REST Basic Authentication error at endpoint level
Version 5.2.1 on Windows When I add my HTTP Basic Authentication to individual REST requests, it works fine with my service. When I add the same username and password to my endpoint definition instead, I get an apache.httpclient.ClientProtocolException. Here are the log excerpts (with host names obscured). Note the original project endpoint was localhost:9080 (without authentication required), and the new one with it required is what I'm showing as real-endpoint-server. From SoapUI log: Tue Dec 01 18:35:44 CST 2015:DEBUG:Loading Definition... Tue Dec 01 18:35:44 CST 2015:INFO:Loading schema types from [http://localhost:9080.wadl] Tue Dec 01 18:35:44 CST 2015:INFO:Getting schema http://localhost:9080.wadl Tue Dec 01 18:35:44 CST 2015:DEBUG:Loaded Definition: ok Tue Dec 01 18:36:12 CST 2015:DEBUG:Attempt 1 to execute request Tue Dec 01 18:36:12 CST 2015:DEBUG:Sending request: GET /rbm/vehicle/my-item-number?vin=my-vin HTTP/1.1 Tue Dec 01 18:36:12 CST 2015:DEBUG:Receiving response: HTTP/1.1 401 Not authorized. Authentication required for protected file. Tue Dec 01 18:36:12 CST 2015:DEBUG:Connection can be kept alive indefinitely Tue Dec 01 18:36:12 CST 2015:DEBUG:Target requested authentication Tue Dec 01 18:36:12 CST 2015:DEBUG:Authorization challenge processed Tue Dec 01 18:36:12 CST 2015:DEBUG:Authentication scope: BASIC 'Renew_by_Mail'@real-endpoint-server:443 Tue Dec 01 18:36:12 CST 2015:INFO:real-endpoint-server:443 requires authentication with the realm 'Renew_by_Mail' Tue Dec 01 18:36:12 CST 2015:DEBUG:Found credentials Tue Dec 01 18:36:12 CST 2015:DEBUG:Attempt 2 to execute request Tue Dec 01 18:36:12 CST 2015:DEBUG:Sending request: GET /rbm/vehicle/my-item-number?vin=my-vin HTTP/1.1 Tue Dec 01 18:36:18 CST 2015:DEBUG:Connection closed Tue Dec 01 18:36:18 CST 2015:DEBUG:Connection shut down Tue Dec 01 18:36:18 CST 2015:ERROR:Exception in request: org.apache.http.client.ClientProtocolException Tue Dec 01 18:36:18 CST 2015:ERROR:An error occurred [org.apache.http.client.ClientProtocolException], see error log for details Tue Dec 01 18:36:18 CST 2015:INFO:Error getting response for [http://localhost:9080.vehicle:06975686]; org.apache.http.client.ClientProtocolException From error log: Tue Dec 01 18:36:18 CST 2015:ERROR:org.apache.http.client.ClientProtocolException org.apache.http.client.ClientProtocolException at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:822) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754) at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport$Helper.execute(HttpClientSupport.java:233) at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport.execute(HttpClientSupport.java:323) at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.submitRequest(HttpClientRequestTransport.java:290) at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.sendRequest(HttpClientRequestTransport.java:220) at com.eviware.soapui.impl.wsdl.WsdlSubmit.run(WsdlSubmit.java:119) at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) at java.util.concurrent.FutureTask.run(Unknown Source) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: org.apache.http.ProtocolException: The server failed to respond with a valid HTTP response at org.apache.http.impl.conn.DefaultResponseParser.parseHead(DefaultResponseParser.java:109) at org.apache.http.impl.io.AbstractMessageParser.parse(AbstractMessageParser.java:252) at org.apache.http.impl.AbstractHttpClientConnection.receiveResponseHeader(AbstractHttpClientConnection.java:281) at org.apache.http.impl.conn.DefaultClientConnection.receiveResponseHeader(DefaultClientConnection.java:247) at org.apache.http.impl.conn.AbstractClientConnAdapter.receiveResponseHeader(AbstractClientConnAdapter.java:219) at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport$SoapUIHttpRequestExecutor.doReceiveResponse(HttpClientSupport.java:147) at org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:125) at org.apache.http.impl.client.DefaultRequestDirector.tryExecute(DefaultRequestDirector.java:633) at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:454) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820) ... 11 more However, in http log, it does appear that a reasonable-looking reply was returned, along with a 200 response code. Which also matches my server's http log.5.3KViews0likes11CommentsHow to create SoapUI NG project from Swagger over HTTPS?
How do Icreate a SoapUI NG project from Swagger over HTTPS? I tried an see an error message An error of type SSLHandshakeException occurred. javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present Any help is appreciated. Thanks in advance.Solved3.8KViews0likes5CommentsAbility to access InSite Admin console via HTTPS
There should be a way to configureInSite boxes to use HTTPS rather than cleartext HTTP for the admin interface. As it is now, accessing these devices is done in an unsecure method which could be compromised. According to support, the 1.6.3 version of the software that is running on these boxes does not have this ability and although it is thought to be included ina future release, there is no predetermined date for release. This is just one of the features that these InSite boxes fail to provide for customers. As such, I believe that a more robust effort should be made to make the InSite boxes comparative in nature to running scripts through thepay per click methodology.2.2KViews0likes2CommentsHow to import Swagger definition over HTTPS behind basic authentication?
