HTTP Post string

I am trying to do an HTTP post from one service to another. I have a service acceptString, which simply accepts a string and concatenates it with another string. I wrote another little service called postString, which just calls pub.client:http. As input into the http service I have the URL http://server:port/invoke/folder:acceptString?input=%input%. (where input is the string to be passed to acceptString) If I try to go to this URL from the web browser it works fine, but when i try to run the service which calls the pub.client:http is gives the following error message:

Could not run ‘postString’. [ISC.0064.9314] Authorization Required: Invalid Session ID or Session Expired

I also put the username and password for the IS as input to the http call under the authentication information. Has anyone seen this error? What am I missing ?


It’s better not to include the input on the URL line. It may be interfering with the authentication mechanism. Try using “http://server:port/invoke/folder/acceptString” as the URL, and specify the “input” variable as a name/value pair in the data/args structure. Also make sure you’re using POST as the HTTP Method.

It still gives me the same error- I changed the URL address to take the input out of it- and I added the input as a name/value par in the args. When I set the value for the args I used “input” and “%input%” with variable substitution.

Any more thoughts?

Does anyone have any other ideas? I am sure someone is doing this somewhere.


I do that all the time. I usually write a set of testing services that drive my ‘real’ services via pub.client:http.

Few suggestions:

  1. Double check the ACL, group and username & password. Make sure the auth->type field is null.

  2. Crank up IS logging.

  3. If all else fails, run an HTTP snooper to make sure there is a HTTP auth header.

Hi Jessica,
If you are using IS4.6 then there is a patch for this issue FIX_125 from webMethods. I had the same issue and this patch fixed. If you need then I can email you the fix, basically its a jar file.


I am running IS 6.0.1. I will check the ACLs, is there anything else I can look for?


Something I have noticed previously, is that after some Developer inactivity (say you don’t run the service for 30 minutes) you get this exception. If you then disconnect and reconnect the Developer session to the IS, the service executes OK.

This may not be the problem in your case as you don’t say if you have ever SUCCESSFULLY run your postString service, but it’s definately something to be aware of.

If you’ve never successfully run the service, the most likely cause is incorrect port or ACL configuration. Make sure the username/password you are using is assigned to the ACL applied to your acceptString service and that this service is in the Allow List for the port you are using in the HTTP service call.

Also, if the input variable of the acceptString service is a String called “input”, make sure the data/args document (which is defined in the HTTP service input) has a child node of type string called “input”. Then make sure you map whatever data you want to pass into this variable into it.

Hope something here helps :slight_smile:

Andy Withers
Solutions Architect
Glue Ltd:

As a last step in your http client service, invoke PSUtilities.session:clearSession service. This will clear up session keys causing the error.
This service is in PSUtilities package thats available in advantage site.


By the way, Developer’s connection to IS is a single session. That means whatever you are running, eg. HTTP Post, DB connection. You will be using a single session, which as you can imagine this might run into some problems. DG’s suggestion is great if your service is primiary use from developer for debuging purpose. However, in general, a service running from browers will have limited session live span, therefore, no such need to clearSesssion. My suggestion is just run on browser using invoke :slight_smile:


You need to debug the service you are calling and make sure it doesn’t have any bug. If the service you are calling has a bug, you will see this authorization issue. There is probably no security issue here. One other idea is to start a event handler that report any exception. You then run your test again and look at the result of event handler to see what exception is being thrown. I suspect you will be fine when your called service is debugged.


Hi Geniuses,

I’m stuck up with a small problem.
I have a HTML page which is in the <package-name>/web directory.
When open this page in a browser, I’m prompted for the username/password which is webMethods authentication.
In this HTML page I have some links thru which I’m invoking other JSP pages.
In one of the link I have to invoke the work flow inbox for a particular user who has logged in to the HTML page. When I click on the link to open the work flow inbox, then a page opens up which again asks me for the username/password before opening the task window of that user.

I want to capture the username/password that the user gives when he logs in to the HTML page first time and then send the username/password combo to invoke the work flow inbox. I know how to send the username/password parameters thru URL to invoke directly the work-flow inbox.
What I don’t know is how to capture the username/password and how to save it so that I can use them for referring to other pages.


Check your “postString” service is under allowable list of the port that you are using to submit the request.
Admin > security > Port > go to your Port > click on Edit lable under Access Mode.

check whether your postString service is under allowable list or not.


I,ve seen the port setting as you have suggested. The “Access Mode” is “Allow By Default”.Do I need to put the postString service even now ?

If I’m doing deny by default then it shows the list of services and folders allowed by default.
Also, I’m unable to get the postString service to keep it under the allow list.

Kindly suggest