[Res] Does SoapUI support Windows Digest Authentication?

Hi,

SoapUI does support HTTP Digest Authentication. I believe that is the same thing as Windows Digest Authentication.

Information can be found here:
http://www.soapui.org/SOAP-and-WSDL/aut ... uests.html

Thanks for the reply. The example shown is for basic and I've tried many combinations of settings with authentication type, wss-password type, with/without domain, but I still get a blank response screen with the below error from the log. Do you have any specific example of Windows Digest Authentication? Also this webservice is running over https on IIS 7.Thanks for the help

Wed Jan 08 13:32:59 CST 2014:ERROR:org.apache.http.client.ClientProtocolException
org.apache.http.client.ClientProtocolException
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:822)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)
at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport$Helper.execute(HttpClientSupport.java:236)
at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport.execute(HttpClientSupport.java:345)
at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.sendRequest(HttpClientRequestTransport.java:241)
at com.eviware.soapui.impl.wsdl.WsdlSubmit.run(WsdlSubmit.java:123)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask$Sync.innerRun(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: org.apache.http.ProtocolException: Content-Length header already present
at org.apache.http.protocol.RequestContent.process(RequestContent.java:67)
at org.apache.http.protocol.ImmutableHttpProcessor.process(ImmutableHttpProcessor.java:108)
at org.apache.http.protocol.HttpRequestExecutor.preProcess(HttpRequestExecutor.java:174)
at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport$SoapUIHttpRequestExecutor.preProcess(HttpClientSupport.java:106)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:452)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
... 11 more

Hi,

Is it possible for you to post your request?

This exception Caused by: org.apache.http.ProtocolException: Content-Length header already present seems to indicate the Content-Length header being present more than once in the request.

I changed the FQDN and service/functions names for anonymity.

POST https://FQDN/MyService.svc HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: application/soap+xml;charset=UTF-8;action="http://tempuri.org/IMyService/testFunc"
Content-Length: 3370
Host: FQDN
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)

<s:Envelope xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:s="http://www.w3.org/2003/05/soap-envelope">
  <s:Header><wsse:Security s:mustUnderstand="true" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsse:UsernameToken wsu:Id="UsernameToken-22"><wsse:Username>user</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">jItk15UyO4/G/QQtnHJX3f70yEs=</wsse:Password><wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">TdO1hwi3t1GFsvJK1db4cg==</wsse:Nonce><wsu:Created>2014-01-09T13:21:24.136Z</wsu:Created></wsse:UsernameToken></wsse:Security>
    <a:Action s:mustUnderstand="1">http://tempuri.org/IMyService/testFunc</a:Action>
    <a:MessageID>urn:uuid:56a38324-84e0-410e-932b-25599ac9c843</a:MessageID>
    <a:ReplyTo>
      <a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
    </a:ReplyTo>
    <a:To s:mustUnderstand="1">http://localhost:2313/MyService.svc</a:To>
  </s:Header>
  <s:Body>
    <testFunc xmlns="http://tempuri.org/">
      <func>test</func>
      <req>Test</req>
    </testFunc >
  </s:Body>
</s:Envelope>

Hi,

Please check the Headers tab in the Request editor. I get this error when there is a Content-Length in the Headers tab of the Request editor. SoapUI by default creates a Content-Length header so there is no need to have one in the Headers tab.

I don't see that it has any headers in that tab(I'm looking on the tab that is between "Aut" and "Attachments(0)").

Ok so here is the solution that worked for me. I was on version 4.5.1 and I couldn't get it to work with various combinations of settings as stated above. I figured I'd download the latest, 4.6.3. I then set the user name and password in the request properties, set the authentication type to NTLM, and checked "add default wsa:to" under the ws-a tab.

Glad you got it to work. They were some recent fixes to NTLM authentication that might of helped.

Thanks.