Hi, I've just created an Orchestration which uses a HTTP Adapter to call a
web page. The destination web site requires Basic authentication, with
Username and password. I've decided to set the Username and Password in the
Orchestration since they may change depending on who is calling the
Orchestration. This is what my Message Assignment Shape contains for the
outgoing message.

outMessage(HTTP.Username) = inMessage.Username;
outMessage(HTTP.Password) = inMessage.Password;
outMessage(HTTP.AuthenticationScheme) = "Basic";

However, this does not work. The authentication information is not added to
the querystring, that is, there is no "&Authorization=Basic" string in the
request headers.

What am I doing wrong here?

Best regards,
Chris

[ Post a follow-up to this message ]

You said two things :"The authentication information is not added to
> the querystring, that is, there is no "&Authorization=Basic" string in the
> request headers.
"

Basic authentication doesn't go into the querystring.  It goes into the HTTP
headers.  Have you done a trace to make sure they are not there?
--
Jon Flanders
http://www.masteringbiztalk.com/blogs/jon/

"Christoffer" <christoffer@nospam.com> wrote in message
news:%23V4T4%232ZFHA.1044@TK2MSFTNGP10.phx.gbl...
> Hi, I've just created an Orchestration which uses a HTTP Adapter to call a
> web page. The destination web site requires Basic authentication, with
> Username and password. I've decided to set the Username and Password in
> the Orchestration since they may change depending on who is calling the
> Orchestration. This is what my Message Assignment Shape contains for the
> outgoing message.
>
> outMessage(HTTP.Username) = inMessage.Username;
> outMessage(HTTP.Password) = inMessage.Password;
> outMessage(HTTP.AuthenticationScheme) = "Basic";
>
> However, this does not work. The authentication information is not added
> to the querystring, that is, there is no "&Authorization=Basic" string in
> the request headers.
>
> What am I doing wrong here?
>
> Best regards,
> Chris
>
>

[ Post a follow-up to this message ]

Right, there is no querystring  involved. Its all in the HTTP headers. Here
is an example:

HTTP Header string when Authentication is set on the port (not in the
Orchestration):
Connection=Keep-Alive&Content-Length=45&Content-Type=text%2fxml%3b+charset%3
dutf-8&Authorization=Basic+(something)%3d%3d&Expect=100-continue&Host=localh
ost&User-Agent=Microsoft+BizTalk+Server+2004+3.0.1.0

HTTP Header string when HTTP.AuthenticationScheme is set in the
Orchestration (not the port):
Connection=Keep-Alive&Content-Length=45&Content-Type=text%2fxml%3b+charset%3
dutf-8&Expect=100-continue&Host=localhost&User-Agent=Microsoft+BizTalk+Serve
r+2004+3.0.1.0

Why the difference? How do I use HTTP.AuthenticationScheme (together with
HTTP.Username and HTTP.Password)?

Best regards,
Chris

"Jon Flanders[MVP]" <jon.flanders@gmail.com> wrote in message
news:%23qaU7P4ZFHA.3120@TK2MSFTNGP12.phx.gbl...
> You said two things :"The authentication information is not added to 
> "
>
> Basic authentication doesn't go into the querystring.  It goes into the
> HTTP headers.  Have you done a trace to make sure they are not there?
> --
> Jon Flanders
> http://www.masteringbiztalk.com/blogs/jon/
>
> "Christoffer" <christoffer@nospam.com> wrote in message
> news:%23V4T4%232ZFHA.1044@TK2MSFTNGP10.phx.gbl... 
>
>

[ Post a follow-up to this message ]

Have you checked "basic" as the authentication scheme for the Send Port?

