Partner having trouble executing wm.tn:receive

sksapcv06 · August 19, 2010, 6:23am

Hello,

We have a partner uses https connection and executes wm.tn:receive service to post data to TN.

We are trying to implement this using https port and request client certificates.

when the client sends the request, does he has to use his certificate? or our certificate? I already uploaded his certificates using import client certificates feature and assigned user to it.

When the client connect to us, we are seeing this message in server.log.

body { margin: 0 0 0 0; padding:0 0 0 0 }td,div { font-family:Tahoma;font-size:8pt;vertical-align:top }body { margin: 0 0 0 0; padding:0 0 0 0; overflow:hidden; }.transcript { background-color:#d2d2d2; }.messageBlock { margin-left:4px; margin-bottom:3px }.message { margin-left:100px; word-wrap:break-word; white-space:-moz-pre-wrap; _white-space:pre; }.messageCont { margin-left:100px; word-wrap:break-word; white-space:-moz-pre-wrap; _white-space:pre;}.other { overflow:hidden;color:#39577a;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.myself { overflow:hidden;color:#da8103;font-style:normal;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont { font-size:8px;text-align:right; color:#39577a;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.myselfCont { font-size:8px;text-align:right; color:#da8103;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.system { margin-left:4px; word-wrap:break-word;color:#da8103;font-style:normal;font-weight:normal; white-space:-moz-pre-wrap; _white-space:pre; }.showTimestamp { padding-left:8px; margin-right:3px; float:right; color:#999999;font-style:normal;font-weight:normal; }.other1 { color:#ac2000;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont1 { font-size:8px;text-align:right; color:#ac2000;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.other2 { color:#3c9fa8;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont2 { font-size:8px;text-align:right; color:#3c9fa8;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.other3 { color:#e25614;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont3 { font-size:8px;text-align:right; color:#e25614;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.other4 { color:#0b6ac8;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont4 { font-size:8px;text-align:right; color:#0b6ac8;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.other5 { color:#b23290;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont5 { font-size:8px;text-align:right; color:#b23290;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.other6 { color:#02e7c7;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont6 { font-size:8px;text-align:right; color:#02e7c7;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.other7 { color:#5b3284;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont7 { font-size:8px;text-align:right; color:#5b3284;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.highlight { background-color:#bed6f8; }.datestamp { cursor:default; margin-bottom:1px; background-color:#c0c0c0; width:100%; float:left; text-align:right; color:#ffffff; font-weight:bold; font-style:italic; }#chatAlert { float:left; border-bottom:1px solid #E8D091; padding:6px; width:100%; color:#A5754C; }#chatAlertImage { float:left; }#chatAlertText { float:left; margin-left:6px; }#chatAlertClose { float:right; margin-right:10px; padding-right:6px; margin-top:0px; }#chatAlertText a { color:#A5754C; }#chatAlertText a:hover { color:#A5754C; text-decoration:none; }.tsDisplay { display:block }.dsDisplay { display:none } body { margin: 0 0 0 0; padding:0 0 0 0 }td,div { font-family:Tahoma;font-size:8pt;vertical-align:top }body { margin: 0 0 0 0; padding:0 0 0 0; overflow:hidden; }.transcript { background-color:#d2d2d2; }.messageBlock { margin-left:4px; margin-bottom:3px }.message { margin-left:100px; word-wrap:break-word; white-space:-moz-pre-wrap; _white-space:pre; }.messageCont { margin-left:100px; word-wrap:break-word; white-space:-moz-pre-wrap; _white-space:pre;}.other { overflow:hidden;color:#39577a;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.myself { overflow:hidden;color:#da8103;font-style:normal;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont { font-size:8px;text-align:right; color:#39577a;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.myselfCont { font-size:8px;text-align:right; color:#da8103;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.system { margin-left:4px; word-wrap:break-word;color:#da8103;font-style:normal;font-weight:normal; white-space:-moz-pre-wrap; _white-space:pre; }.showTimestamp { padding-left:8px; margin-right:3px; float:right; color:#999999;font-style:normal;font-weight:normal; }.other1 { color:#ac2000;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont1 { font-size:8px;text-align:right; color:#ac2000;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.other2 { color:#3c9fa8;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont2 { font-size:8px;text-align:right; color:#3c9fa8;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.other3 { color:#e25614;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont3 { font-size:8px;text-align:right; color:#e25614;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.other4 { color:#0b6ac8;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont4 { font-size:8px;text-align:right; color:#0b6ac8;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.other5 { color:#b23290;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont5 { font-size:8px;text-align:right; color:#b23290;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.other6 { color:#02e7c7;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont6 { font-size:8px;text-align:right; color:#02e7c7;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.other7 { color:#5b3284;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont7 { font-size:8px;text-align:right; color:#5b3284;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.highlight { background-color:#bed6f8; }.datestamp { cursor:default; margin-bottom:1px; background-color:#c0c0c0; width:100%; float:left; text-align:right; color:#ffffff; font-weight:bold; font-style:italic; }#chatAlert { float:left; border-bottom:1px solid #E8D091; padding:6px; width:100%; color:#A5754C; }#chatAlertImage { float:left; }#chatAlertText { float:left; margin-left:6px; }#chatAlertClose { float:right; margin-right:10px; padding-right:6px; margin-top:0px; }#chatAlertText a { color:#A5754C; }#chatAlertText a:hover { color:#A5754C; text-decoration:none; }.tsDisplay { display:block }.dsDisplay { display:none } body { margin: 0 0 0 0; padding:0 0 0 0 }td,div { font-family:Tahoma;font-size:8pt;vertical-align:top }body { margin: 0 0 0 0; padding:0 0 0 0; overflow:hidden; }.transcript { background-color:#d2d2d2; }.messageBlock { margin-left:4px; margin-bottom:3px }.message { margin-left:100px; word-wrap:break-word; white-space:-moz-pre-wrap; _white-space:pre; }.messageCont { margin-left:100px; word-wrap:break-word; white-space:-moz-pre-wrap; _white-space:pre;}.other { overflow:hidden;color:#39577a;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.myself { overflow:hidden;color:#da8103;font-style:normal;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont { font-size:8px;text-align:right; color:#39577a;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.myselfCont { font-size:8px;text-align:right; color:#da8103;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.system { margin-left:4px; word-wrap:break-word;color:#da8103;font-style:normal;font-weight:normal; white-space:-moz-pre-wrap; _white-space:pre; }.showTimestamp { padding-left:8px; margin-right:3px; float:right; color:#999999;font-style:normal;font-weight:normal; }.other1 { color:#ac2000;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont1 { font-size:8px;text-align:right; color:#ac2000;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.other2 { color:#3c9fa8;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont2 { font-size:8px;text-align:right; color:#3c9fa8;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.other3 { color:#e25614;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont3 { font-size:8px;text-align:right; color:#e25614;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.other4 { color:#0b6ac8;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont4 { font-size:8px;text-align:right; color:#0b6ac8;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.other5 { color:#b23290;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont5 { font-size:8px;text-align:right; color:#b23290;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.other6 { color:#02e7c7;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont6 { font-size:8px;text-align:right; color:#02e7c7;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.other7 { color:#5b3284;vertical-align:top;font-weight:bold;font-style:normal;float:left; width:95px; }.otherCont7 { font-size:8px;text-align:right; color:#5b3284;font-family:Arial,Lucida Grande;font-style:normal;vertical-align:top;font-weight:bold;float:left; width:95px; }.highlight { background-color:#bed6f8; }.datestamp { cursor:default; margin-bottom:1px; background-color:#c0c0c0; width:100%; float:left; text-align:right; color:#ffffff; font-weight:bold; font-style:italic; }#chatAlert { float:left; border-bottom:1px solid #E8D091; padding:6px; width:100%; color:#A5754C; }#chatAlertImage { float:left; }#chatAlertText { float:left; margin-left:6px; }#chatAlertClose { float:right; margin-right:10px; padding-right:6px; margin-top:0px; }#chatAlertText a { color:#A5754C; }#chatAlertText a:hover { color:#A5754C; text-decoration:none; }.tsDisplay { display:block }.dsDisplay { display:none } 2010-08-18 14:02:07 CDT [ISC.0039.0001D] POST /invoke/wm.tn/receive
2010-08-18 14:02:07 CDT [ISC.0038.0002D] ← Reverse-Via: (PROXY SERVER NAME)
2010-08-18 14:02:07 CDT [ISC.0038.0002D] ← Host: XXX.eai.XXX.com:9220
2010-08-18 14:02:07 CDT [ISC.0038.0002D] ← Cookie: $Version=0; ssnid=; $Path=/
2010-08-18 14:02:07 CDT [ISC.0038.0002D] ← Content-Location: TW_STATUS_1282158127100.XML
2010-08-18 14:02:07 CDT [ISC.0038.0002D] ← content-type: text/xml; charset=UTF-8
2010-08-18 14:02:07 CDT [ISC.0038.0002D] ← User-Agent: Jakarta Commons-HttpClient/3.1
2010-08-18 14:02:07 CDT [ISC.0038.0002D] ← Connection: Keep-Alive
2010-08-18 14:02:07 CDT [ISC.0038.0002D] ← Content-Length: 2424
2010-08-18 14:02:07 CDT [ISS.0012.0003T] Client did not provide a session id so creating a new session 190b2c00aafb11dfb0a2e0254ce35fdf
2010-08-18 14:02:07 CDT [ISS.0014.0016T] Invoking service wm.tn:receive
2010-08-18 14:02:07 CDT [ISS.0033.0140T] Removed session 190b2c00aafb11dfb0a2e0254ce35fdf from memory.
2010-08-18 14:02:07 CDT [ISC.0038.0002D] → HTTP/1.1 401 [ISS.0084.9004] Access Denied
2010-08-18 14:02:07 CDT [ISC.0038.0002D] → Set-Cookie: ssnid=; path=/;
2010-08-18 14:02:07 CDT [ISC.0038.0002D] → Content-Type: text/html; charset=UTF-8
2010-08-18 14:02:07 CDT [ISC.0038.0002D] → Connection: close
2010-08-18 14:02:07 CDT [ISC.0038.0002D] → WWW-Authenticate: Basic realm=“webMethods”
2010-08-18 14:02:07 CDT [ISC.0038.0002D] → Content-Length: 2793

What does that mean? client using the wrong certificate and user not being mapped correctly to execute tn.receive service?

What certificate client should use while sending data to us? Is it his certficate or our certificate?

I imported clients cert and mapped it to user. Also placed his trusted certificates in trusted folder. Do I need to do anything else?

We don’t want to use user id and password to get in to our system. How this can be set up using client certificates?

I’m totally confused and can anyone please help me ASAP on this.

Thanks in advance.

Tong_Wang · August 20, 2010, 12:11am

If you know the IP of this client, check you session log, see if/which user + IP has a session created.

If yes, is it “default” user? if the case, that means the client is not authenticated properly, default user is used, and default use doesn’t have the privilege to access your specific service.
if it’s the user you created, then this user doesn’t have right group setting.
if no, then there is no session, authentication didn’t happen, check if you client system trust your server cert (assume your client cert settings are all correct).