Some clients will request without authentication details. The idea is that the server will respond with a HTTP 401 response that includes a list of supported authentication types. Only once it is known what types will be accepted, the request is made again with the authentication details for the preferred authentication type.
In SoapUI, there is an option for 'Authenticate Preemptively' to send the chosen authentication type on the first attempt. This is on each request, or globally in Preferences > HTTP Settings.
Thanks, I've set the global value (Preferences > HTTP Settings) but still no luck. I was unable to find the setting at the Request level.
Does that setting apply to SoapUIs "Get Token" requests or just to user defined requests?
Hi,
I have exactly the same issue with my OAuth Token retrieval.
In curl, the HTTP header Authorization is used to pass the client_id and client_secret.
With SoapUI 5.4.0, these 2 elements are send in the Body of the request, the oauth server is rejecting the request since it is expecting the HTTP header Authorization.
It seems to be a bug in SoapUI.
/Palou
Palou - Make sure MediaType as xxx-form-urlencoded and select Post query string. Add a header with content type as app/x-www-form-urlencoded. Screen shot below.
