I trying to invoke a web service, which has an Basic HTTP Authentication. I generated the client code using the WSDL2JAVA tool from AXIS.
But I am not able to set the username and password to the webservice call.
I tried to have them in the endpoint url as
http://username:password#somwserver/wsdl
But I am getting the unauthorized error for this. I am trying to figure out a way to get this set to my call in the Java code....
Note : I am able to invoke the same service via the soapUI and get the results. I provided the username and password in the "Aut" tab on the request.
Here is some of the code snippets of my Stub, if this is userful for you
_serviceClient = new org.apache.axis2.client.ServiceClient(configurationContext,_service);
_serviceClient.getOptions().setTo(new org.apache.axis2.addressing.EndpointReference(
targetEndpoint));
_serviceClient.getOptions().setUseSeparateListener(useSeparateListener);
//adding SOAP soap_headers
_serviceClient.addHeadersToEnvelope(env);
// set the message context with that soap envelope
_messageContext.setEnvelope(env);
// add the message contxt to the operation client
_operationClient.addMessageContext(_messageContext);
//execute the operation client
_operationClient.execute(true);
Any inputs will be greatly appreciated!!
HttpTransportProperties.Authenticator
auth = new HttpTransportProperties.Authenticator();
auth.setUsername("username");
auth.setPassword("password");
_serviceClient.getOptions().setProperty(org.apache.axis2.transport.http.HTTPConstants.BASIC_AUTHENTICATE,auth);
Related
I have a problem with sending API request via postman or Java lib "io.restassured".
When I do the same action on UI the request returns correct response, but when I try the same thing via postman or java code I get:
401 Bad request Your browser sent an invalid
request.
The java code
public static void main(String[] args) {
String requestUrl = "exampleBaseUrl/app/reports/api/rest/v1/graphs?context=shipper&reports_type=freights";
Response response = RestAssured.given().relaxedHTTPSValidation().header("x-csrf-token", "18ea65e740eb0ddddadf0ef435d92564").
when().
get(requestUrl);
}
I assume something is wrong with the authentication, because in dev tools i can see a Get request for CSRF_token, and it looks like this:
the endpoint for the token:
/login?get_csrf_token
and for this request I get following response:
{"csrf_token":"18ea65e740eb0ddddadf0ef435d92564"}
I am not sure how to solve this, I have also tried to get the token via java code by sending a get request to the token's endpoint /login?get_csrf_token
and this one gets my a HTML response with empty username and password input.
Error 401 means your request isn't authorized.
For authorization, usually while logging in you are given a token, which you will have to keep in your cache/local-memory and whenever you communicate with the server you have to add that in your request header (for your own introduction to the server)
It seems like in your case you can get a token from /login?get_csrf_token after logging in. Note that you don't need authorization for a login service.
Now, after getting token from the server, how to add it as a request header? See REST Assured Documentation
When I am trying to run java app to look the item from ebay api I am getting exp:
com.sun.xml.internal.ws.fault.ServerSOAPFaultException: Client received SOAP Fault from server: Authentication failed : Invalid Application:app key Please see the server log to find more detail regarding exact cause of the failure.
at com.sun.xml.internal.ws.fault.SOAP11Fault.getProtocolException(SOAP11Fault.java:178)
at com.sun.xml.internal.ws.fault.SOAPFaultBuilder.createException(SOAPFaultBuilder.java:124)
at com.sun.xml.internal.ws.client.sei.StubHandler.readResponse(StubHandler.java:238)
at com.sun.xml.internal.ws.db.DatabindingImpl.deserializeResponse(DatabindingImpl.java:189)
at com.sun.xml.internal.ws.db.DatabindingImpl.deserializeResponse(DatabindingImpl.java:276)
at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:104)
at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:77)
at com.sun.xml.internal.ws.client.sei.SEIStub.invoke(SEIStub.java:147)
at com.sun.proxy.$Proxy36.findItemsByKeywords(Unknown Source)
at FindItem.main(FindItem.java:59)
I imported 2 jars as written on tutorial but still have this issue,
I get the key from ebay web of app key.
