03-02-2015 2:00 PM
Dear all,
I wish to consume an external Web Service from an ABAP function module, using HTTPS and Basic Authentication. Service Consumer and Logical Port are ready and it works - but everytime a dialog for username and password shows up, even though the correct user data is already saved in the Logical Port. This means that background processing fails.
Does anyone have an idea how to avoid that?
I suspect the reason is that the external server certificate is checked using the DFAULT certificate list, I can see that in the trace data. However, we do not use a client certificate and have imported the server certificate into the ANONYM keystore in STRUST. With an RFC destination in SM59 (just for testing) I can ping the web service without a popup.
What is the prerequisite or the configuration for the ANONYM keystore to be used?
Thank you for any hints,
Ringo
03-02-2015 4:28 PM
Let me put it in other words to make my question clearer, hopefully:
When I create an RFC destination to an external server in SM59 (Type G), then I can set the Certificate List used to check the external server´s SSL certificate to ANONYMOUS:
How can I achieve the same setting for a Logical Port in SOAMANAGER, which belongs to an ABAP Consumer Proxy?
Thanks for any suggestions.
Best regards,
Ringo
03-05-2015 10:13 AM
Ok, SAP Note 1720478 clearly states that it is not foreseen to manually change the PSE in SOAMANAGER. The correct PSE is derived based on the authentication method. If a WSDL-based configuration is used, the selected PSE will be influenced by WS-Policy settings for authentication settings, if such are contained in the WSDL file. The only known case where this is really required is for authentication with client certificates.
This means to me that a failed basic authentication can not be caused by configuring the wrong PSE. The mistake will rather be in username, password or in proxy settings.
06-29-2015 2:51 PM
There must have been some issue with the logical port I created, and nothing else. After I recreated it in the Test System I never had problems again. By now the solution works in production without any authentication issues.