SoapUI does not include Authentication header in SOAP request

Question

I have a SOAP request, that runs fine using SoapUI 5.5.0.

But when I run the SOAP request in SoapUI 5.6.1 or 5.7.0 it looks like, the Authentication header of subsequent SOAP requests is lost.

The first SOAP request usually includes the Authentication header, but subsequent request does not (and the endpoint of course dismisses the requests).

The SOAP request has NTLM Auth configured.

Here the http log showing the same request, executed twice. First request includes the Authentication header, but the second does not.

Thu Feb 24 14:17:36 CET 2022: DEBUG: http-outgoing >>
POST /eDocDotNetAPI/WSeDocAPI.asmx HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: text/xml;charset=UTF-8
SOAPAction: "http://tempuri.org/SearchCaseFile"
Content-Length: 971
Host: edoc5-t.corp.silk.dk:8090
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.5.5 (Java/16.0.1)
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAA[REMOVED]

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:tem="http://tempuri.org/">
<soapenv:Header/>
<soapenv:Body>
<tem:SearchCaseFile>

<tem:XmlDocument>
[0x9]<![CDATA[<Root xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:edoc="http://www.fujitsu.dk/esdh/xml/schemas/2007/01/05/" xsi:noNamespaceSchemaLocation="SearchCaseFile.xsd">
[0x9][0x9]<edoc:CaseFileSearch>
[0x9][0x9][0x9]<edoc:UserIdentifier>edoc4dummyuser</edoc:UserIdentifier>
[0x9][0x9][0x9]<edoc:SearchCriterias>
[0x9][0x9][0x9][0x9]<edoc:Summary>ESDH_ID{b137675c-425b-4ce5-adae-c8dd8ed372f5}*</edoc:Summary>
[0x9][0x9][0x9]</edoc:SearchCriterias>
[0x9][0x9][0x9]<edoc:ResultFields>
[0x9][0x9][0x9][0x9]<edoc:CaseFileIdentifier></edoc:CaseFileIdentifier>
[0x9][0x9][0x9]</edoc:ResultFields>
[0x9][0x9]</edoc:CaseFileSearch>
[0x9]</Root>]]>
</tem:XmlDocument>
</tem:SearchCaseFile>

</soapenv:Body>
</soapenv:Envelope>

Thu Feb 24 14:17:36 CET 2022: DEBUG: http-incoming <<
HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Type: text/xml; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Persistent-Auth: true
X-Powered-By: ASP.NET
Date: Thu, 24 Feb 2022 13:17:36 GMT
Content-Length: 43135

<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>[Valid SOAP Response REMOVED]</soap:Body></soap:Envelope>

Thu Feb 24 14:17:38 CET 2022: DEBUG: http-outgoing >>
POST /eDocDotNetAPI/WSeDocAPI.asmx HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: text/xml;charset=UTF-8
SOAPAction: "http://tempuri.org/SearchCaseFile"
Content-Length: 971
Host: edoc5-t.corp.silk.dk:8090
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.5.5 (Java/16.0.1)

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:tem="http://tempuri.org/">
<soapenv:Header/>
<soapenv:Body>
<tem:SearchCaseFile>

<tem:XmlDocument>
[0x9]<![CDATA[<Root xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:edoc="http://www.fujitsu.dk/esdh/xml/schemas/2007/01/05/" xsi:noNamespaceSchemaLocation="SearchCaseFile.xsd">
[0x9][0x9]<edoc:CaseFileSearch>
[0x9][0x9][0x9]<edoc:UserIdentifier>edoc4dummyuser</edoc:UserIdentifier>
[0x9][0x9][0x9]<edoc:SearchCriterias>
[0x9][0x9][0x9][0x9]<edoc:Summary>ESDH_ID{b137675c-425b-4ce5-adae-c8dd8ed372f5}*</edoc:Summary>
[0x9][0x9][0x9]</edoc:SearchCriterias>
[0x9][0x9][0x9]<edoc:ResultFields>
[0x9][0x9][0x9][0x9]<edoc:CaseFileIdentifier></edoc:CaseFileIdentifier>
[0x9][0x9][0x9]</edoc:ResultFields>
[0x9][0x9]</edoc:CaseFileSearch>
[0x9]</Root>]]>
</tem:XmlDocument>
</tem:SearchCaseFile>

</soapenv:Body>
</soapenv:Envelope>

Thu Feb 24 14:17:38 CET 2022: DEBUG: http-incoming <<
HTTP/1.1 500 Internal Server Error
Cache-Control: private
Content-Type: text/xml; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Persistent-Auth: true
X-Powered-By: ASP.NET
Date: Thu, 24 Feb 2022 13:17:38 GMT
Content-Length: 420

<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>Server was unable to process request. ---> No Authorization Header provided</faultstring><detail /></soap:Fault></soap:Body></soap:Envelope>

richie · Answer

Hey&nbsp;shoxbro&nbsp;
&nbsp;
Have you tried hardcoding the Authorization header rather than allowing SoapUI to dynamically generate it?
&nbsp;
If you manually add an Authorization header into the request - I've found this has worked for me before when the header didn't appear as I expected
&nbsp;
Cheers,
&nbsp;
Rich

shoxbro · Answer

Hi&nbsp;richie&nbsp;No - I have not tried "manually" setting the Authorization header - yet 🙂But I would rather use the built-in mechanism.

Forum Discussion

SoapUI does not include Authentication header in SOAP request

Related Content

JDBC Request errors when semicolon is included in SQL

Kafka topic using OAuth2 authentication

ReadyAPI Authentication

Cookie Authentication

Project Authentication

Recent Discussions

How do I change password and Username on every call in a Test Case in SoapUI?

Content-Length calculation wrong when posting UTF-8 content

Error exception in phase 'semantic analysis' with java 21

Generate positive long integer?

How to test gi forms used in Intalio BPM process.