We're testing REST services and have created a new REST project in SoapUI 5.0.0
I've added endpoint but when I try to run the request as a 'GET' method I get:
400 (Bad Request): No securitytoken header information found in request header
No securitytoken header information found in request header
I've tried to add an SO in the parametertable as 'HEADER' but still no go.
Anyone knows?
-tosh
In SOAP webservices you can manually injected security headers in the Request XML (make sure you use proper ns of the security policy).
If you are using jdeveloper HTTP Analyzer you will get options to add security headers in both SOAP and REST webservices
The Official SOAP UI has a getting started guide at
Security Headers SOAP UI guide.
For Rest services you can use REST client 3.1
and here is the youtube video tutorial for using the tool.
Related
As the title states, when I send a request from soapUI to an SAP web service I am returned with an XML that contains a "401 Nicht autorisiert" error message in it. Since it is an SAP web service, I do have to input credentials when I create the new project, but those are the only credentials I have input before running the project.
With the same credentials, I am able to create a request and not receive an error message when I use the Postman interface.
Could this be an issue with the web service configuration, or is this an authorization issue with soapUI?
Links to images:
SoapUI: https://imgur.com/2ZOBMgZ
Postman: https://imgur.com/M1SOCgG
From your images it looks like the Authorization: Basic... header is not being sent as part of your HTTP request out of soapUI and I assume your service doesn't challenge for the credentials in a way that soapUI understands.
One way around this is to click the Authenticate pre-emptively radio button on the basic authorization dialog box. This will construct and send the header the same way as Postman.
I am very new to WSO2 API manager and trying out my very first simple restful api. which returns json response and has no security since it is an internal api.
I installed WSO2 API manager locally and trying to call the rest api on my dev server which uses http and no security as I mentioned earlier.
Here is how my get url looks like:
and here is my url looks like for production and sandbox environment:
I don't have any message mediation enabled.
I went to the API store and created a trial application (so that I can get the access token. Eventhough, my dev environment api has no security, I was reading that for throttling and other purpose, I need to pass bearer token to the WSO2 api OR it will reject the request.)
When I am trying to consume the api, I get the following binary message.
Is there any way I can see the proxy log on WSO2 server so that I can see the request and its header sent to my dev server?
How can I fix this binary response to get the proper json response?
I searched all over and can't find solution to it.
You can use below steps on WSO2 ESB or APIM to enable Wire Logs.
Uncomment below line in /repository/conf/log4j.properties
log4j.logger.org.apache.synapse.transport.http.wire=DEBUG
Restart Server.
Source - http://lakshanigamage.blogspot.com/2015/03/how-to-enable-wire-logs-in-wso2-esbapim.html
I am trying to set up Karate test framework for our new project. We will be enabling Kerberos authentication to our Rest microservices. Can you please tell me if Karate supports Kerberos aunthentication
Most projects are able to call a normal HTTP end-point and get a token from it which will be used as an auth header. So look for the OAuth and header authentication demos / in the documentation.
Otherwise, take a look at this approach: https://stackoverflow.com/a/51150286/143475 - so it is possible for you with a little extra work to call into some .NET code for e.g. which you can design to give you the headers / tokens you need.
I am trying to make connection to Azure VSTS with SOAPui through vsts rest api's, but the response I am getting is: HTTP/1.1 203 Non-Authoritative information
Though when I hit the same request from POSTMAN it's giving successful response for every operation(Get, Post, Delete).
As I have a framework for API automation in SOAPUI I need to have this connection to post the test results in VSTS against respective test case.
Any idea how to resolve this would be much appreciated!!
Thanks
This is due to the incorrect authentication headers (Authorization header) that you send in the request. I have experienced this issue when you are trying to send empty username in SoapUI - Basic Authorization tab.
This can be handled by generating the header offline (using some online utilities - https://www.blitter.se/utils/basic-authentication-header-generator/) and sending in a separate header like below,
Authorization: Basic Onl1eWl1eWl5aXlpeWl5aXk=
Hope this helps.
Does Camel-Http4 supports Basic Authentication?
Followed this and other posts
Camel http4 download file using Basic authentication over Https
I am using camel 2.17.3 version. using camel-http4 component. The route sends a https4 multipart request to a REST endpoint . The REST service is behind the siteminder. Have truststore/ketstore/cert all setup and it works fine, just sending basic auth is causing trouble.
Using postman i was able to call REST services with basic auth. However, all the calls from camel route fails and get HTTP error 403.
I tried below options to get it working:
Added basic auth to the HttpConfiguration - got HTTP error 401
Added "Authorization" header to the route, as mentioned in the above link - got HTTP error 403
and Added method,user,pass to HTTP_Query - 403 also clear text password is visible in the siteminder logs, this is not good, so dropped trying this option.
please help resolve this issue with some working example and explain the cause.
Is camel dropping http headers?
also i now thinking should I consider using other available components netty/jetty/cxf?? But I prefer getting HTTPs4 working :)
thanks
To help others with an working example, here is how I got it...
1) Check the site-minder policy and also ensure the user have correct permissions for the services.
2) Passing user/password as query parameter isn't safe (at least it wasn't in my case) Clear text password was exposed in site-minder.
3) setting header (Authorization)
apache-camel-basic-http-auth