PROBLEM WITH BASIC AUTHENTICATION

> Hi guys,
>
> I'm dealing with Web Service and Basic Authentication.
> I've a wsdl file which describes my WS and I've tried to modify it in order
> to handle the authentication.
>
> Here's the code of my wsdl
>
> <?xml version="1.0" encoding="UTF-8"?>
> <definitions targetNamespace="urn:DBSIS_Censimento"
> xmlns="http://schemas.xmlsoap.org/wsdl/"
> xmlns:apachesoap="http://xml.apache.org/xml-soap"
> xmlns:impl="urn:DBSIS_Censimento"
> xmlns:intf="urn:DBSIS_Censimento"
> xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
> xmlns:tns1="http://ejb.sa.sis.eng.it"
> xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
> xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
>     xmlns:wsp="http://sun.com/ws/httpbc/security/BasicauthSecurityPolicy"
>    
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>     xmlns:mysp="http://sun.com/ws/httpbc/security/BasicauthSecurityPolicy">
>  <types>
>   <schema targetNamespace="http://ejb.sa.sis.eng.it"
> xmlns="http://www.w3.org/2001/XMLSchema">
>    <import namespace="http://schemas.xmlsoap.org/soap/encoding/"/>
>    <complexType name="CensimentoException">
>     <sequence/>
>    </complexType>
>   </schema>
>  </types>
>
>    <message name="censisciSoggettoResponse">
>
>       <part name="censisciSoggettoReturn" type="xsd:string"/>
>
>    </message>
>
>    <message name="censisciSoggettoRequest">
>
>       <part name="in0" type="xsd:string"/>
>
>    </message>
>
>    <message name="CensimentoException">
>
>       <part name="fault" type="tns1:CensimentoException"/>
>
>    </message>
>
>    <portType name="Censimento">
>
>       <operation name="censisciSoggetto" parameterOrder="in0">
>
>          <input message="impl:censisciSoggettoRequest"
> name="censisciSoggettoRequest"/>
>
>          <output message="impl:censisciSoggettoResponse"
> name="censisciSoggettoResponse"/>
>
>          <fault message="impl:CensimentoException"
> name="CensimentoException"/>
>
>       </operation>
>
>    </portType>
>
>    <binding name="it.eng.sis.sa.webservices.impl.CensimentoImpl"
> type="impl:Censimento">
>
>       <wsdlsoap:binding style="rpc"
> transport="http://schemas.xmlsoap.org/soap/http"/>
>
>       <operation name="censisciSoggetto">
>
>          <wsdlsoap:operation soapAction=""/>
>
>          <input name="censisciSoggettoRequest">
>
>             <wsdlsoap:body namespace="urn:DBSIS_Censimento" use="literal"/>
>
>          </input>
>
>          <output name="censisciSoggettoResponse">
>
>             <wsdlsoap:body namespace="urn:DBSIS_Censimento" use="literal"/>
>
>          </output>
>
>          <fault name="CensimentoException">
>
>             <wsdlsoap:fault name="CensimentoException" use="literal"/>
>
>          </fault>
>
>       </operation>
>
>    </binding>
>
>    <service name="CensimentoService">
>
>       <port binding="impl:it.eng.sis.sa.webservices.impl.CensimentoImpl"
> name="Censimento">
>
>          <wsdlsoap:address
> location="http://nal-tix2.rete.toscana.it/cart/PD/SPCASL7Siena/SPCRegioneToscana/SPCCensimentoAnagrafico"/>
>
>          <wsp:PolicyReference
> URI="#HttpBasicAuthBindingBindingWssTokenPolicy"></wsp:PolicyReference>
>
>       </port>
>
>    </service>
>
>    <wsp:Policy wsu:Id="HttpBasicAuthBindingBindingWssTokenPolicy">
>     <mysp:MustSupportBasicAuthentication on="true">
>       <!-- authenticationType is one of simple, am, or realm -->
>       <mysp:BasicAuthenticationDetail>
>         <mysp:WssTokenCompare />
>       </mysp:BasicAuthenticationDetail>
>     </mysp:MustSupportBasicAuthentication>
>     <mysp:UsernameToken
> mysp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
>       <wsp:Policy>
>         <sp:WssUsernameToken10>MY_USER</sp:WssUsernameToken10>
>         <sp:WssPassword>MY_PASSWORD</sp:WssPassword>
>       </wsp:Policy>
>     </mysp:UsernameToken>
>   </wsp:Policy>
>
> </definitions>
>
>
> I'm missing something because when I try to invoke the WS, I get a message
> from the WS like "Missing Credentials"... so it seems that i'm not doing the
> right modifies...
>
> Can anyone help me with my wsdl code?
>
> Thanks in advance
>
>
> PS: I'm trying the same wsdl file using SOAP-UI and i get the same result
>
>
>
> Fabio
>
>
>
> -----
> *** Where there is a Will, There is a Way ***
>  

> Hi Sherry.
>
> Thanks for the answer.
>
> This is my first time dealing with WS Authentication.
> I've modified (as I've post before) the wsdl of the external WS I need to
> invoke.
>
> When you ask me about setting authorization headers on client side, where do
> I need to set that header?
>
>
> Fabio
>
>
>
>
> SherryWeng wrote:
>  
>> Your WSDL actually looks pretty good and I'm not sure if this is a
>> server side problem. Did you set the authorization header properly (on
>> the client side) when you invoke the service?
>> And could you attach the full stacktrace?
>>
>> Regards
>> --Sherry
>>
>>
>>    
>
>
>
> -----
> *** Where there is a Will, There is a Way ***
>  

> Thank you sherry once again, but I can't solve my problem.
>
> I've set in the admin console the realm credentials with the same username
> and password of my wsdl, but I'm still getting the same fault message from
> the WS...  something like "missing credentials".
>
> It looks like I need something more to let the WS recognize me...
>
> Am I still missing anything?
>
> Thanks in advance
>
>
> Fabio
>
>
> SherryWeng wrote:
>  
>> "Authorization" is an HTTP header you need to set with the value of
>> base64 encoded username/password. Depending on your SOAP client, the way
>> to set the header may be slightly different.
>> You might want to check out the perl script attached in this document
>> also:
>> http://wiki.open-esb.java.net/Wiki.jsp?page=SecuringCommunicationsInOpenESBWithGlassfishRealmSecurity
>>
>> Regards
>> --Sherry
>>
>>
>>    
>
>
> -----
> *** Where there is a Will, There is a Way ***
>