--
Jon Flanders
http://www.masteringbiztalk.com/blogs/jon/

"Christoffer" <christoffer@nospam.com> wrote in message
news:e%23GNUjBaFHA.3864@TK2MSFTNGP10.phx.gbl...
> Right, there is no querystring  involved. Its all in the HTTP headers.
> Here is an example:
>
> HTTP Header string when Authentication is set on the port (not in the
> Orchestration):
> Connection=Keep-Alive&Content-Length=45&Content-Type=text%2fxml%3b+charset
%3dutf-8&Authorization=Basic+(something)%3d%3d&Expect=100-continue&Host=loca
lhost&User-Agent=Microsoft+BizTalk+Server+2004+3.0.1.0
>
> HTTP Header string when HTTP.AuthenticationScheme is set in the
> Orchestration (not the port):
> Connection=Keep-Alive&Content-Length=45&Content-Type=text%2fxml%3b+charset
%3dutf-8&Expect=100-continue&Host=localhost&User-Agent=Microsoft+BizTalk+Ser
ver+2004+3.0.1.0
>
> Why the difference? How do I use HTTP.AuthenticationScheme (together with
> HTTP.Username and HTTP.Password)?
>
> Best regards,
> Chris
>
> "Jon Flanders[MVP]" <jon.flanders@gmail.com> wrote in message
> news:%23qaU7P4ZFHA.3120@TK2MSFTNGP12.phx.gbl... 
>
>

[ Post a follow-up to this message ]

I would believe that the HTTP.AuthenticationScheme set the authentication of
the port, but it doesn't look like that.

After setting the Send Port to "Basic" the "Authorization=Basic" string
occurs in the Request headers. However, only the Username was sent (after
decoding the base64-string) and not the Password. Is this by design or did I
miss something. Also what does the HTTP.AuthenticationScheme mean if it does
not change the Request headers?

Btw, thanks for your time 

Best regards,
/Chris

"Jon Flanders[MVP]" <jon.flanders@gmail.com> wrote in message
news:egEOijFaFHA.1088@TK2MSFTNGP14.phx.gbl...
> Have you checked "basic" as the authentication scheme for the Send Port?
>
> --
> Jon Flanders
> http://www.masteringbiztalk.com/blogs/jon/
>
> "Christoffer" <christoffer@nospam.com> wrote in message
> news:e%23GNUjBaFHA.3864@TK2MSFTNGP10.phx.gbl... 
>
>

[ Post a follow-up to this message ]

Christoffer,

Have you installed BizTalk 2004 SP1?

It looks like you hit an issue that was resolved in SP1.

You can either dowload SP1 here

http://www.microsoft.com/downloads/...df-ae6ae68bac3d

or obtain the fix by calling the Microsoft Product Support Services.
You can find the details of the fix and PSS phone numbers in the
following link.

http://support.microsoft.com/kb/837441/

Thanks,
Karahan Celikel

[ Post a follow-up to this message ]

The problem is that the fix only(?) applies to HTTP Receive ports, my
problem lies with a HTTP Send port.

Since the HTTP.Username is set, but not HTTP.Password (still wondering why)
I tried to set the HTTP.Username to Username + ":" + Password, which is the
format the Username and Password are sent using Basic authentication, but it
did not work 

I really need to sort this one out, the username/password sent to the HTTP
server is depending on who sends a message to the BizTalk in the first
place. There is no static username/password. This should be a basic concept
and I can not see how I am the first one to use it. Someone has got to have
the solution to this somewhere.

Best regards,
/Chris

"karahan" <karahan@gmail.com> wrote in message
news:1118217140.484659.158870@g43g2000cwa.googlegroups.com...
> Christoffer,
>
> Have you installed BizTalk 2004 SP1?
>
> It looks like you hit an issue that was resolved in SP1.
>
> You can either dowload SP1 here
>
> http://www.microsoft.com/downloads/...df-ae6ae68bac3d
>
> or obtain the fix by calling the Microsoft Product Support Services.
> You can find the details of the fix and PSS phone numbers in the
> following link.
>
> http://support.microsoft.com/kb/837441/
>
> Thanks,
> Karahan Celikel
>

[ Post a follow-up to this message ]

You can't override a static send port's properties inside
orchestration, but you can override http headers.