Hi, I would like to create a SoapUI NG project from a Swagger definition over HTTPS that is behind basic authentication. I'm using Ready! API 1.5.0, Swagger plugin 2.2.1. Ihave set up basic authentication in the auth repository in auth manager, but I can see in Fiddler that the credentials are not send toGET the Swagger definition. How can I use basic authentication when importing a Swagger definition? Thanks in advance! Markus2KViews0likes3CommentsSOAP/HTTPS -SSL Issue - Extension unknown: DER encoded OCTET
SOAPUI 5.2.1 (Open Source) on Windows 7 Enterprise Hi, We have a SOAP based web service runningon HTTPSon a remote server with the SSL Key signed by the internal CA. I downloaded the WSDL using the IE Browser over HTTPS and saved it into a file. Created new SOAPUI project using the WSDL file created in previous step with sample request messages created automatically. I installed client certificate as .PFX file in a local directory and updated global SSL Settings (File --> Preferences--> SSL Settings) pointing to the client.pfx file with password, also checked 'client authentication' box. Also edited SOAPUI-5.2.1.vmoptions with following parameter: -Dsun.security.ssl.allowUnsafeRenegotiation=true and edited soapui.bat with JAVA_OPTS with: -Dsoapui.https.protocols=TLSv1.2,TLSv1, SSLv3 -Dsoapui.https.ciphers=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA When I invoke the web service I get HTTP/1.1 200 OK in response header but I do not see anything in the response window which remains blank. There is also nothing in the 'error log'. when I look into the 'SSL info(1 certs)' and inspect it I can see certificate details with one interesting entrywhich says: [2]: ObjectId: 1.3.6.1.4.1.311.21.7 Criticality=false Extension unknown: DER encoded OCTET String = There are total 8 Certificate Extensions in the SSL Info (1 certs)tab. Need help resolve this error as we cannot make any progress. Really appreciate your help! Many Thanks! Salman2KViews0likes0CommentsCannot access objects inside an iframed HTTPS website using chrome
I'm trying to access elements inside a page that has been iframed into another page. I've tried setting the following flags for my Chrome browser: --disable-hang-monitor --allow-file-access-from-files --disable-web-security --user-data-dir=<profile> --disable-session-crashed-bubble It has been working for our development envt but once we get to production the frame no longer shows the child elements. I've noticed that this happens when the framed page is over https and not http Anybody know a solution to this? Firefox has no issues in detecting the objects regardless of the protocol the framed page is loaded1.3KViews0likes6CommentsUnable to test secured web services using SOAP UI
We are unable to test secured web services using SOAP UI. We are getting the below error when we download the WSDL. Please note that we are able to load non-secure WSDL,issue is with secure URL. This server supports TLSV1,TLSV1.2,TLSV1.2.When I enter secured WSDL URl in the browser address bar, it loads without any issues Error loading […..?wsdl]: java.lang.Exception: Failed to load url; …..wsdl, 0 We tried various options like a)Changing the protocols in vmoptions file. b)Loading certificate in Preference Tab->SSL Settings(.cert).Please note thatwe have exported the certificate from IEusing DER encoded binary X.509 (.CER?) file format. Personal Information Exchange is disabled. Request your help on this. Below is the error log Mon Apr 25 11:58:47 CDT 2016:ERROR:java.net.SocketException: Connection reset java.net.SocketException: Connection reset at java.net.SocketInputStream.read(Unknown Source) at java.net.SocketInputStream.read(Unknown Source) at sun.security.ssl.InputRecord.readFully(Unknown Source) at sun.security.ssl.InputRecord.read(Unknown Source) at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.writeRecord(Unknown Source) at sun.security.ssl.AppOutputStream.write(Unknown Source) at org.apache.http.impl.io.AbstractSessionOutputBuffer.flushBuffer(AbstractSessionOutputBuffer.java:131) at org.apache.http.impl.io.AbstractSessionOutputBuffer.write(AbstractSessionOutputBuffer.java:151) at org.apache.http.impl.conn.LoggingSessionOutputBuffer.write(LoggingSessionOutputBuffer.java:74) at org.apache.http.impl.io.ContentLengthOutputStream.write(ContentLengthOutputStream.java:114) at org.apache.http.impl.io.ContentLengthOutputStream.write(ContentLengthOutputStream.java:120) at org.apache.http.entity.ByteArrayEntity.writeTo(ByteArrayEntity.java:68) at org.apache.http.entity.HttpEntityWrapper.writeTo(HttpEntityWrapper.java:96) at org.apache.http.impl.client.EntityEnclosingRequestWrapper$EntityWrapper.writeTo(EntityEnclosingRequestWrapper.java:108) at org.apache.http.impl.entity.EntitySerializer.serialize(EntitySerializer.java:120) at org.apache.http.impl.AbstractHttpClientConnection.sendRequestEntity(AbstractHttpClientConnection.java:263) at org.apache.http.impl.conn.AbstractClientConnAdapter.sendRequestEntity(AbstractClientConnAdapter.java:227) at org.apache.http.protocol.HttpRequestExecutor.doSendRequest(HttpRequestExecutor.java:255) at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport$SoapUIHttpRequestExecutor.doSendRequest(HttpClientSupport.java:119) at org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:123) at org.apache.http.impl.client.DefaultRequestDirector.tryExecute(DefaultRequestDirector.java:633) at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:454) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754) at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport$Helper.execute(HttpClientSupport.java:233) at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport.execute(HttpClientSupport.java:323) at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.submitRequest(HttpClientRequestTransport.java:290) at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.sendRequest(HttpClientRequestTransport.java:220) at com.eviware.soapui.impl.wsdl.WsdlSubmit.run(WsdlSubmit.java:119) at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) at java.util.concurrent.FutureTask.run(Unknown Source) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source)1KViews0likes0CommentsMock Service security protocol control
In soapUI the security protocol can be controlled for client projects with an entry in the vmoptions config file E.G. -Dsoapui.https.protocols=SSLv3,TLSv1.2 However from my testing it looks like this option does not affect mock service projects.If there is currently a way tocontrol the protocol for mock service projects please let me know, if there isn't I will request it as a new feature. Thanks, Steve955Views0likes0Comments