SoapUI does not include Authentication header in SOAP request

Question

I have a SOAP request, that runs fine using SoapUI 5.5.0.

But when I run the SOAP request in SoapUI 5.6.1 or 5.7.0 it looks like, the Authentication header of subsequent SOAP requests is lost.

The first SOAP request usually includes the Authentication header, but subsequent request does not (and the endpoint of course dismisses the requests).

The SOAP request has NTLM Auth configured.

Here the http log showing the same request, executed twice. First request includes the Authentication header, but the second does not.

Thu Feb 24 14:17:36 CET 2022: DEBUG: http-outgoing >>
POST /eDocDotNetAPI/WSeDocAPI.asmx HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: text/xml;charset=UTF-8
SOAPAction: "http://tempuri.org/SearchCaseFile"
Content-Length: 971
Host: edoc5-t.corp.silk.dk:8090
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.5.5 (Java/16.0.1)
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAA[REMOVED]

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:tem="http://tempuri.org/">
<soapenv:Header/>
<soapenv:Body>
<tem:SearchCaseFile>

<tem:XmlDocument>
[0x9]<![CDATA[<Root xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:edoc="http://www.fujitsu.dk/esdh/xml/schemas/2007/01/05/" xsi:noNamespaceSchemaLocation="SearchCaseFile.xsd">
[0x9][0x9]<edoc:CaseFileSearch>
[0x9][0x9][0x9]<edoc:UserIdentifier>edoc4dummyuser</edoc:UserIdentifier>
[0x9][0x9][0x9]<edoc:SearchCriterias>
[0x9][0x9][0x9][0x9]<edoc:Summary>ESDH_ID{b137675c-425b-4ce5-adae-c8dd8ed372f5}*</edoc:Summary>
[0x9][0x9][0x9]</edoc:SearchCriterias>
[0x9][0x9][0x9]<edoc:ResultFields>
[0x9][0x9][0x9][0x9]<edoc:CaseFileIdentifier></edoc:CaseFileIdentifier>
[0x9][0x9][0x9]</edoc:ResultFields>
[0x9][0x9]</edoc:CaseFileSearch>
[0x9]</Root>]]>
</tem:XmlDocument>
</tem:SearchCaseFile>

</soapenv:Body>
</soapenv:Envelope>

Thu Feb 24 14:17:36 CET 2022: DEBUG: http-incoming <<
HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Type: text/xml; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Persistent-Auth: true
X-Powered-By: ASP.NET
Date: Thu, 24 Feb 2022 13:17:36 GMT
Content-Length: 43135

<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>[Valid SOAP Response REMOVED]</soap:Body></soap:Envelope>

Thu Feb 24 14:17:38 CET 2022: DEBUG: http-outgoing >>
POST /eDocDotNetAPI/WSeDocAPI.asmx HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: text/xml;charset=UTF-8
SOAPAction: "http://tempuri.org/SearchCaseFile"
Content-Length: 971
Host: edoc5-t.corp.silk.dk:8090
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.5.5 (Java/16.0.1)

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:tem="http://tempuri.org/">
<soapenv:Header/>
<soapenv:Body>
<tem:SearchCaseFile>

<tem:XmlDocument>
[0x9]<![CDATA[<Root xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:edoc="http://www.fujitsu.dk/esdh/xml/schemas/2007/01/05/" xsi:noNamespaceSchemaLocation="SearchCaseFile.xsd">
[0x9][0x9]<edoc:CaseFileSearch>
[0x9][0x9][0x9]<edoc:UserIdentifier>edoc4dummyuser</edoc:UserIdentifier>
[0x9][0x9][0x9]<edoc:SearchCriterias>
[0x9][0x9][0x9][0x9]<edoc:Summary>ESDH_ID{b137675c-425b-4ce5-adae-c8dd8ed372f5}*</edoc:Summary>
[0x9][0x9][0x9]</edoc:SearchCriterias>
[0x9][0x9][0x9]<edoc:ResultFields>
[0x9][0x9][0x9][0x9]<edoc:CaseFileIdentifier></edoc:CaseFileIdentifier>
[0x9][0x9][0x9]</edoc:ResultFields>
[0x9][0x9]</edoc:CaseFileSearch>
[0x9]</Root>]]>
</tem:XmlDocument>
</tem:SearchCaseFile>

</soapenv:Body>
</soapenv:Envelope>

Thu Feb 24 14:17:38 CET 2022: DEBUG: http-incoming <<
HTTP/1.1 500 Internal Server Error
Cache-Control: private
Content-Type: text/xml; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Persistent-Auth: true
X-Powered-By: ASP.NET
Date: Thu, 24 Feb 2022 13:17:38 GMT
Content-Length: 420

<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>Server was unable to process request. ---> No Authorization Header provided</faultstring><detail /></soap:Fault></soap:Body></soap:Envelope>

richie · Answer

Hey&nbsp;shoxbro&nbsp;
&nbsp;
Have you tried hardcoding the Authorization header rather than allowing SoapUI to dynamically generate it?
&nbsp;
If you manually add an Authorization header into the request - I've found this has worked for me before when the header didn't appear as I expected
&nbsp;
Cheers,
&nbsp;
Rich

shoxbro · Answer

Hi&nbsp;richie&nbsp;No - I have not tried "manually" setting the Authorization header - yet 🙂But I would rather use the built-in mechanism.

Forum Discussion

SoapUI does not include Authentication header in SOAP request

2 Replies

Related Content

JDBC Request errors when semicolon is included in SQL

ReadyAPI Authentication

Cookie Authentication

"You need to authenticate to get the requested resource" useless error

SOAPUI. Accessing a basic authentication webservice through companies web proxy

Recent Discussions

Introducing the new SmartBear DevRel Newsletter

Testing REST API with SoapUI - Emmanuel Katto Uganda

OAuth 2.0 Authorization Code Grant problem

Unsupported or unrecognized SSL message for Mock request in Soapui

Support soapui-maven-plugin Java 17