Hi Vikas, I don't think you can (or perhaps should) include authentication steps in the BPEL.
What I have done in a similar situation is implement and register a handler which is similar to the org.apache.ode.axis2.hooks.SessionOutHandler which adds to the SOAP header the authentication data needed by the target service. Have a look the source for this handler and the declaration of its use in outflow in the conf/axis2.xml file. Alternatively, if your authentication pattern can be accommodated by it, you can use engage the Rampart module in outflow security. This would be the most preferred way but not sure if it supports an NTLM scenario. There are ample resources on using Rampart for ODE and Rampart itself on www.apache.org. -----Original Message----- From: Garg, Vikas [mailto:[email protected]] Sent: Wednesday, April 07, 2010 10:55 AM To: [email protected] Cc: Tammo van Lessen Subject: RE: Authentication issue while invoking external web service Hi All, Can someone please help me in resolving the issue mentioned below? Thanks, Vikas -----Original Message----- From: Garg, Vikas [mailto:[email protected]] Sent: Wednesday, April 07, 2010 3:27 PM To: [email protected] Cc: Tammo van Lessen Subject: Authentication issue while invoking external web service Hi All, I have written a BPEL process to invoke an external web service. My external web service is NTLM secured. When I execute the BPEL process, I get an unauthorized error as shown below. ERROR - GeronimoLog.error(108) | Error sending message (mex={PartnerRoleMex#hqejbhcnphr56gecaodraw [PID {http://callAX}CallAX-4] calling [email protected](...)}): Transport error: 401 Error: Unauthorized org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized at org.apache.axis2.transport.http.HTTPSender.handleResponse(HTTPSender.jav a:298) at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:1 92) at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77) at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageW ithCommons(CommonsHTTPTransportSender.java:327) at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(Common sHTTPTransportSender.java:206) at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:396) at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOper ation.java:374) Can you please tell me what needs to be done when the external web service is NTLM secured? How to provide the authentication details in the BPEL process so that it can invoke the external service? Any ideas.. Thanks in advance. Vikas
