remove the SOAP headers by using XSLT mapping) instead of having SOAP to RFC interface, but our client is not agreed for this.
- Other option is needs to select security profile parameter as no in service interface but we are using PI 7.1 server so this option is not available
Resolution: Then we tried digging the issue why it is working for SOAP UI but not Web sphere commerce, for this we used TCPMON tool to get some inputs/logs.
We installed the TCPMON tool in our machine.
Go to build directory (\tcpmon-1.0-bin\tcpmon-1.0-bin\build) then double click on “tcpmon.bat” file
Now go to Admin tab
127.0.0.1 Is the default IP for the local machine (Any machine).
Here Listen port we can give any free (available [no application is using this port]) port (7878 or 6969 …) and provide the target system details (PI Host and port), then click on Add
Then we got another tab like
But we are sending data through TCPMON so give the TCPMON IP and port details, finally URL is
Now we sent request to PI from SOAP UI tool through TCPMON.
Once TCPMON tool get the request it re-directs to XI/PI server.
After sending the request from SOAP UI tool TCPMON captured some data in header, that header contains “Authorization: Basic UElXU1VTRVI6RTNqdms0NjM=” line, but when we send the data from our actual source (Web sphere commerce) we don’t get this tag, so always PI expects the data in the form of encryption.
TCP MON Screen after it receives the request
Initially Web sphere commerce screen was
We added below code to “wc-server.xml” file and enabled the option userNameHttpAuthentication and passwordHttpAuthentication as true
After adding the code screen is
Note: Before adding above code, in web sphere screen we have only User Name and Password fields, after add the above code userNameHttpAuthentication and passwordHttpAuthentication fields are came; now we are giving the credentials in this area.
Now, we send request by giving the PI credentials and monitored the data in TCPMON, at this time web sphere commerce sends the user credentials in encryption format and data was posted in ECC system successfully.