|
Home > Archive > BizTalk Server Orchestration > June 2005 > Problem with HTTP.AuthenticationScheme
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Problem with HTTP.AuthenticationScheme
|
|
| Christoffer 2005-06-02, 7:48 am |
| Hi, I've just created an Orchestration which uses a HTTP Adapter to call a
web page. The destination web site requires Basic authentication, with
Username and password. I've decided to set the Username and Password in the
Orchestration since they may change depending on who is calling the
Orchestration. This is what my Message Assignment Shape contains for the
outgoing message.
outMessage(HTTP.Username) = inMessage.Username;
outMessage(HTTP.Password) = inMessage.Password;
outMessage(HTTP.AuthenticationScheme) = "Basic";
However, this does not work. The authentication information is not added to
the querystring, that is, there is no "&Authorization=Basic" string in the
request headers.
What am I doing wrong here?
Best regards,
Chris
| |
| Jon Flanders[MVP] 2005-06-02, 5:51 pm |
| You said two things :"The authentication information is not added to
> the querystring, that is, there is no "&Authorization=Basic" string in the
> request headers.
"
Basic authentication doesn't go into the querystring. It goes into the HTTP
headers. Have you done a trace to make sure they are not there?
--
Jon Flanders
http://www.masteringbiztalk.com/blogs/jon/
"Christoffer" <christoffer@nospam.com> wrote in message
news:%23V4T4%232ZFHA.1044@TK2MSFTNGP10.phx.gbl...
> Hi, I've just created an Orchestration which uses a HTTP Adapter to call a
> web page. The destination web site requires Basic authentication, with
> Username and password. I've decided to set the Username and Password in
> the Orchestration since they may change depending on who is calling the
> Orchestration. This is what my Message Assignment Shape contains for the
> outgoing message.
>
> outMessage(HTTP.Username) = inMessage.Username;
> outMessage(HTTP.Password) = inMessage.Password;
> outMessage(HTTP.AuthenticationScheme) = "Basic";
>
> However, this does not work. The authentication information is not added
> to the querystring, that is, there is no "&Authorization=Basic" string in
> the request headers.
>
> What am I doing wrong here?
>
> Best regards,
> Chris
>
>
| |
| Christoffer 2005-06-03, 7:48 am |
| Right, there is no querystring involved. Its all in the HTTP headers. Here
is an example:
HTTP Header string when Authentication is set on the port (not in the
Orchestration):
Connection=Keep-Alive&Content-Length=45&Content-Type=text%2fxml%3b+charset%3dutf-8&Authorization=Basic+(something)%3d%3d&Expect=100-continue&Host=localhost&User-Agent=Microsoft+BizTalk+Server+2004+3.0.1.0
HTTP Header string when HTTP.AuthenticationScheme is set in the
Orchestration (not the port):
Connection=Keep-Alive&Content-Length=45&Content-Type=text%2fxml%3b+charset%3dutf-8&Expect=100-continue&Host=localhost&User-Agent=Microsoft+BizTalk+Server+2004+3.0.1.0
Why the difference? How do I use HTTP.AuthenticationScheme (together with
HTTP.Username and HTTP.Password)?
Best regards,
Chris
"Jon Flanders[MVP]" <jon.flanders@gmail.com> wrote in message
news:%23qaU7P4ZFHA.3120@TK2MSFTNGP12.phx.gbl...
> You said two things :"The authentication information is not added to
> "
>
> Basic authentication doesn't go into the querystring. It goes into the
> HTTP headers. Have you done a trace to make sure they are not there?
> --
> Jon Flanders
> http://www.masteringbiztalk.com/blogs/jon/
>
> "Christoffer" <christoffer@nospam.com> wrote in message
> news:%23V4T4%232ZFHA.1044@TK2MSFTNGP10.phx.gbl...
>
>
| |
| Jon Flanders[MVP] 2005-06-03, 5:55 pm |
| Have you checked "basic" as the authentication scheme for the Send Port?
--
Jon Flanders
http://www.masteringbiztalk.com/blogs/jon/
"Christoffer" <christoffer@nospam.com> wrote in message
news:e%23GNUjBaFHA.3864@TK2MSFTNGP10.phx.gbl...
> Right, there is no querystring involved. Its all in the HTTP headers.
