Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn more

View all

Sign in to view all badges

SOLVED

Authentication error while calling custom created Method via SOAP

nadeema90078524
Level 2
Level 2

Authentication error while calling custom created Method via SOAP. However i am able to call xtk:session logon method from SOAP for same adobe environment.Do we have any access that we need to grant while calling custom method from SOAP .

For testing purpose do we have any kind of access or permission required on schema level which will allow us to test the custom method created.

Message was edited by: Florent Le Borgne (Shortened title for understanding)

1 Accepted Solution
uagnihotri
Correct answer by
Level 3
Level 3

I was able to resolve the issue by adding the attribute sessionTokenOnly="true" on the public & vpn security zone. I changed the security zones that are defined in serverConf.xml. Example as given below:

<securityZone allowDebug="false" sessionTokenOnly="true" allowHTTP="false" allowSQLInjection="false" label="Public Network" name="public"> 

    <subNetwork label="All addresses" mask="*" name="all" proxy="127.0.0.1, ::1"/> 

    <securityZone allowDebug="true" sessionTokenOnly="true" allowHTTP="false" allowSQLInjection="false" label="Private Network (VPN)" name="vpn" showErrors="true"> 

      <securityZone allowDebug="true" allowEmptyPassword="false" allowHTTP="true" allowSQLInjection="false" allowUserPassword="false" label="Private Network (LAN)" name="lan" sessionTokenOnly="true" showErrors="true"> 

        <subNetwork label="Lan 1" mask="192.168.0.0/16" name="lan1" proxy="127.0.0.1, ::1"/> 

        <subNetwork label="Lan 2" mask="172.16.0.0/12" name="lan2" proxy="127.0.0.1, ::1"/> 

        <subNetwork label="Lan 3" mask="10.0.0.0/8" name="lan3" proxy="127.0.0.1, ::1"/> 

        <subNetwork label="Localhost" mask="127.0.0.0/8" name="localhost" proxy="127.0.0.1, ::1"/> 

        <subNetwork label="Lan (IPv6)" mask="fc00::/7" name="lan6" proxy="127.0.0.1, ::1"/> 

        <subNetwork label="Lan (IPv6)" mask="fe80::/10" name="lan6b" proxy="127.0.0.1, ::1"/> 

        <subNetwork label="Localhost (IPv6)" mask="::1/128" name="localhost6" proxy="127.0.0.1, ::1"/> 

      </securityZone> 

    </securityZone> 

  </securityZone>

View solution in original post

12 Replies
florentlb
Level 10
Level 10

Hi,

Have you seen this page? Web service calls

There is an example in it that can help checking your code.

Hope this helps,

Florent

nadeema90078524
Level 2
Level 2

HI Florent,

I tried , but getting below error while trying to call via javaScript

"the user/password authentication is not authorized for '******67' login via the '127.0.0.1' address"

Amit_Kumar
Community Advisor
Community Advisor

Hi,

Your server is not accepting localhost ip address for authentication. check for allowed ip address in your server configurations. or try from authorized ip address.

Regards,

Amit

nadeema90078524
Level 2
Level 2

Thanks Amit,

So basically i need to register my IP in Server Configuration? but generally we don't set IP address. As i am able to use the same in Training environment   without any IP config.

Is there any parameter at Server Configuration to allow calls from intranet ?

Thanks

Nadeem

David__Garcia
Level 8
Level 8

You need to whitelist the IP/range through security zones. or on that particular account on Operators.

Go to "Administration\Access Management\ Operators\%youracc%\ Access Rights\" then go to lower panel "Security settings" Edit the access parameters and start from there.

​more information here https://docs.campaign.adobe.com/doc/AC6.1/en/Technotes/AdobeCampaign_Deliverability_Configuring_Secu...

Security zones looks something like the following in serverConf.xml or config-yourinstance.xml

    <!-- Security zone

       allowDebug :  Authorize debug mode for Web applications Default: false

       allowEmptyPassword :  Authorize the user to use the application without a password Default: false

       allowHTTP :  Authorize the use of HTTP for operator logon Default: false

       allowSQLInjection :  Authorize the use of SQLDATA in expressions Default: false

       allowUserPassword :  Authorize user/password session tokens Default: false

       label :  Label Default: NewLabel()

       name :  Internal name Default: NewName()

       sessionTokenOnly :  Do not use the security token Default: false

       showErrors :  Display error details Default: false -->

      <!-- subNetwork :  Sub-network

         label :  Label Default: NewLabel()

         mask :  Mask or address

         name :  Internal name Default: NewName()

         proxy :  Mask or address of (reverse) proxy used by this sub-network to access the instance. In this case, the 'X-Forwarded-For' header will be tested instead of this proxy. Default: 127.0.0.1 -->

      <!-- securityZone :  

         -->

  <securityZone allowDebug="false" allowHTTP="false" allowSQLInjection="false" label="Public Network"

                name="public">

    <subNetwork label="All addresses" mask="*" name="all" proxy="127.0.0.1, ::1"/>

    <securityZone allowDebug="true" allowHTTP="false" allowSQLInjection="false" label="Private Network (VPN)"

                  name="vpn" showErrors="true">

      <securityZone allowDebug="true" allowEmptyPassword="false" allowHTTP="true"

                    allowSQLInjection="false" allowUserPassword="false" label="Private Network (LAN)"

                    name="lan" sessionTokenOnly="true" showErrors="true">

        <subNetwork label="Lan 1" mask="192.168.0.0/16" name="lan1" proxy="127.0.0.1, ::1"/>

