Basic Authentication SOAPUI

Hi,

I guess no one has any solution to my question I posted earlier. So,I am trying my luck now to test the basic Authentication. I am testing it with SOAP UI. when I submit a request using code below I can see the response coming back but in the soapUI response it is not appending user name and password to response. Can someone help me on this please now.

private static void sendRequestUsingBasicAuthentication(URL portAddress) throws ServiceException, RemoteException{
            
            StockQuoteServiceLocator stockServiceLocator = new StockQuoteServiceLocator();
            StockQuoteServicePortType service = stockServiceLocator.getStockQuoteServiceSOAP11port(portAddress);
            ((StockQuoteServiceSOAP11BindingStub)service)._setProperty(Call.USERNAME_PROPERTY, "username");
            ((StockQuoteServiceSOAP11BindingStub)service)._setProperty(Call.PASSWORD_PROPERTY, "password");
            double price = service.getPrice("ABC");
            System.out.println("Authorized price is "+price);
      }

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
   <soapenv:Body>
      <getPrice xmlns="http://quickstart.samples/xsd">
         <symbol>ABC</symbol>
      </getPrice>
   </soapenv:Body>
</soapenv:Envelope>
Ajoo71Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

mccarlIT Business Systems Analyst / Software DeveloperCommented:
Are you sure you are looking in the right place? You have only posted the CONTENT of the message sent into soapUI (ie. the <soapenv:Envelope/>) and not the HEADERS. Basic Authentication is done via the HTTP headers that accompany that message, you wont see anything additional in the SOAP content.
0
Ajoo71Author Commented:
Thanks mccarl, then where will I see it? also I dont think the authentication is working. If I use the wrong password it still gives back response to me.
0
mccarlIT Business Systems Analyst / Software DeveloperCommented:
> then where will I see it?

In the soapUI there is generally 2 views, one for the incoming request and one for the outgoing response. On the request side, there should be tabs to show different views of the request, and they should include terms like "SOAP Request" and "HTTP Headers". Click on the HTTP Headers tab and there should be a header called BASIC AUTHENTICATION.


> If I use the wrong password it still gives back response to me.

Firstly, let me check an assumption; you are using soapUI as a "mock" web service that your java client is connecting to, yes? If so, then it appears that having a mock service in soapUI secured by authenication schemes is a feature not yet implemented in soapUI, and hence why it is still responding to you correctly; it is just not setup to check your authentication details!
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

Ajoo71Author Commented:
Hi mccarl,

Thank you so much for trying to help me on WS authentication, Let me explain my requirement. My client has given me a WSDL file. Which has all the data they need from my system. My system is client and my clients system is destination where I will be sending a webservice request. They WSDL they sent me, when I open it in SoapUT it has a header element. They want me to do basic authentication for the webservice call. How do I do that? Also, I dont have access to clients system, how can I mock test it?

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:polh="http://ws.pol.com/PolContractService/2012-01-03/Polcontractservice_V1_0" xmlns:sec="http://ws.pol.com/IBC/2010-11-19/securitybasetype_V1" xmlns:mes="http://ws.pol.com/IBC/2010-11-19/messagecontextbasetype_V1" xmlns:man="http://ws.pol.com/PolContractService/2012-01-03/managecontractrequest_V1" xmlns:con="http://ws.pol.com/Common/2012-01-05/contractbasetype_V1">
   <soapenv:Header>
      <polh:headerContextParameters>
         <securityContextParameters>
            <sec:usernameToken>
               <sec:userName>?</sec:userName>
               <sec:password>?</sec:password>
            </sec:usernameToken>
         </securityContextParameters>
      </polh:headerContextParameters>
   </soapenv:Header>

Thanks
Ajoo
0
mccarlIT Business Systems Analyst / Software DeveloperCommented:
Sorry about the delay but I was away for the Easter weekend.

Firstly, the info that you have now posted is nothing to do with Basic Authentication.

> They want me to do basic authentication for the webservice call

Check with your client about the details of this requirement, because "Basic Authentication" is an actual standard implemented by providing certain information via HTTP headers, however if they were using the words basic authentication in a non-specific way, then yes maybe they were talking about providing that information in the SOAP headers as hinted by WSDL.


Secondly, those elements in the SOAP header are totally specific to your clients system. They are not standard authentication elements (although they may be 'based' on standard authentication types), which you can tell since the namespace that they are all in is specific to you client, ie. the "http://ws.pol.com/IBC/2010-11-19/securitybasetype_V1" stuff.


Now, in order to set those header values, AXIS should have generated code for that from the WSDL, since it is obviously in the WSDL because soapUI found that information. Can you post the code generated by AXIS in the StockQuoteServiceSOAP11BindingStub.java file? There should be methods in there for setting the username and password headers!
0
Ajoo71Author Commented:
HI mccarl,

Thanks you for your help. I'm working on it. I hope you will be still able to help me on this. will zip and send you all the code wsdl2java generated.

Thanks
0
Ajoo71Author Commented:
I had move to differenct project.. will check when I test it back
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Java EE

From novice to tech pro — start learning today.