My code is:
ClientConfig config = new ClientConfig();
config.setApplicationId("MY app key that taken from ebay");
//create a service client
FindingServicePortType serviceClient = FindingServiceClientFactory.getServiceClient(config);
//create request object
FindItemsByKeywordsRequest request = new FindItemsByKeywordsRequest();
//set request parameters
request.setKeywords("harry potter phoenix");
PaginationInput pi = new PaginationInput();
pi.setEntriesPerPage(2);
request.setPaginationInput(pi);
//call service
FindItemsByKeywordsResponse result = serviceClient.findItemsByKeywords(request);
and another question, how can I get specification of the item?
Hope you can help on this issue.
I think the AppID which you given to connect the API is Invalid.
My questions are
Do you have DevID, AppID and CertID provided by eBay ?
If you have then please try to connect from SOAP UI to check whether it is working.
I have a dot net application that call a java web service. I am trying to implement authentication by passing credentials to the java service. Here is the dot net code setting the credentials. How can I get these credentials in my java application? They aren't set in the headers...
System.Net.NetworkCredential serviceCredentials = new NetworkCredential("user", "pass");
serviceInstance.Credentials = serviceCredentials;
serviceInstance is an instance of SoapHttpClientProtocol.
I've tried injecting the WebServiceContext like so
#Resource
WebServiceContext wsctx;
and pulling the crentials from the headers but they aren't there.
You are not passing the credentials to your service the correct way. In order to get the Authorize http request header do the following:
// Create the network credentials and assign
// them to the service credentials
NetworkCredential netCredential = new NetworkCredential("user", "pass");
Uri uri = new Uri(serviceInstance.Url);
ICredentials credentials = netCredential.GetCredential(uri, "Basic");
serviceInstance.Credentials = credentials;
// Be sure to set PreAuthenticate to true or else
// authentication will not be sent.
serviceInstance.PreAuthenticate = true;
Note: Be sure to set PreAuthenticate to true or else authentication will not be sent.
see this article for more information.
I had to dig-up some old code for this one :)
Update:
After inspecting the request/response headers using fiddler as suggested in the comments below a WWW-Authenticate header was missing at the Java Web Service side.
A more elegant way of implementing "JAX-WS Basic authentication" can be found in this article here using a SoapHeaderInterceptor (Apache CXF Interceptors)
I`m looking answer to question how it is possible to check what exacly request body and headers i send to restful webservice using restful client. For example and following code bellow:
// client object
Client client = javax.ws.rs.client.ClientBuilder.newClient();
// Web target
WebTarget webTarget = client.target(BASE_URI)
// Sending a request
webTarget
.request(MediaType.APPLICATION_XML)
.cookie(cookie)
.post(Entity.entity(params,MediaType.APPLICATION_XML));
how to debug, monitor or overview this request? It is possible?
Might be easiest to use something like Postman extension for Chrome: https://chrome.google.com/webstore/detail/postman-rest-client/fdmmgilgnpjigdojojpjoooidkmcomcm?hl=en
This will allow you to set all relevant headers and the request body and easily debug API calls.
Right now i'm using java to build rest service, and trying to use spring security to securing my service.
I have a few parameter that server needs to process the service (ex: application ID, username, password, consumer ID) . For username and password, I put in on http header "authorization", encoded with base64. Is there a way to put another parameters above (ex. AppID, consID) into http header?
Some sample of code would help, thanks.
You can put whatever you want in a whatever header you like. You can create custom headers. So you can have a App-Id header where you pass the appId. Alternatively you can pass those as parameters in the URL. That way you'll get rid of the option that some (stupid) proxy trims your headers.
Btw, I would suggest not to send the password, unless you are using https. Generally, I can recommend two similar scenarios:
use OAuth - let the user grant access to the API client via the OAuth dance. The client ends up with a token which it uses on each request.
use a custom, simplified token scheme - login once (with username and password, over https), and send a short-lived token in response. Each subsequent request can be made over an unsecured connection by providing the token, and (optionally) some HMAC of the request parameters, using a consumer secret as a key, so that you can verify the client is legit.