> Here is an example:
>
> HTTP Header string when Authentication is set on the port (not in the
> Orchestration):
> Connection=Keep-Alive&Content-Length=45&Content-Type=text%2fxml%3b+charset%3dutf-8&Authorization=Basic+(something)%3d%3d&Expect=100-continue&Host=localhost&User-Agent=Microsoft+BizTalk+Server+2004+3.0.1.0
>
> HTTP Header string when HTTP.AuthenticationScheme is set in the
> Orchestration (not the port):
> Connection=Keep-Alive&Content-Length=45&Content-Type=text%2fxml%3b+charset%3dutf-8&Expect=100-continue&Host=localhost&User-Agent=Microsoft+BizTalk+Server+2004+3.0.1.0
>
> Why the difference? How do I use HTTP.AuthenticationScheme (together with
> HTTP.Username and HTTP.Password)?
>
> Best regards,
> Chris
>
> "Jon Flanders[MVP]" <jon.flanders@gmail.com> wrote in message
> news:%23qaU7P4ZFHA.3120@TK2MSFTNGP12.phx.gbl...
>
>
| |
| Christoffer 2005-06-07, 5:57 pm |
| I would believe that the HTTP.AuthenticationScheme set the authentication of
the port, but it doesn't look like that.
After setting the Send Port to "Basic" the "Authorization=Basic" string
occurs in the Request headers. However, only the Username was sent (after
decoding the base64-string) and not the Password. Is this by design or did I
miss something. Also what does the HTTP.AuthenticationScheme mean if it does
not change the Request headers?
Btw, thanks for your time 
Best regards,
/Chris
"Jon Flanders[MVP]" <jon.flanders@gmail.com> wrote in message
news:egEOijFaFHA.1088@TK2MSFTNGP14.phx.gbl...
> Have you checked "basic" as the authentication scheme for the Send Port?
>
> --
> Jon Flanders
> http://www.masteringbiztalk.com/blogs/jon/
>
> "Christoffer" <christoffer@nospam.com> wrote in message
> news:e%23GNUjBaFHA.3864@TK2MSFTNGP10.phx.gbl...
>
>
| |
|
|
| Christoffer 2005-06-09, 2:47 am |
| The problem is that the fix only(?) applies to HTTP Receive ports, my
problem lies with a HTTP Send port.
Since the HTTP.Username is set, but not HTTP.Password (still wondering why)
I tried to set the HTTP.Username to Username + ":" + Password, which is the
format the Username and Password are sent using Basic authentication, but it
did not work 
I really need to sort this one out, the username/password sent to the HTTP
server is depending on who sends a message to the BizTalk in the first
place. There is no static username/password. This should be a basic concept
and I can not see how I am the first one to use it. Someone has got to have
the solution to this somewhere.
Best regards,
/Chris
"karahan" <karahan@gmail.com> wrote in message
news:1118217140.484659.158870@g43g2000cwa.googlegroups.com...
> Christoffer,
>
> Have you installed BizTalk 2004 SP1?
>
> It looks like you hit an issue that was resolved in SP1.
>
> You can either dowload SP1 here
>
> http://www.microsoft.com/downloads/...df-ae6ae68bac3d
>
> or obtain the fix by calling the Microsoft Product Support Services.
> You can find the details of the fix and PSS phone numbers in the
> following link.
>
> http://support.microsoft.com/kb/837441/
>
> Thanks,
> Karahan Celikel
>
| |
| karahan 2005-06-09, 7:48 am |
| You can't override a static send port's properties inside
orchestration, but you can override http headers.
I was able to make it work using different methods.
Method 1:
If you want to use static send port
1- Make sure that BizTalk 2004 SP1 is installed
2- Set send port's authentication to anonymous
3- In your message assignment shape, do the following
outMessage(HTTP.UserHttpHeaders) = "Authorization: Basic
MyBase64encodedUsername:Password\r\n";
Method 2:
If you want to use dynamic send port
In your message assignment shape
MyDynamicSendPort(Microsoft.XLANGs.BaseTypes.Address) =
"http://mypage";
outMessage(HTTP.Username) = "myusername";
outMessage(HTTP.Password) = "mypassword";
outMessage(HTTP.AuthenticationScheme) = "Basic";
Method 3: (I haven't tried this)
If you want to pass usename/password with the query string, you may
need to create a custom pipeline component for your send port, and set
OutboundTransportLocation property there.
