cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RDA - How to auth. with XML-messages containing username/pw

thomas_welke
Explorer

on ‎03-21-2006 9:20 AM

0 Kudos

Hello,

We would like to use BWs web-service interface realizing RDA (Real Time Data Aquisition). Posting XML-message into PSA works fine (using WebServiceStudio) so far.

Now we have following security requirement from our customer: XML-messages should contain username/password. Only those messages containg the correct logon information should be accepted from BWs WebService-DataSource.

In transaction wsconfig there is a possibility to specify username/password, however - as I understand it - this is the user being used by BW to post the data into the PSA. If I specify valid logon-information here all XML-messages are being posted into PSA - nevertheless if/which login information they contain.

So I cerated security profiles (one inbound "CHECK_USERNAME" and one outbound "SET_USERNAME") using wssprofile, specified these two in wsconfig and deleted the logon information as described in the section above to prevent everybody from posting messages and only allowing the user specified in the profile.

However now I am not anymore able to request the WSDL using the "GET-funktionality" of the WebServiceStudio:

"System.Net.WebException: The request failed with HTTP status 401: Unauthorized."

Any ideas, what do I have to do here allowing me to post XML-messages, only if they containing right username/pw?

Thanks very much. Best regards

Thomas

Show replies
Show replies
Answer
View Entire Topic
thomas_welke
Explorer
‎03-21-2006 2:04 PM
0 Kudos

Raja, thank you very much. That helped to request the WSDL from the BW-Server (and to create the proxy as I learned;).

Now, being one step further I get the response "Logon Error. Logon failed. Call of URL http://dcbp0171:8030/sap/bc/srt/rfc/BIC/CQZTEST_W00001000 terminated due to error in logon data.

Logon performed in system DW0. <i><b>No logon data provided</b></i>"

So it seems that adding the sap-username and pssword to the URL does not help when really posting data. So I again tried specifying logon data in fields BasicAuthPassword/BasicAuthUserName in the "Request/response"-Tab of websbservicestudio. But with no success. Also I tried "Username/Password" and "ProxyUserName/ProxyPassword" under options in WebServiceStudio. But wherever I try specifying logon-data I never see my XML-coding in the "Request-Field" of WebServiceStudio being changed. I would expect seeing one Tag with username and ontother one for the password - or am I wrong here?

What is then the right way to provide these logon-information?

Cheers,

Thomas

Show replies
Show replies
athavanraja
Active Contributor
‎03-22-2006 5:21 AM
0 Kudos

Hi Thomas,

I assume you are using webservicestudio just for testing purpose and the method explained to use url parameter for userid and password should be avoided in any production application.

Now coming to your question.

once the WSDL is loaded and proxy is generated go to Invoke area where you will see a tree structure.

click on the rootnode. (name of which will be <wsname>service )

on the input area expand the tree node proxy

and click on the node "ServerPropertiesServer" and on the right side set isNull to false.

now you will see iinput area for basic authenticaation userid and pwd. set them and test its

Regards

Raja

thomas_welke
Explorer
‎03-23-2006 5:00 PM
0 Kudos

Hi Raja,

I did already exactly as you described. (And I just check right know again;)

I always get the error message "No logon data provided."

Somehow it seems that the logon data is not transferred from webservicestudio. Or BW's WebService expects the logon data in any other "fields" (tags? - don't know what the correct term is.)

Is it possible that the webservicestudio working correctly? Can I see anywhere if the logon-data is send over correctly?

THanks for the help. Kind regards

Thomas

Ask a Question