May20

How to Disable SOAP Basic Authentication

There are ways to disable SOAP basic authentication.

1, Include j_username and j_password for SOAP Adapter in URL when invoke the Web Service.

2, Following below instruction to disable authentication for whole SOAP adapter.

in order to turn off the authentication for SOAP interface, please remove the authentication

restriction in web.xml for aii_af_soapadapter.sda.


Extract the SOAP-adapters WAR-file from the corresponding sda. Then extract the deployment-descriptor from the war-file and delete the related security-constraint, login-config and security-role sections (makes absolutely sense to save the original descriptor beforehand). ZIP the files again with the new deployment descriptor and deploy the SDA via SDM.


comment the following portion.( It's already commented below).

<!   security-constraint   >
<!
<security-constraint>
<display-name>message</display-name>
<web-resource-collection>
<web-resource-name>message</web-resource-name>
<url-pattern>MessageServlet</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>xi_adapter_soap_message</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<display-name>helper</display-name>
<web-resource-collection>
<web-resource-name>helper</web-resource-name>
<url-pattern>HelperServlet</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>xi_adapter_soap_helper</role-name>
</auth-constraint>
</security-constraint>
  >
<!   login-config   >
<!
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>XISOAPApps</realm-name>
</login-config>
  >
<!   security-role   >
<!
<security-role>
<role-name>xi_adapter_soap_message</role-name>
</security-role>
<security-role>
<role-name>xi_adapter_soap_helper</role-name>
</security-role>
  >


The safest way to change this web.xml is described as followed, you

could do the changes also direct on the file system, but it will need

reboot of J2EE and does not guarantee to work.


The web.xml is located in the aii_af_soapadapter.sda, please extract

this sda file with normal zip function. There is one

aii_af_soapadapter.war inside, please extract this war file again,

change the web.xml as described above. Please zip the folder with

modified web.xml for aii_af_soapadapter.war and than for the

aii_af_soapadapter.sda. Please do not modify the folder structure.

Deploy this modified sda with SDM. After the deployment you can double

check whether changes for web.xml is done on the file system, this

web.xml is located under

/usr/sap/xxx/DVEBMGS00/j2ee/cluster/server0/apps/sap.com/com.sap.aii.af.soapadapter/servlet_jsp/XISOAPAdapter/root/WEB-INF.

Restart J2EE server.

本篇文章已有0条评论