none
Configuring Basic Auth for a SOAP receive location RRS feed

  • Question

  • This is a simple thing, but I've been searching for hours and can't find a complete example. 

    I published an orchestration (BT2010, IIS7) as a simple web service (not WCF).  I have disabled anonymous access and enabled Basic Authentication.  If I try to browse to it, I get a dialog box asking for credentials. 

    I set up a local account on the machine, and added it to the IIS_WPG group, and made sure the app pool is running under an account that is part of the Biztalk isolated hosts group. 

     

    One question and one problem: When a SOAP request comes in, IIS will retrieve the credentials from within that instead of trying to present a dialog bos, correct?

     

    Now my problem. Supplying the credentials doesn't seem to work.  I've tried setting the default domain to the machine name and domain path  server.somedomain.parentdomain, I've tried using my domain own domain account as login credentials, none of it works. 

    So first, do I have to use a Windows account? Can I set up some dummy account just for this web site? 

    And second, if its a Windows account, what am I doing wrong here?  I have found a ton of examples for consuming web services,  but of the ones for exposing web services none walk you through setting up a Basic Auth solution. 

     

    Thanks

     

     

     

     

     


    Down there somewhere, its just ones and zeros.
    Tuesday, January 24, 2012 10:51 PM

Answers

  • I managed to get it working (well, the Basic Auth part anyway).

     

    1. Set up a local machine account. 

    2. Make sure it has access to the %TEMP% directory and is a member of the BizTalk Isolated Hosts user group

    3. Do not set a default domain on the security section for the web site.  Any setting there seems to make it fail

    4. Make sure Basic Auth is enabled on the web site

    5. Restart IIS 


    Down there somewhere, its just ones and zeros.
    Monday, January 30, 2012 3:52 PM

All replies

  • Read through the below link which has sample code to invoke a webservice with basic authentication.

    http://stackoverflow.com/questions/245835/how-do-i-get-an-already-basic-authenticated-context-to-call-a-web-service-behi

    Wednesday, January 25, 2012 5:43 AM
  • Hi,

    Here is a blog post that discussed setup for Basic Authentication for SOAP Adapter: Using Basic Authentication in BizTalk SOAP adapter.

    HTH

    Steef-Jan Wiggers

    Ordina ICT B.V. | MVP & MCTS BizTalk Server 2010

    http://soa-thoughts.blogspot.com/ | @SteefJan

    If this answers your question please mark it accordingly


    BizTalk
    Wednesday, January 25, 2012 9:02 AM
    Moderator
  • No, my problem is not CONSUMING a web service that uses Basic Auth.  That's easy, just put the credentials on the port. 

     

    My problem is that I am EXPOSING a web service that I want to protect using Basic Auth.  So the wizard has generated my web project, etc.  I have set the site to use Basic Auth.  But I don't seem to have it finding the right account to authenticate. 

     

    What I need is something that says: after the BizTalk web service wizard generates all of this stuff, here is the type of account you set up (local to the machine?  In active directory?  In the web.config?) to use for authorization.  And then you send those credentials to your OUTSIDE partner who will be consuming my web service. 


    Down there somewhere, its just ones and zeros.
    Wednesday, January 25, 2012 3:42 PM
  • Hi,

    That is something I have to explore myself. I will try to come up with answer that can be helpful.

    Steef-Jan Wiggers

    Ordina ICT B.V. | MVP & MCTS BizTalk Server 2010

    http://soa-thoughts.blogspot.com/ | @SteefJan


    BizTalk
    Wednesday, January 25, 2012 5:52 PM
    Moderator
  • I managed to get it working (well, the Basic Auth part anyway).

     

    1. Set up a local machine account. 

    2. Make sure it has access to the %TEMP% directory and is a member of the BizTalk Isolated Hosts user group

    3. Do not set a default domain on the security section for the web site.  Any setting there seems to make it fail

    4. Make sure Basic Auth is enabled on the web site

    5. Restart IIS 


    Down there somewhere, its just ones and zeros.
    Monday, January 30, 2012 3:52 PM
  • Hi Folks, I have similar issue and tried all sorts including solution proposed by El BO, but I am unable to receive messages into biztalk. I do not get any errors when invoking the service using .net code. see below for details, would appreciate your help in resolving this issue

    I have exposed schema as soap service using biztalk web publisher

    created app pool with user which is member of BizTalk Isolated Hosts user group

    set permissions to %TEMP% directory 

    In IIS set authentication to basic (as above)

    Messages are receieved into biztalk messagebox when anonymous authentication is enabled but as soon as i disable anonymous and enable basic auth i get no error but the message is not received by biztalk, I used fiddler to to trace and have noticed two entry

    401 followed by 202

    What should be a no brainer, I have spent considreable amount of time trying to resolve this with no avail.


    SMIAH

    • Proposed as answer by SMIAH Tuesday, February 12, 2013 10:28 PM
    • Unproposed as answer by SMIAH Tuesday, February 12, 2013 10:28 PM
    • Proposed as answer by SMIAH Tuesday, February 12, 2013 10:30 PM
    • Unproposed as answer by SMIAH Tuesday, February 12, 2013 10:32 PM
    Thursday, January 31, 2013 11:08 AM
  • Manage to get to the bottom of this, the issue was with application pool setting - it (mode) was set to integrated , changed mode to classic resolved my issue..


    SMIAH


    • Edited by SMIAH Tuesday, February 12, 2013 10:31 PM
    • Proposed as answer by SMIAH Tuesday, February 12, 2013 10:32 PM
    Tuesday, February 12, 2013 10:30 PM