Security Error: Callback supplied no password for {username}
1,393 views
Skip to first unread message
Matt Gersting
Jan 12, 2012, 4:13:36 PM1/12/12
to Google's DoubleClick for Advertisers API Forum
Hey all. I'm taking the PHP sample files as a baseline and working on
creating a comparable wrapper class for ColdFusion 9. This is a
little long winded, but I wanted to try and give you the lay of the
land for clarity.
The first problem I encountered was not providing the security
header. ColdFusion's various methods for invoking webservices all
allow for username and password attributes, but surprisingly
ColdFusion doesn't seem to detect the WSSE requirement from the WSDL
and generate the headers. So, I now generate and attach the security
header by instantiating an org.apache.axis.message.SOAPHeaderElement
object. This cleared up the "WSDoAllReceiver: Request does not
contain required Security header" error.
I'm getting a new error now:
org.apache.ws.security.WSSecurityException: General security error
(WSSecurityEngine: Callback supplied no password for: {username}
Did a lot of Googling and I'm not sure I understand the problem. Is
my header malformed in some way? Any guidance would be greatly
appreciated. Thanks in advance!
creating a comparable wrapper class for ColdFusion 9. This is a
little long winded, but I wanted to try and give you the lay of the
land for clarity.
The first problem I encountered was not providing the security
header. ColdFusion's various methods for invoking webservices all
allow for username and password attributes, but surprisingly
ColdFusion doesn't seem to detect the WSSE requirement from the WSDL
and generate the headers. So, I now generate and attach the security
header by instantiating an org.apache.axis.message.SOAPHeaderElement
object. This cleared up the "WSDoAllReceiver: Request does not
contain required Security header" error.
I'm getting a new error now:
org.apache.ws.security.WSSecurityException: General security error
(WSSecurityEngine: Callback supplied no password for: {username}
Did a lot of Googling and I'm not sure I understand the problem. Is
my header malformed in some way? Any guidance would be greatly
appreciated. Thanks in advance!
DFA API Advisor
Jan 13, 2012, 8:52:40 AM1/13/12
to Google's DoubleClick for Advertisers API Forum
Hi Matt,
This error message may mean that your header is malformed, but it can
also signify that the "password" you supplied was incorrect. Are you
supplying a token generated from the login service's authenticate
operation instead of your user profile's password? Putting your raw
password in the header will result in that error. Are you able to run
the PHP examples successfully?
Otherwise, please capture the SOAP message and post the header as XML
here, censoring your username and password/token. I'd be happy to take
a look.
Regards,
- Joseph DiLallo, the DFA API Team
This error message may mean that your header is malformed, but it can
also signify that the "password" you supplied was incorrect. Are you
supplying a token generated from the login service's authenticate
operation instead of your user profile's password? Putting your raw
password in the header will result in that error. Are you able to run
the PHP examples successfully?
Otherwise, please capture the SOAP message and post the header as XML
here, censoring your username and password/token. I'd be happy to take
a look.
Regards,
- Joseph DiLallo, the DFA API Team
Matt Gersting
Jan 13, 2012, 11:21:48 AM1/13/12
to Google's DoubleClick for Advertisers API Forum
Progress! Most excellent.
I'm now running authenticate against the separate login WSDL and
storing those credentials in my object.
For my immediate project needs the method I'm most interested in
implementing is getDfaSites(). I'm now able to run it without error,
but I'm not returning any results. Any thoughts? When I try
getDfaSite() I also get a no site found error...perhaps I'm not using
the correct ID? Also, getDfaSite() requires a search string a result
limits by default - is there a way to just grab everything? That's
really what I need.
I'm now running authenticate against the separate login WSDL and
storing those credentials in my object.
For my immediate project needs the method I'm most interested in
implementing is getDfaSites(). I'm now able to run it without error,
but I'm not returning any results. Any thoughts? When I try
getDfaSite() I also get a no site found error...perhaps I'm not using
the correct ID? Also, getDfaSite() requires a search string a result
limits by default - is there a way to just grab everything? That's
really what I need.
DFA API Advisor
Jan 13, 2012, 11:27:43 AM1/13/12
to Google's DoubleClick for Advertisers API Forum
Hi again Matt,
If you pass in an empty or null searchString, you'll back all results.
(This works for all services in the DFA API.
