SOAP Fault wsse:FailedAuthentication

[Randy Stewart]

When posting to an Ensemble Web Service I get the following SOAP fault. Seems like I remember seeing this before but I don’t remember the solution.

 

<?xml version='1.0' encoding='UTF-8' standalone='no' ?>

<SOAP-ENV:Envelope xmlns:SOAP-ENV='http://schemas.xmlsoap.org/soap/envelope/' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xmlns:s='http://www.w3.org/2001/XMLSchema' xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" >

  <SOAP-ENV:Body>

    <SOAP-ENV:Fault>

      <faultcode>wsse:FailedAuthentication</faultcode>

      <faultstring>The security token could not be authenticated or authorized</faultstring>

      <detail></detail>

    </SOAP-ENV:Fault>

  </SOAP-ENV:Body>

</SOAP-ENV:Envelope>

 

 

Here is the SOAP that I post:

<?xml version="1.0"?>

<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:s="http://www.w3.org/2001/XMLSchema" >

<SOAP-ENV:Body>

  <LabResults>

    <id>2</id>

  </LabResults>

</SOAP-ENV:Body>

</SOAP-ENV:Envelope>

 

 

Thanks,

Randy L Stewart

 

 

[Luca]

Randy:
Disable CSP security on that namespace
or pass the correct UI/PWD to log in
and you should be all set

On Aug 26, 5:00 am, Randy Stewart <Randy.Stew...@intersystems.com>
wrote:

[Randy Stewart]

Thanks, Luca.

I will try both ways.

Can you give an example of passing a UI/PWD?

Randy L Stewart

[Luca]

you can simply do the following:
http://127.0.0.1:8972/csp/ensdemo/Demo.HL7v3.Service.SOAPIn.CLS?WSDL=1&CacheUserName=xxxx&CachePassword=yyy

but
be warned
your credentials are in clear unless you use SSL
or InterSystems WS newly implemented Ws-Security with X.509 security
token

hih

On Aug 26, 11:00 am, Randy Stewart <Randy.Stew...@intersystems.com>

> > Randy L Stewart- Hide quoted text -
>
> - Show quoted text -

[Luca]

I've just noticed that the URL is NOT shown to the end in the previous
posting, although it is "clickable" :-)

the param passing part is:

?WSDL=1&CacheUserName=xxxx&CachePassword=yyy

hih


On Aug 26, 11:49 am, Luca <l...@intersystems.com> wrote:
> you can simply do the following:http://127.0.0.1:8972/csp/ensdemo/Demo.HL7v3.Service.SOAPIn.CLS?WSDL=...

> > - Show quoted text -- Hide quoted text -

[Randy Stewart]

Thanks, Luca.

Disabling CSP security on the Namespace worked.

However I could not get the param passing to work with CSP Security enabled. Strange.

[Alex Schaefer]

You need to call WSSecurityLogin() on your client object before invoking the web method, passing in Username and Password.

-- Alex :)

[Kim Humby]

In your client instantiation, try setting the Username and Password properties prior to invoking the web method. 

Luca's example is for when you are using the SOAP Client Wizard against a WSDL.

Kim

[cjoh...@gmail.com]

Hey,

Sorry to bump this old thread but I am getting the same error. We migrated our production from our Devevelopment Instance to our QA Instance. We're getting the error:

ERROR #6248: SOAP response is a SOAP fault: <Fault><Code><Value>wsse:FailedAuthentication</Value></Code><Reason><Text xml:lang="en">The security token could not be authenticated or authorized</Text></Reason><Detail></Detail></Fault>

To my knowledge, we didn't get this in the development instance.

Our system administrator turned off all methods of security but "Unauthenticated" for the web service.

How do you set permissions at the namespace level? My system administrator is only familiar with setting them at the web application level.

I'd appreciate any advice anyone can provide.

Thanks.

[cjoh...@gmail.com]

Hey all,

Just to follow up with this, I did manage to get around it by leaving only the authentication methods "Unauthenticated" and "Password" checked. Before, I had some other methods checked, including Kerberos.

I hope this helps.