Can't find service-- PUT vs GET problem?

[Roy Wood <ro...@filogix.com>]

I don't know if this is more of a TomCat problem or an Axis problem, but 
here goes.

I've set up TomCat to do digest authentication for my Axis service, and 
that is working fine.  For example, if I protect all of the axis realm, 
then I need to supply a userid and password to even see axis/index.html 
or axis/happyaxis.jsp, and it works fine.

Unfortunately, when I try to access my actual service, I get the 
following response:

     <h1>RoysSOAPService</h1>
     <p>Hi there, this is an AXIS service!</p>
     <i>Perhaps there will be a form for invoking the service here...</i>


With authentication disabled, everything is perfect.  It's just when I 
enable authentication that I am prevented from accessing the service.

I am calling this from a non-Java client, and am actually building the 
headers by hand (don't ask-- it's a legacy product), and am thus very 
aware of everything going on during the transaction.  With 
digest-authentication enabled, I know that I get an initial 401 response 
from Tomcat, to which I reply with all the proper stuff in the 
"Authorization:" header line of the subsequent request I send.

One thing I notice is that if I use "PUT" as the HTTP method when I am 
calculating the MD5 hash response, Tomcat refuses to authenticate me.  
If, however, I use "GET" as my HTTP method when calculating the hash, 
Tomcat accepts the results.  Note that in both cases, I really am doing 
an HTTP "PUT" in order to call the SOAP service!

I suspect that the abovementioned oddity is the source of the problem, 
since the response get from Axis looks like a default response to a GET 
request.


Anyone have any bright ideas?


-Roy




"Disclaimer ­ The opinions expressed in this message are strictly 
personal and do not necessarily reflect those of FiLogix." 

Re: Can't find service-- PUT vs GET problem?

[Benjamin Tomasini <bt...@neteverything.com>]

Use POST?

On Wed, 2003-01-29 at 14:51, Roy Wood wrote:
> I don't know if this is more of a TomCat problem or an Axis problem, but 
> here goes.
> 
> I've set up TomCat to do digest authentication for my Axis service, and 
> that is working fine.  For example, if I protect all of the axis realm, 
> then I need to supply a userid and password to even see axis/index.html 
> or axis/happyaxis.jsp, and it works fine.
> 
> Unfortunately, when I try to access my actual service, I get the 
> following response:
> 
>      <h1>RoysSOAPService</h1>
>      <p>Hi there, this is an AXIS service!</p>
>      <i>Perhaps there will be a form for invoking the service here...</i>
> 
> 
> With authentication disabled, everything is perfect.  It's just when I 
> enable authentication that I am prevented from accessing the service.
> 
> I am calling this from a non-Java client, and am actually building the 
> headers by hand (don't ask-- it's a legacy product), and am thus very 
> aware of everything going on during the transaction.  With 
> digest-authentication enabled, I know that I get an initial 401 response 
> from Tomcat, to which I reply with all the proper stuff in the 
> "Authorization:" header line of the subsequent request I send.
> 
> One thing I notice is that if I use "PUT" as the HTTP method when I am 
> calculating the MD5 hash response, Tomcat refuses to authenticate me.  
> If, however, I use "GET" as my HTTP method when calculating the hash, 
> Tomcat accepts the results.  Note that in both cases, I really am doing 
> an HTTP "PUT" in order to call the SOAP service!
> 
> I suspect that the abovementioned oddity is the source of the problem, 
> since the response get from Axis looks like a default response to a GET 
> request.
> 
> 
> Anyone have any bright ideas?
> 
> 
> -Roy
> 
> 
> 
> 
> "Disclaimer ­ The opinions expressed in this message are strictly 
> personal and do not necessarily reflect those of FiLogix." 
>