Hello
I created a Flow Service and put all the ACLs it set for Permissions to be Anonymous in WM9.12, but when I call it via the Browser it
sometimes lets you enter a username and password to verify login, sometimes Do not need to verify, I do not know what’s the problem
here? Is there any way to remove this verification?
Set execute ACL of the flow service to Anonymous and the url is (if service exists in mahesh:test_1
http://ip:port/invoke/mahesh/test_1?
Also setting Anonymous access is not a good practice and it will lead to security risk. Reconsider your design approach.
Hi M@he$h
The Flow Service must anonymously call inside us via Browser, our previous settings are the same as you provided, but the problem has always existed. Can you help provide a better way to solve this verification problem?
Hi Ng,
What is the current settings you have in that invoking service for executeACL ?
If still doesn’t work then you may have to set all permissions to Anonymous (assuming you know the risk) and always try to create custom ACL and define the permissions to keep the service invocation secured.
HTH,
RMG
Hi RMG
Yes,The set all permissions setting for our Flow Service is Anonymous and it’s for our internal use only. This problem sometimes occurs, but sometimes it is normal. I use the relatively low webMethods version is not seen this problem, I do not know if this is not related to Session Timeout? We also found no error message on Log.
You may do like below:
Hi RMG
Yes,The set all permissions setting for our Flow Service is Anonymous and it’s for our internal use only. This problem sometimes occurs, but sometimes it is normal. I use the relatively low webMethods version is not seen this problem, I do not know if this is not related to Session Timeout? We also found no error message on Log.
[/quote]
OK that’s strange…It shouldn’t be that way and is there any RI server involved here?
OK that’s strange…It shouldn’t be that way and is there any RI server involved here?
[/quote]
Hi RMG
It’s a simple URL (http: // host: port / invoke / TEST / test1? Input =) called through the browser, but my package was migrated from the lower-level version of webMethods to WM9.12 and my flow service was built on On this package, am I considering webMethods version compatibility issues?
For test, create a sample service on IS 9.12 and test. If you see the same issue with this service raise SR to SAG support.
Ng,
Yes I agree with Mahesh and may be those are the next steps for troubleshooting it further!
HTH,
RMG
Hi Ng,
I suspect it might be Browser issue. As we know some browsers generally store the sessions and cookies and they will use same when login again and wont ask credentials.
I suggest you to check Browser setting and try again.
Thanks,
Vinay.
Hi Vinay
We consider the browser as you suggest the problem, and the site set up a trusted site, use the IE 11 browser to test, as if this problem is no longer there, but I go to connect after some time, In the Network Monitor record, it reports a new error message: Machine Code Value
Response HTTP / 1.1 401 [ISS.0084.9013] Invalid or expired session identifier.
Try to change the Flow Service’s Stateless to false
Hi Xiaowei
The Stateless 's default value is false(Properties>Property>Run time>stateless),We are trying other ways to solve this problem, which we have never seen before.
Any more support/advise you got from SAG support team on this abnormal issue apart from all the tries here?
Regards,
RMG
hi Ng,
has this issue resolved, we are also having the same kind of issue when the browser sends old session and IS prompts back the username/password
Hi Padala
Yes,we have resolved this issue.Maybe you could try add watt.security.session.forceReauthOnExpiration=false in Integration Server menu>>Settings>>Extended Settings and restart Integration Server.
Thanks, Niko! That workaround did the trick for now, though it seems to not fix the root cause which I’m still investigating.