I have developed a Web Service using SOAP and a client to consume the Web Service. The application works perfectly without authentication, however the admin team (understandably) would like to not grant anonymous access on the domino server.
So I have tried:
including the username/password in the wsdl url when instantiating the soap object. The url works via browser but not with the SOAP object.
I utilized the SOAP toolkit authentication methods (MSSOAP v3), however it errors back “No matching authentication scheme on enable connector”
Does anyone know how to use authentication on a WSDL with SOAP Web Service being hosted on Domino?
Sub Main()
REM SampleHelpDesk was imported as a web reference of the lotusscript service below.
Dim WebService As New SampleHelpDesk.MainInterfaceService
Dim Ticket As New SampleHelpDesk.TICKET
REM Provide the username/password to the web service, and suggest that they are sent
REM on the first request.
Dim myCred As New NetworkCredential("username", "password")
WebService.Credentials = myCred
WebService.PreAuthenticate = True
REM This is the actual web service request.
WebService.UPDATE(Ticket)
End Sub
End Module
The domino web service code was this:
%INCLUDE “lsxsd.lss”
Public Class Ticket
Public TicketId As String
Public PersonId As String
Public Description As String
Public DateCreated As XSD_DateTime
Public AssignedId As String
Sub New()
Dim DateCreated As New XSD_DateTime
End Sub
End Class
Public Class MainInterface
Public Function update(ticket As Ticket) As Ticket
Messagebox "Hello from Update"
Set update = ticket
End Function
End Class
One important note: The .NET documentation for “PreAuthenticate = true” claims that this will cause the http autentication to happen on the first request to the web server. What actually happens is that .Net sends an unauthenticated requests first, if it gets a HTTP 401 back then it try with the credentials provided. So, because of this, I have only been able to get this working when Basic autentication is enabled on the domino server.
And, I have used this java code to send basic authentication credentials. The properties being set just before the call to the web service are dictated by JAX-RPC and therefore this is something that works in toolkits that support this style. The web service call is CREATE_TICKET().
package main;
import com.helpdesk.*;
public class dsfs {
public static void main(String[] args)
throws Exception
{
HelpDeskInterfaceServiceLocator hd = new HelpDeskInterfaceServiceLocator();
javax.naming.InitialContext ctx = new javax.naming.InitialContext();
com.helpdesk.HelpDeskInterface helpDesk = null;
helpDesk = (new com.helpdesk.HelpDeskInterfaceServiceLocator()).getHelpDeskInterfacePort();
javax.xml.rpc.Stub stub = (javax.xml.rpc.Stub)helpDesk;
stub._setProperty("javax.xml.rpc.service.endpoint.address", "http://spn:90/helpdesk.nsf/helpdesk");
stub._setProperty("javax.xml.rpc.security.auth.username", "tsmith");
stub._setProperty("javax.xml.rpc.security.auth.password", "ksdfkjsdfkjsld");
helpDesk.CREATE_TICKET();
}
For testing purposes, I have created a Domino LS agent using MS Soap Toolkit 3.0 to consume the web service.
Set Client =CreateObject("MSSOAP.SoapClient30")
' cant add authentication until soap client is initialized
' Initialize connection to the WSDL file and get WSDL structure
Call Client.mssoapinit (sWSDLlocal)
Client.ConnectorProperty("EndPointURL")=sWSDL
' Get past ACL authentication
Client.ConnectorProperty("AuthUser") = "xxx"
Client.ConnectorProperty("AuthPassword") ="xxxx"
It is reassuring to know that Domino can authenticate on the first request - though since I am not familiar with vb.net, I would prefer to do it from Domino or Java
I was not able to use the MS Soap Toolkit to do authentication so I ended up writing my own authentication.
FYI on using MS Soap Toolkit 3.0 on a Server 2003 box. Microsoft does not recommend it and there is limited support for the toolkit. See MS Knowledge Base - http://support.microsoft.com/kb/811215/
I wrote an agent to consume a Domino WS wrapped with SOAP (using MS Toolkit 3.0). It ran succesfully manually, it ran succesfully scheduled, but it gave wsdl errors when called by another agent (user run rights were not the problem).