E9.2 Orchestrator Basic Authentication - Preemptive and Reactive


Legendary Poster
I posted earlier asking about Orchestrator Authentication documentation. Let me get more specific.

It appears that when using Basic Authentication with Orchestrator/AIS it uses Preemptive Authentication, i.e. the credentials are passed in the HTTP header on the initial request. We have a third party application that needs to consume an Orchestration and the third party application seems to only support Reactive Basic Authentication, i.e. request is made, server returns 401, client resubmits request with authentication header.

Is it possible to configure the Orchestration/AIS server to use Reactive Basic Authentication? Is it possible to configure it to accept both Reactive and Preemptive?


Hi Brian,

I have been seeing this a lot lately. Most CNC people are not aware, but there is a setting on weblogic that you need to set.

You need to add the '<enforce-valid-basic-auth-credentials>false</enforce-valid-basic-auth-credentials>" entry to the config.xml just before the closing </security-configuration> tag of the
Weblogic Server domain:

You can read more about it here Solutions->Error 1->Option 2
https://support.oracle.com/knowledge/JD Edwards EnterpriseOne/2040956_1.html