If you try this and still get back no results, its possible that the
DFA user profile you're using is prevented from seeing them. There's a
few different kinds of access controls in DFA. Your profile's User
Role might not have permission to see sites, or your profile may have
a User Filter on that lets you see no sites. The easiest way to
diagnose if that is the problem is to sign in through out website UI,
advertisers.doubleclick.net, using the same DFA user profile, and see
if you can view them there.
Cheers,
If you pass in an empty or null searchString, you'll back all results.
(This works for all services in the DFA API.
If you try this and still get back no results, its possible that the
DFA user profile you're using is prevented from seeing them. There's a
few different kinds of access controls in DFA. Your profile's User
Role might not have permission to see sites, or your profile may have
a User Filter on that lets you see no sites. The easiest way to
diagnose if that is the problem is to sign in through out website UI,
advertisers.doubleclick.net, using the same DFA user profile, and see
if you can view them there.
Cheers,
- Joseph DiLallo, the DFA API Team
Matt Gersting
Jan 13, 2012, 11:36:36 AM1/13/12
to google-doubleclick-...@googlegroups.com
Thanks so much for the timely responses.
I tried removing my search criteria but still no results. I logged into the UI and am able to see Admin > Sites, load that page and get a thousand or so results.
I tried removing my search criteria but still no results. I logged into the UI and am able to see Admin > Sites, load that page and get a thousand or so results.
DFA API Advisor
Jan 13, 2012, 11:52:14 AM1/13/12
to Google's DoubleClick for Advertisers API Forum
Hmm... And its the same user profile, UI and APi, huh?
If you want to compare, this is the body of the SOAP request I'm using
to fetch all DFA sites using v1.15:
<soapenv:Body>
<ns2:getDfaSites xmlns:ns2="http://www.doubleclick.net/dfa-api/
v1.15" soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/
encoding/">
<dfaSiteSearchCriteria href="#id0"/>
</ns2:getDfaSites>
<multiRef xmlns:soapenc="http://schemas.xmlsoap.org/soap/
encoding/" xmlns:ns3="http://www.doubleclick.net/dfa-api/v1.15"
id="id0" soapenc:root="0" soapenv:encodingStyle="http://
schemas.xmlsoap.org/soap/encoding/"
xsi:type="ns3:DfaSiteSearchCriteria">
<ids xsi:type="xsd:long" xsi:nil="true"/>
<searchString xsi:type="soapenc:string"/>
<pageNumber href="#id1"/>
<pageSize href="#id2"/>
<SDSiteIds xsi:type="xsd:long" xsi:nil="true"/>
<campaignIds xsi:type="xsd:long" xsi:nil="true"/>
<excludeSitesMappedToSiteDirectory href="#id3"/>
<networkId href="#id4"/>
<sortOrder xsi:type="ns3:SortOrder" xsi:nil="true"/>
<subnetworkId href="#id5"/>
</multiRef>
<multiRef xmlns:soapenc="http://schemas.xmlsoap.org/soap/
encoding/" id="id3" soapenc:root="0" soapenv:encodingStyle="http://
schemas.xmlsoap.org/soap/encoding/" xsi:type="xsd:boolean">false</
multiRef>
<multiRef xmlns:soapenc="http://schemas.xmlsoap.org/soap/
encoding/" id="id2" soapenc:root="0" soapenv:encodingStyle="http://
schemas.xmlsoap.org/soap/encoding/" xsi:type="xsd:int">0</multiRef>
<multiRef xmlns:soapenc="http://schemas.xmlsoap.org/soap/
encoding/" id="id4" soapenc:root="0" soapenv:encodingStyle="http://
schemas.xmlsoap.org/soap/encoding/" xsi:type="xsd:long">0</multiRef>
<multiRef xmlns:soapenc="http://schemas.xmlsoap.org/soap/
encoding/" id="id1" soapenc:root="0" soapenv:encodingStyle="http://
schemas.xmlsoap.org/soap/encoding/" xsi:type="xsd:int">0</multiRef>
<multiRef xmlns:soapenc="http://schemas.xmlsoap.org/soap/
encoding/" id="id5" soapenc:root="0" soapenv:encodingStyle="http://
schemas.xmlsoap.org/soap/encoding/" xsi:type="xsd:long">0</multiRef>
</soapenv:Body>
If this doesn't help, you can also try e-mailing me just the username
of the DFA User Profile you're using and I'll see if anything is wrong
with that particular profile.