I was able to make it work using different methods.

Method 1:
If you want to use static send port
1-  Make sure that BizTalk 2004 SP1 is installed
2- Set send port's authentication to anonymous
3- In your message assignment shape, do the following


outMessage(HTTP.UserHttpHeaders) = "Authorization: Basic
MyBase64encodedUsername:Password\r\n";

Method 2:
If you want to use dynamic send port
In your message assignment shape

MyDynamicSendPort(Microsoft.XLANGs.BaseTypes.Address) =
"http://mypage";
outMessage(HTTP.Username) = "myusername";
outMessage(HTTP.Password) = "mypassword";
outMessage(HTTP.AuthenticationScheme) = "Basic";

Method 3: (I haven't tried this)
If you want to pass usename/password with the query string, you may
need to create a custom pipeline component for your send port, and set
OutboundTransportLocation property there.

Hope this helps,

Karahan Celikel (MSFT)

[ Post a follow-up to this message ]

Most interesting!

I managed to successfully implement Method 1! But I can not get Method 2
(which in my opinion is the way to do it). I'm not at all happy with the
workaround in Method 1 so I'd really like to get Method 2 working.

For Method 2, I've created a Send port, already set the address and the
authentication type. All I would have to do is set HTTP.Username and
HTTP.Password. But the HTTP.Password is not sent in the Request headers. Why
can I alter the HTTP.Username property but not the HTTP.Password property of
a static send port?

I believe I have BizTalk 2004 SP1 installed, not really sure how to check
it.

Best regards,
Chris

"karahan" <karahan@gmail.com> wrote in message
news:1118310347.233494.203420@f14g2000cwb.googlegroups.com...
> You can't override a static send port's properties inside
> orchestration, but you can override http headers.
>
> I was able to make it work using different methods.
>
> Method 1:
> If you want to use static send port
> 1-  Make sure that BizTalk 2004 SP1 is installed
> 2- Set send port's authentication to anonymous
> 3- In your message assignment shape, do the following
>
>
> outMessage(HTTP.UserHttpHeaders) = "Authorization: Basic
> MyBase64encodedUsername:Password\r\n";
>
> Method 2:
> If you want to use dynamic send port
> In your message assignment shape
>
> MyDynamicSendPort(Microsoft.XLANGs.BaseTypes.Address) =
> "http://mypage";
> outMessage(HTTP.Username) = "myusername";
> outMessage(HTTP.Password) = "mypassword";
> outMessage(HTTP.AuthenticationScheme) = "Basic";
>
> Method 3: (I haven't tried this)
> If you want to pass usename/password with the query string, you may
> need to create a custom pipeline component for your send port, and set
> OutboundTransportLocation property there.
>
> Hope this helps,
>
> Karahan Celikel (MSFT)
>

[ Post a follow-up to this message ]

When you said you created a send port, did you mean inside the
orchestration or using BizTalk Exlorer?

This is what I did
1- Created a dynamic send port inside an orchestration
2- Set its properties in the message shape

I can have a look at your orchestration, if you send it.

Check out Add/Remove programs to see if you have SP1 installed.

Christoffer wrote:[vbcol=seagreen]
> Most interesting!
>
> I managed to successfully implement Method 1! But I can not get Method 2
> (which in my opinion is the way to do it). I'm not at all happy with the
> workaround in Method 1 so I'd really like to get Method 2 working.
>
> For Method 2, I've created a Send port, already set the address and the
> authentication type. All I would have to do is set HTTP.Username and
> HTTP.Password. But the HTTP.Password is not sent in the Request headers. W
hy
> can I alter the HTTP.Username property but not the HTTP.Password property 
of
> a static send port?
>
>  I believe I have BizTalk 2004 SP1 installed, not really sure how to check
> it.
>
> Best regards,
> Chris
>
> "karahan" <karahan@gmail.com> wrote in message
> news:1118310347.233494.203420@f14g2000cwb.googlegroups.com... 

[ Post a follow-up to this message ]