        <subNetwork label="Lan 2" mask="172.16.0.0/12" name="lan2" proxy="127.0.0.1, ::1"/>

        <subNetwork label="Lan 3" mask="10.0.0.0/8" name="lan3" proxy="127.0.0.1, ::1"/>

        <subNetwork label="Localhost" mask="127.0.0.0/8" name="localhost" proxy="127.0.0.1, ::1"/>

        <subNetwork label="Lan (IPv6)" mask="fc00::/7" name="lan6" proxy="127.0.0.1, ::1"/>

        <subNetwork label="Lan (IPv6)" mask="fe80::/10" name="lan6b" proxy="127.0.0.1, ::1"/>

        <subNetwork label="Localhost (IPv6)" mask="::1/128" name="localhost6" proxy="127.0.0.1, ::1"/>

      </securityZone>

    </securityZone>

  </securityZone>

nadeema90078524
Level 2
Level 2

Hi David ,

IP 127.0.0.1 is already masked at operator level ""Administration\Access Management\ Operators\%youracc%\ Access Rights\" then go to lower panel "Security settings" Edit the access parameters "

I will have to  look into serverConf.xml or config-yourinstance.xml .

uagnihotri
Level 3
Level 3

Were you able to resolve the issue? I am having the same issue.

florentlb
Level 10
Level 10

Hi Nadeem,

Could you find a way through?

Florent

uagnihotri
Correct answer by
Level 3
Level 3

I was able to resolve the issue by adding the attribute sessionTokenOnly="true" on the public & vpn security zone. I changed the security zones that are defined in serverConf.xml. Example as given below:

<securityZone allowDebug="false" sessionTokenOnly="true" allowHTTP="false" allowSQLInjection="false" label="Public Network" name="public"> 

    <subNetwork label="All addresses" mask="*" name="all" proxy="127.0.0.1, ::1"/> 

    <securityZone allowDebug="true" sessionTokenOnly="true" allowHTTP="false" allowSQLInjection="false" label="Private Network (VPN)" name="vpn" showErrors="true"> 

      <securityZone allowDebug="true" allowEmptyPassword="false" allowHTTP="true" allowSQLInjection="false" allowUserPassword="false" label="Private Network (LAN)" name="lan" sessionTokenOnly="true" showErrors="true"> 

        <subNetwork label="Lan 1" mask="192.168.0.0/16" name="lan1" proxy="127.0.0.1, ::1"/> 

        <subNetwork label="Lan 2" mask="172.16.0.0/12" name="lan2" proxy="127.0.0.1, ::1"/> 

        <subNetwork label="Lan 3" mask="10.0.0.0/8" name="lan3" proxy="127.0.0.1, ::1"/> 

        <subNetwork label="Localhost" mask="127.0.0.0/8" name="localhost" proxy="127.0.0.1, ::1"/> 

        <subNetwork label="Lan (IPv6)" mask="fc00::/7" name="lan6" proxy="127.0.0.1, ::1"/> 

        <subNetwork label="Lan (IPv6)" mask="fe80::/10" name="lan6b" proxy="127.0.0.1, ::1"/> 

        <subNetwork label="Localhost (IPv6)" mask="::1/128" name="localhost6" proxy="127.0.0.1, ::1"/> 

      </securityZone> 

    </securityZone> 

  </securityZone>

View solution in original post

vidyas77336264
Level 2
Level 2

Hi All,

I'm facing the same issue. We are on a hybrid model and marketing and frontal servers are not on the same system.

"the user/password authentication is not authorized for '******ar' login via the '0.0.0.0.0.0.0.1' address".

SessionToken is set to true in config file.

Thanks,
Vidya Shivakumar

Adhiyan
Employee
Employee

Hi Vidya,

Please perform the below steps to resolve this issue :

1>. Update the allowUserPassword attribute to true in lan security zone in serverconf.xml and webservices security zone in config-instance.xml

2>. add the IPv6 IP coming in the error :0:0:0:0:0:0:0:1 in both lan and webservice security zone (Lan in serverconf.xml and webservice in config-instance.xml )

In the below format :

<subNetwork label="ipv6local" mask="0:0:0:0:0:0:0:1" name="localIPv6" proxy="127.0.0.1,10.0.0.0/8,::1"/>

Restart web and Apache after that.

This would resolve the error you are seeing.

Regards,
Adhiyan

vidyas77336264
Level 2
Level 2

Hi Adhiyan,

I followed the steps you mentioned and it still did not work.

Then we changed on the frontal server Serverconf.xml.

In the  <!-- List of URLs to relay (insert order defines priority).

Section…

We changed all the http://localhost:8080

To point to the campaign server.. e.g:  http://<instanceName>:8080

Thank you for your inputs Adhiyan, appreciate it!

Thanks,

Vidya Shivakumar