OpenClinica Web Services 3.4.1 raises WssSoapFaultException

jens.piegsa

Hi folks,

I'm trying to get the soap request to work with the most current version, but without success.

Request:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:v1="http://openclinica.org/ws/study/v1">
  <soapenv:Header>
    <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
      <wsse:UsernameToken wsu:Id="UsernameToken-27777511" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
        <wsse:Username>root</wsse:Username>
        <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">a3adf26e70b8d8ab53da3d36b159ccb341d014e6</wsse:Password>
      </wsse:UsernameToken>
    </wsse:Security>
  </soapenv:Header>
  <soapenv:Body>
    <v1:listAllRequest/>
  </soapenv:Body>
</soapenv:Envelope>

Response:

<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
   <SOAP-ENV:Header/>
   <SOAP-ENV:Body>
      <SOAP-ENV:Fault>
         <faultcode>SOAP-ENV:Client</faultcode>
         <faultstring xml:lang="en">com.sun.xml.wss.impl.WssSoapFaultException: Authentication of Username Password Token Failed; nested exception is com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.impl.WssSoapFaultException: Authentication of Username Password Token Failed</faultstring>
      </SOAP-ENV:Fault>
   </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

Thanks for your help.
/Jens

haensel

Hi Jens

Did you follow the "Using OpenClinica Web Services" instructions? Especially the following points:

• The user account should be authorized to use web services; this authorization is granted in User Account setup.
• The password will need to be encrypted using the appropriate digest type. (here AES)

So please check that you ticked the "Authorize SOAP web services in this account" checkbox in the user settings and that this password hash is an AES hash?

Regards,

Christian

jens.piegsa

Hi Christian,

thanks for your reply. Yes, I followed the given instructions.

• "Authorize SOAP web services in this account" is checked for the given user
• I used SHA-1 hash of the user password (the same as in the database in user_account.passwd)
  

Any other ideas?

Cheers,
Jens

haensel

Hi Jens

After a closer look to your example try to change

jens.piegsa said:

<wsse:Password Type="

to

jens.piegsa said:

<wsse:Password type="

Regards,
Christian

jens.piegsa

That did not work.

haensel

Just to be shure that this isn't a simple configuration problem. Does the ws installation use the same database as the web installation?

jens.piegsa

Both applications are running on the same Tomcat server instance. Their datainfo.properties are the same and there is only one PostgreSQL server.

jens.piegsa

Hi Christian,

looking into it again, I recognized this line:

db=${WEBAPP.lower}

How is this supposed to work with two different applications expected to access the same database?

Replacing it with a fixed name identical in both versions resolved the issue.
Maybe this kind of default is misleading...

Thanks again for your help!

Cheers,
Jens

haensel

It's allways worth to double check even the simple steps. The default setting is usefull for the web instance only. Good that it works now.

Regards,
Christian