Regards,
- Joseph DiLallo, the DFA API Team
If you want to compare, this is the body of the SOAP request I'm using
to fetch all DFA sites using v1.15:
<soapenv:Body>
<ns2:getDfaSites xmlns:ns2="http://www.doubleclick.net/dfa-api/
v1.15" soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/
encoding/">
<dfaSiteSearchCriteria href="#id0"/>
</ns2:getDfaSites>
<multiRef xmlns:soapenc="http://schemas.xmlsoap.org/soap/
encoding/" xmlns:ns3="http://www.doubleclick.net/dfa-api/v1.15"
id="id0" soapenc:root="0" soapenv:encodingStyle="http://
schemas.xmlsoap.org/soap/encoding/"
xsi:type="ns3:DfaSiteSearchCriteria">
<ids xsi:type="xsd:long" xsi:nil="true"/>
<searchString xsi:type="soapenc:string"/>
<pageNumber href="#id1"/>
<pageSize href="#id2"/>
<SDSiteIds xsi:type="xsd:long" xsi:nil="true"/>
<campaignIds xsi:type="xsd:long" xsi:nil="true"/>
<excludeSitesMappedToSiteDirectory href="#id3"/>
<networkId href="#id4"/>
<sortOrder xsi:type="ns3:SortOrder" xsi:nil="true"/>
<subnetworkId href="#id5"/>
</multiRef>
<multiRef xmlns:soapenc="http://schemas.xmlsoap.org/soap/
encoding/" id="id3" soapenc:root="0" soapenv:encodingStyle="http://
schemas.xmlsoap.org/soap/encoding/" xsi:type="xsd:boolean">false</
multiRef>
<multiRef xmlns:soapenc="http://schemas.xmlsoap.org/soap/
encoding/" id="id2" soapenc:root="0" soapenv:encodingStyle="http://
schemas.xmlsoap.org/soap/encoding/" xsi:type="xsd:int">0</multiRef>
<multiRef xmlns:soapenc="http://schemas.xmlsoap.org/soap/
encoding/" id="id4" soapenc:root="0" soapenv:encodingStyle="http://
schemas.xmlsoap.org/soap/encoding/" xsi:type="xsd:long">0</multiRef>
<multiRef xmlns:soapenc="http://schemas.xmlsoap.org/soap/
encoding/" id="id1" soapenc:root="0" soapenv:encodingStyle="http://
schemas.xmlsoap.org/soap/encoding/" xsi:type="xsd:int">0</multiRef>
<multiRef xmlns:soapenc="http://schemas.xmlsoap.org/soap/
encoding/" id="id5" soapenc:root="0" soapenv:encodingStyle="http://
schemas.xmlsoap.org/soap/encoding/" xsi:type="xsd:long">0</multiRef>
</soapenv:Body>
If this doesn't help, you can also try e-mailing me just the username
of the DFA User Profile you're using and I'll see if anything is wrong
with that particular profile.
Regards,
- Joseph DiLallo, the DFA API Team
On Jan 13, 11:36 am, Matt Gersting <mgerst...@gmail.com> wrote:
> Thanks so much for the timely responses.
>
> I tried removing my search criteria but still no results. I logged into
> the UI and am able to see Admin > Sites, load that page and get a thousand
> or so results.
>
> On Fri, Jan 13, 2012 at 11:27 AM, DFA API Advisor
> <dfaapiadvi...@google.com>wrote:
> Thanks so much for the timely responses.
>
> I tried removing my search criteria but still no results. I logged into
> the UI and am able to see Admin > Sites, load that page and get a thousand
> or so results.
>
> On Fri, Jan 13, 2012 at 11:27 AM, DFA API Advisor
Matt Gersting
Jan 13, 2012, 11:58:35 AM1/13/12
to google-doubleclick-...@googlegroups.com
I was using 1.16 - not sure if that will affect anything. Emailing account info. Meanwhile, I will see what I can do with the XML provided.
DFA API Advisor
Jan 13, 2012, 1:39:37 PM1/13/12
to Google's DoubleClick for Advertisers API Forum
Hi Matt,
I should have thought of this sooner, but are you used the test
environment or the production environment?
