Wednesday, September 25, 2013

BPEL calling web services with http basic authentication+authotrization.



Recently my team had an issue where they are easily able to connect to a third party web service protected with basic authentication from SOAP UI and from OSB business service, but not from BPEL-SOA.

Whenever the service is invoked, it throws authorization error.
bpelFault><faultType>0</faultType><remoteFault xmlns="http://schemas.oracle.com/bpel/extension"><part name="summary"><summary>oracle.fabric.common.FabricException: oracle.fabric.common.FabricException: Error in getting XML input stream: https://xxxxxxx.com/incident.do?wsdl: Response: '401: Unauthorized' for url: 'https://xxxxxxx.com/incident.do?wsdl': Error in getting XML input stream: https://xxxxxxx.com/incident.do?wsdl: Response: '401: Unauthorized' for url: 'https://xxxxxxx.com/incident.do?wsdl'</summary></part><part name="detail"><detail>Response: '401: Unauthorized' for url: 'https://xxxxxxx.com/incident.do?wsdl'</detail></part></remoteFault></bpelFault>
OSB
In OSB you can create service account and in the business service add a service account which will have the service account username and password. It will work.


BPEL
In composite.xml , couple of options that were tried . The oracle.webservices.auth usually works, but in this scenario it was failing.
      <property name="oracle.webservices.auth.password" type="xs:string" many="false"> geotho </property>
      <property name="oracle.webservices.auth.username"  type="xs:string" many="false">xxxxx </property>    
or
 The below option doesn’t look like it’s supported.
      <property name="httpBasicPassword"   type="xs:string" many="false"> geotho </property>
      <property name="httpBasicUsername" type="xs:string" many="false">xxxxx </property>

Solution
But the option that worked was to set the javax.xml.ws.security.auth parameters in composite.xml for the reference.
  <property  name="oracle.webservices.preemptiveBasicAuth"  many="false"  override="may">true</property>
<property  name="javax.xml.ws.security.auth.username"  many="false"  override="may"> geotho</property>
  <property  name="javax.xml.ws.security.auth.password"  many="false"  override="may"> xxxxxxxx</property>
 <property  name="weblogic.wsee.wsat.transaction.version"  type="xs:string"  many="false">DEFAULT</property>


Eg implementation:-
 <reference name="ExternalService" ui:wsdlLocation=" ExternalService.wsdl">
    <interface.wsdl interface="http://www.geo.com#wsdl.interface(ExternalService Soap)"/>
    <binding.ws port="http://www.geo.com#wsdl.endpoint(ExternalService _incident/ExternalServiceSoap)"
                location=" ExternalService.wsdl" soapVersion="1.1">
      <property name="weblogic.wsee.wsat.transaction.flowOption" type="xs:string" many="false">WSDLDriven</property>
      <property  name="oracle.webservices.preemptiveBasicAuth"  many="false"  override="may">true</property>
      <property  name="javax.xml.ws.security.auth.username"  many="false"  override="may">geotho</property>
      <property  name="javax.xml.ws.security.auth.password"  many="false"  override="may">xxxxxxx</property>
      <property  name="weblogic.wsee.wsat.transaction.version"  type="xs:string"  many="false">DEFAULT</property>
    </binding.ws>
  </reference>

This will set the values in HTTP AUTH in soa composite reference .


Hope it helps J

2 comments:

Anonymous said...

Hi ,
I tired all the options you have provided in this blog and this is helpful. While trying to access the BAM web service which is secured by http basic auth , it always returns Unauthorized error. I am storing the Abstract WSDL of BAM web service in MDS and calling the Concrete URL (location attribute) in the Reference section in composite.xml , but it fails.

Any pointers ?

Satya said...

Thanks a lot George. It worked.