Solved

Basic Authentication SOAPUI

Posted on 2012-04-02
7
1,080 Views
Last Modified: 2012-05-22
Hi,

I guess no one has any solution to my question I posted earlier. So,I am trying my luck now to test the basic Authentication. I am testing it with SOAP UI. when I submit a request using code below I can see the response coming back but in the soapUI response it is not appending user name and password to response. Can someone help me on this please now.

private static void sendRequestUsingBasicAuthentication(URL portAddress) throws ServiceException, RemoteException{
            
            StockQuoteServiceLocator stockServiceLocator = new StockQuoteServiceLocator();
            StockQuoteServicePortType service = stockServiceLocator.getStockQuoteServiceSOAP11port(portAddress);
            ((StockQuoteServiceSOAP11BindingStub)service)._setProperty(Call.USERNAME_PROPERTY, "username");
            ((StockQuoteServiceSOAP11BindingStub)service)._setProperty(Call.PASSWORD_PROPERTY, "password");
            double price = service.getPrice("ABC");
            System.out.println("Authorized price is "+price);
      }

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
   <soapenv:Body>
      <getPrice xmlns="http://quickstart.samples/xsd">
         <symbol>ABC</symbol>
      </getPrice>
   </soapenv:Body>
</soapenv:Envelope>
0
Comment
Question by:Ajoo71
  • 4
  • 3
7 Comments
 
LVL 35

Expert Comment

by:mccarl
ID: 37799026
Are you sure you are looking in the right place? You have only posted the CONTENT of the message sent into soapUI (ie. the <soapenv:Envelope/>) and not the HEADERS. Basic Authentication is done via the HTTP headers that accompany that message, you wont see anything additional in the SOAP content.
0
 

Author Comment

by:Ajoo71
ID: 37800682
Thanks mccarl, then where will I see it? also I dont think the authentication is working. If I use the wrong password it still gives back response to me.
0
 
LVL 35

Accepted Solution

by:
mccarl earned 500 total points
ID: 37804302
> then where will I see it?

In the soapUI there is generally 2 views, one for the incoming request and one for the outgoing response. On the request side, there should be tabs to show different views of the request, and they should include terms like "SOAP Request" and "HTTP Headers". Click on the HTTP Headers tab and there should be a header called BASIC AUTHENTICATION.


> If I use the wrong password it still gives back response to me.

Firstly, let me check an assumption; you are using soapUI as a "mock" web service that your java client is connecting to, yes? If so, then it appears that having a mock service in soapUI secured by authenication schemes is a feature not yet implemented in soapUI, and hence why it is still responding to you correctly; it is just not setup to check your authentication details!
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:Ajoo71
ID: 37823737
Hi mccarl,

Thank you so much for trying to help me on WS authentication, Let me explain my requirement. My client has given me a WSDL file. Which has all the data they need from my system. My system is client and my clients system is destination where I will be sending a webservice request. They WSDL they sent me, when I open it in SoapUT it has a header element. They want me to do basic authentication for the webservice call. How do I do that? Also, I dont have access to clients system, how can I mock test it?

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:polh="http://ws.pol.com/PolContractService/2012-01-03/Polcontractservice_V1_0" xmlns:sec="http://ws.pol.com/IBC/2010-11-19/securitybasetype_V1" xmlns:mes="http://ws.pol.com/IBC/2010-11-19/messagecontextbasetype_V1" xmlns:man="http://ws.pol.com/PolContractService/2012-01-03/managecontractrequest_V1" xmlns:con="http://ws.pol.com/Common/2012-01-05/contractbasetype_V1">
   <soapenv:Header>
      <polh:headerContextParameters>
         <securityContextParameters>
            <sec:usernameToken>
               <sec:userName>?</sec:userName>
               <sec:password>?</sec:password>
            </sec:usernameToken>
         </securityContextParameters>
      </polh:headerContextParameters>
   </soapenv:Header>

Thanks
Ajoo
0
 
LVL 35

Expert Comment

by:mccarl
ID: 37835538
Sorry about the delay but I was away for the Easter weekend.

Firstly, the info that you have now posted is nothing to do with Basic Authentication.

> They want me to do basic authentication for the webservice call

Check with your client about the details of this requirement, because "Basic Authentication" is an actual standard implemented by providing certain information via HTTP headers, however if they were using the words basic authentication in a non-specific way, then yes maybe they were talking about providing that information in the SOAP headers as hinted by WSDL.


Secondly, those elements in the SOAP header are totally specific to your clients system. They are not standard authentication elements (although they may be 'based' on standard authentication types), which you can tell since the namespace that they are all in is specific to you client, ie. the "http://ws.pol.com/IBC/2010-11-19/securitybasetype_V1" stuff.


Now, in order to set those header values, AXIS should have generated code for that from the WSDL, since it is obviously in the WSDL because soapUI found that information. Can you post the code generated by AXIS in the StockQuoteServiceSOAP11BindingStub.java file? There should be methods in there for setting the username and password headers!
0
 

Author Comment

by:Ajoo71
ID: 37904775
HI mccarl,

Thanks you for your help. I'm working on it. I hope you will be still able to help me on this. will zip and send you all the code wsdl2java generated.

Thanks
0
 

Author Comment

by:Ajoo71
ID: 37943969
I had move to differenct project.. will check when I test it back
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Introduction This article is the first of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article explains our test automation goals. Then rationale is given for the tools we use to a…
Introduction This article is the last of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article covers our test design approach and then goes through a simple test case example, how …
The viewer will learn how to implement Singleton Design Pattern in Java.
This tutorial covers a practical example of lazy loading technique and early loading technique in a Singleton Design Pattern.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now