I am getting the following error when i post the document to TN,
“The user that posted this document (Default) could not be associated with a partner to check their identity.”
In the sequence of documents that i send to TN, for one of the document the user id in the activity log changes to Default. The flow service is invoked over HTTP by an external non-webMethods client which then takes the content of the HTTP post and sends it to TN. The entry in the activity log for this document shows the user id as “Default” and for all the others it shows as Administrator. Is there any way to change this user to Administrator or is there any way to allow DEfault user to go through as well.
what http service you are invoking to TN?Please make sure the service Settings/ACL is Internal or Administrator or change it to some other than Default value depends on the security you wanted to.
The flow service is invoked over HTTP by an external user and such that he is not prompted for username and password for the invoke we changed the ACL for the service to Anonymous, the ACL for the folder is Internal. The user is created in webMethods but he is not included in the Administrators group otherwise we could have changed the ACL for the service to Administrators.
For now i am making that service write to a file and then i have created a FilePoller which picks up the file and posts it to TN, now you know that File Poller can be configured to be run as an Administrator user so it is working fine. But this is still a stop gap arrangement until i find a way to directly write to TN from the flow service instead of doing IO.
Is the service that the external user is invoking exposed to the Internet at large? Meaning, can anybody in the world who knows the URL invoke the service? Does the service do anything meaningful, like submit orders, or payments or something else significant?
TN services can be invoked directly but TN is designed to provide security. It does this by confirming that the user credentials used to connect to IS/TN are associated with the profile identified as the sender within the document. Bypassing these mechanisms, including running everything as Administrator, circumvents these facilities and may present a serious security issue.
Can you describe a bit more about what the TN processing is doing? Knowing that we can provide better guidance.
I am getting the same error in TN. I am perfroming the same task as gaurav was doing.
Let me explain in detail
An external application (internal to our company) sends XML data via http by invoking webMethods flow service that has Execute ACL as Anonymous. So no userId/password is required for the external application to invoke this flow service.
Inside the flow service, we collect the XML data via xmlNodeToDocument service and then set Sender ID, Receiver Id and Conversation ID to the xml document and then use recordToBizdoc and tn:submit services to submit the final xml to TN. The submitting to TN is to log the data and invoke a process model.
If I code all of them in the same flow service then this problem arises.
To get rid of this issue, I am breaking the whole service into 2 services. Flow service 1 will collect the XML and prepare the final XML (along with added Sender,Receiver, Conversation IDs) and then invokes Flow Service 2 sending this XML has input via http using user in webMethods IS. This flow service will have xmlNodeToDocument, wm.tn.doc.xml:recordToBizdoc and wm.tn:submit in it. Now I dont see this issue
After submitting to TN to maintain log, a process model will be invoked.
Please correct me if I am doing anything wrong or suggest me a simple way to do this.
What error are you getting?Can you give us details on your error or activity log?
In you 2nd flow instead of recordtoBizdoc and tn.submit you can also use DocumentToXMLString and XMLStringToNode and tn.doc.xml:routeXML this will route the XML to TN and continue with your process model steps.
“After submitting to TN to maintain log, a process model will be invoked.”
what does this step does?
I am not getting any error. The document was successfully posted to TN and in the Activity Log the user ID shous as ‘Default’ with the following message “The user that posted this document (Default) could not be associated with a partner to check their identity.”
I’ll definitely try your DocumentToXMLString and XMLStringToNode and tn.doc.xml:routeXML and keep you posted.
“After submitting to TN to maintain log, a process model will be invoked.”
what does this step does?
→ After the document is submitted to TN, a process model gets invoked. The purpose of submitting data to TN is for logging.