Hope this helps,
Karahan Celikel (MSFT)
| |
| Christoffer 2005-06-09, 7:48 am |
| Most interesting!
I managed to successfully implement Method 1! But I can not get Method 2
(which in my opinion is the way to do it). I'm not at all happy with the
workaround in Method 1 so I'd really like to get Method 2 working.
For Method 2, I've created a Send port, already set the address and the
authentication type. All I would have to do is set HTTP.Username and
HTTP.Password. But the HTTP.Password is not sent in the Request headers. Why
can I alter the HTTP.Username property but not the HTTP.Password property of
a static send port?
I believe I have BizTalk 2004 SP1 installed, not really sure how to check
it.
Best regards,
Chris
"karahan" <karahan@gmail.com> wrote in message
news:1118310347.233494.203420@f14g2000cwb.googlegroups.com...
> You can't override a static send port's properties inside
> orchestration, but you can override http headers.
>
> I was able to make it work using different methods.
>
> Method 1:
> If you want to use static send port
> 1- Make sure that BizTalk 2004 SP1 is installed
> 2- Set send port's authentication to anonymous
> 3- In your message assignment shape, do the following
>
>
> outMessage(HTTP.UserHttpHeaders) = "Authorization: Basic
> MyBase64encodedUsername:Password\r\n";
>
> Method 2:
> If you want to use dynamic send port
> In your message assignment shape
>
> MyDynamicSendPort(Microsoft.XLANGs.BaseTypes.Address) =
> "http://mypage";
> outMessage(HTTP.Username) = "myusername";
> outMessage(HTTP.Password) = "mypassword";
> outMessage(HTTP.AuthenticationScheme) = "Basic";
>
> Method 3: (I haven't tried this)
> If you want to pass usename/password with the query string, you may
> need to create a custom pipeline component for your send port, and set
> OutboundTransportLocation property there.
>
> Hope this helps,
>
> Karahan Celikel (MSFT)
>
| |
| karahan 2005-06-09, 5:51 pm |
| When you said you created a send port, did you mean inside the
orchestration or using BizTalk Exlorer?
This is what I did
1- Created a dynamic send port inside an orchestration
2- Set its properties in the message shape
I can have a look at your orchestration, if you send it.
Check out Add/Remove programs to see if you have SP1 installed.
Christoffer wrote:[vbcol=seagreen]
> Most interesting!
>
> I managed to successfully implement Method 1! But I can not get Method 2
> (which in my opinion is the way to do it). I'm not at all happy with the
> workaround in Method 1 so I'd really like to get Method 2 working.
>
> For Method 2, I've created a Send port, already set the address and the
> authentication type. All I would have to do is set HTTP.Username and
> HTTP.Password. But the HTTP.Password is not sent in the Request headers. Why
> can I alter the HTTP.Username property but not the HTTP.Password property of
> a static send port?
>
> I believe I have BizTalk 2004 SP1 installed, not really sure how to check
> it.
>
> Best regards,
> Chris
>
> "karahan" <karahan@gmail.com> wrote in message
> news:1118310347.233494.203420@f14g2000cwb.googlegroups.com...
| |
| Christoffer 2005-06-13, 2:47 am |
| I was using the BizTalk Explorer. However, when I create a dynamic port
inside the Orchestration I am allowed to set the HTTP.Username,
HTTP.Password, HTTP.AuthenticationScheme and
MyPort(Microsoft.XLANGs.BaseTypes.Address). The problem has been solved
thank you very much
It might be a good idea to note in the BizTalk documentation that one can
not alter the HTTP.Username and HTTP.Password on static Send ports.
Regards,
Chris
"karahan" <karahan@gmail.com> wrote in message
news:1118341442.882709.58920@g14g2000cwa.googlegroups.com...
> When you said you created a send port, did you mean inside the
> orchestration or using BizTalk Exlorer?
>
> This is what I did
> 1- Created a dynamic send port inside an orchestration
> 2- Set its properties in the message shape
>
> I can have a look at your orchestration, if you send it.
>
> Check out Add/Remove programs to see if you have SP1 installed.
>
> Christoffer wrote:
>
| |
| karahan 2005-06-13, 5:51 pm |
| I am glad that the problem has been solved, and thanks for your
feedback. We will take it into consideration.
|
|
|
|
|