Authenticate JDEdwards User in Published business service

[karthik9891]

I'm relatively new to JDE and using jde demo instance (with JDeveloper and weblogic server) for my learning purposes to see how business services works. My question is how to pass jde user credentials from an external non jde application to a published business service to authenticate users. If I try to access the deployed published business service in weblogic after logging into the solution explorer, I'm getting the intended response. But, If I try to access the same published business service without logging into the solution explorer, I get "Credentials could not be validated from the message or configuration file". Looking through the web, I see the E1loginModule is enabled when a published business service is packaged and deployed into the weblogic server. So,my understanding is every published business services that is deployed to weblogic is secured by default. Any help or insight on how to pass the credentials from the client application to published business services or settings that I need to make in the weblogic application server/published business services to accept the credentials?

 

[nkuebelbeck]

ws-security is used in the soap document

here is an example of a soap header.

<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" soapenv:mustUnderstand="1">
<wsse:UsernameToken>
<wsse:Username>username</wsse:Username>
<wsseassword>password</wsseassword>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>

 

[karthik9891]

@nkuebelbeck.. Thanks for your reply.. just have one question. Should I've to attach any security policies to my published business service deployed in weblogic for the client application to pass the credentials?

 

[nkuebelbeck]

Should I've to attach any security policies to my published business service deployed in weblogic for the client application to pass the credentials?

if you mean as part of the wsdl, no. the clients will have to implement that themselves.

 

[karthik9891]

@nkuebelbeck .. Thanks that's what I mea..
1. Can I pass even the environment and role in the SOAP header you mentioned ? If so, should be a part of username itself like "DN=USER,ENV=DEMO,ROLE=*ALL" or is it different?
2. Once authenticated, I see a security token that's generated. For subsequent requests, how do I pass the token alone in the SOAP header for authorization?

 

[nkuebelbeck]

as far as i know you can't have the same bssv server instance serving multiple environments. we have separate instances for each environment(on the same server).something like http://server01/dv910/publishedbssvname/etcetc.wsdl http://server01/tr910/publishedbssvname/etcetc.wsdl

we authenticate everytime and don't use security token so i'm not sure how that would be implemented. i'd start with the oracle support doc https://docs.oracle.com/cd/E24705_01/doc.91/e20240/toc.htm

 

[karthik9891]

I tried passing the credentials in the SOAP header. Below is my SOAP request.

<?xml version="1.0" encoding="UTF-8"?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
<S:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
<wsse:UsernameToken>
<wsse:Username>DEMO</wsse:Username>
<wsseassword Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">DEMO</wsseassword>
</wsse:UsernameToken>
</wsse:Security>
</S:Header>
<S:Body>
<getItemElement xmlns="http://oracle.e1.bssv.JP55IT/">
<identifierShortItem>60003</identifierShortItem>
</getItemElement>
</S:Body>
</S:Envelope>

But I'm getting the following issue

Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: Failed to invoke end component oracle.e1.bssv.JP55IT.ItemManager (POJO), operation=getItem
-> Failed to invoke method
-> Credentials could not be validated from message or from configuration file.

Not sure what I'm missing here...

 

[karthik9891]

Sorry, It's not working I misread it..

 

[karthik9891]

If I give an input from the SOAP UI without logging in to the fat client, I get the following error.
Please find the attached screenshots on request/response

Request:-



Response:-


SOAP Request portion by default doesn't include SOAP header. How can I include that to make them available as a part of SOAP request when using this SOAP UI?
Any help or directions on this would really be helpful...

 

[SarahMQ]

Hi karthik9891,

yes, you can include the header in SOAPUI , i have add this portion before the body tag as follow:
"

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlnsrac="http://oracle.e1.bssv.JP550009/">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
soapenv:mustUnderstand="1">
<wsse:UsernameToken xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Username>USERNAME</wsse:Username>
<wsseassword Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">PASSWORD</wsseassword>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
"

 

[Chan Rana]

You just have to put header envelop in beginning of your xml provided in previous posts.