Our code examples use the test environment by default,
advertisersapitest.doubleclick.net, so that you can test our your
applications safely. Did you change them to
advertisersapi.doubleclick.net? I notice your account exists on both
environments and the one on test has 0 sites.
Regards,
- Joseph DiLallo, the DFA API Team
I should have thought of this sooner, but are you used the test
environment or the production environment?
Our code examples use the test environment by default,
advertisersapitest.doubleclick.net, so that you can test our your
applications safely. Did you change them to
advertisersapi.doubleclick.net? I notice your account exists on both
environments and the one on test has 0 sites.
Regards,
- Joseph DiLallo, the DFA API Team
On Jan 13, 11:58 am, Matt Gersting <mgerst...@gmail.com> wrote:
> I was using 1.16 - not sure if that will affect anything. Emailing account
> info. Meanwhile, I will see what I can do with the XML provided.
>
> On Fri, Jan 13, 2012 at 11:52 AM, DFA API Advisor
> <dfaapiadvi...@google.com>wrote:
> I was using 1.16 - not sure if that will affect anything. Emailing account
> info. Meanwhile, I will see what I can do with the XML provided.
>
> On Fri, Jan 13, 2012 at 11:52 AM, DFA API Advisor
Matt Gersting
Jan 13, 2012, 1:42:08 PM1/13/12
to google-doubleclick-...@googlegroups.com
When I was looking the Sites via GUI I was looking on production.
My code is connecting to https://advertisersapitest.doubleclick.net.
Do I need to log in to a test GUI and set up data there?
My code is connecting to https://advertisersapitest.doubleclick.net.
Do I need to log in to a test GUI and set up data there?
Matt Gersting
Jan 13, 2012, 1:44:49 PM1/13/12
to google-doubleclick-...@googlegroups.com
Awesome: I changed my code to hit production and results started coming back.
I'm assuming, though, that for development purposes the preferred route would be to set up data on the test environment?
I'm assuming, though, that for development purposes the preferred route would be to set up data on the test environment?
DFA API Advisor
Jan 13, 2012, 1:48:58 PM1/13/12
to Google's DoubleClick for Advertisers API Forum
Hi Matt,
Yes - the two environments are totally separate. You cannot view data
from one using the other. The test environment UI is located at
advertiserstest.doubleclick.net. When you're ready to work against
your live data, you can switch your application to using the live web
services.
Cheers,
- Joseph DiLallo, the DFA API Team
Yes - the two environments are totally separate. You cannot view data
from one using the other. The test environment UI is located at
advertiserstest.doubleclick.net. When you're ready to work against
your live data, you can switch your application to using the live web
services.
Cheers,
- Joseph DiLallo, the DFA API Team
On Jan 13, 1:42 pm, Matt Gersting <mgerst...@gmail.com> wrote:
> When I was looking the Sites via GUI I was looking on production.
> My code is connecting tohttps://advertisersapitest.doubleclick.net.
> When I was looking the Sites via GUI I was looking on production.
> Do I need to log in to a test GUI and set up data there?
>
> On Fri, Jan 13, 2012 at 1:39 PM, DFA API Advisor
> <dfaapiadvi...@google.com>wrote:
>
> On Fri, Jan 13, 2012 at 1:39 PM, DFA API Advisor
DFA API Advisor
Jan 13, 2012, 1:52:31 PM1/13/12
to Google's DoubleClick for Advertisers API Forum
Posted at the same time! (almost)
Yes, it is preferred that you develop against the test environment for
two reasons:
1) Your ad-serving data cannot be modified incorrectly due to bugs
during development. (Just catch them all before you go live! ;-) )
2) If you have to make a very large amount of calls to test all facets
of your program, you're not sharing the resources of the production
environment.
Yes, it is preferred that you develop against the test environment for
two reasons:
1) Your ad-serving data cannot be modified incorrectly due to bugs
during development. (Just catch them all before you go live! ;-) )
2) If you have to make a very large amount of calls to test all facets
of your program, you're not sharing the resources of the production
environment.
Matt Gersting
Jan 16, 2012, 10:15:28 AM1/16/12
to Google's DoubleClick for Advertisers API Forum
Thanks so much for the help. I don't have every service method up and
running, but my primary need getDfaSites() is working like a charm.
Huge help.
running, but my primary need getDfaSites() is working like a charm.
Huge help.
Reply all
Reply to author
Forward
0 new messages