0 Replies Latest reply: Mar 23, 2012 8:09 AM by 925996 RSS

    Web service authentication issue - using openam j2ee agent

    925996
      Hi,


      I am new to openAM. I am trying to use openAM (954) to secure my web service using J2EE agent 3.0. I have deployed my webservice (using CXF) on Glass fish 3.1.x.

      I have created necessary configuration given in URL http://docs.oracle.com/cd/E19575-01/820-4803/ghuqg/index.html


      I want to authenticate using user id and password. I am passing this information (userid/password) using SOAP header. But when I try to access my web service in browser it gives access forbidden message.

      Are there any additional configurations required? Please let me know, I am not able to find any other information on this anywhere.


      Following is the request we are sending. I am not sure about UsernameToken wsu:Id whether it is correct? How do we get this value from OpenAM dynamically at each time when we send the request.



      +<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:demo="http://demo.unitedcoders.com/">+

      +<soapenv:Header>+

      +<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="HTTPdocs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">+

      +<wsse:UsernameToken wsu:Id="UsernameToken-27777511" xmlns:wsu="HTTPdocs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">+

      +<wsse:Username>amadmin</wsse:Username>+

      +<wsse:Password Type="HTTPdocs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">Amit4001</wsse:Password>+

      +</wsse:UsernameToken>+

      +</wsse:Security>+

      +<soapenv:Header/>+

      +<soapenv:Body>+

      +<demo:greetPerson>+

      +<!--Optional:-->+


      +<arg0>Ashish</arg0>+

      +</demo:greetPerson>+

      +</soapenv:Body>+

      +</soapenv:Envelope>+





      Please help me solve this issue.

      Edited by: 922993 on Mar 23, 2012 6:08 AM