Zimbra

fmatar · #1 (**permalink**) 08-25-2010, 02:19 AM

I'm invoking SOAP requests from a Java client and pro grammatically writing the soap request and invoking it. The outcome of my request looks as follows:

Code:

<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
    <SOAP-ENV:Header>
        <context xmlns="urn:zimbra">
            <nosession/>
        </context>
    </SOAP-ENV:Header>
    <SOAP-ENV:Body>
        <AuthRequest xmlns="urn:zimbraAdmin">
            <name>admin</name>
            <password>testadmin</password>
        </AuthRequest>
    </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

The exception I get is the following:

Code:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Now on another hand if I use the zmsoap utility to send the same request the request succeeds and here's the output:

Code:

zmsoap -z AuthRequest/account=admin @by=name ../password=testadmin -vv

Output:

Code:

Sending admin auth request to https://localhost:7071/service/admin/soap
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
  <soap:Header>
    <context xmlns="urn:zimbra">
      <nosession/>
    </context>
  </soap:Header>
  <soap:Body>
    <AuthRequest xmlns="urn:zimbraAdmin">
      <name>zimbra</name>
      <password>***</password>
    </AuthRequest>
  </soap:Body>
</soap:Envelope>
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
  <soap:Header>
    <context xmlns="urn:zimbra"/>
  </soap:Header>
  <soap:Body>
    <AuthResponse xmlns="urn:zimbraAdmin">
      <authToken>0_005d6e520a976d2095e9908551d5bdde93cc2bb1_69643d33363a65306661666438392d313336302d313164392d383636312d3030306139356439386566323b6578703d31333a313238323737303134373538363b61646d696e3d313a313b747970653d363a7a696d6272613b</authToken>
      <lifetime>43200000</lifetime>
      <a n="zimbraIsDomainAdminAccount">false</a>
    </AuthResponse>
  </soap:Body>
</soap:Envelope>
Sending request to https://localhost:7071/service/admin/soap
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
  <soap:Header>
    <context xmlns="urn:zimbra">
      <authToken>0_005d6e520a976d2095e9908551d5bdde93cc2bb1_69643d33363a65306661666438392d313336302d313164392d383636312d3030306139356439386566323b6578703d31333a313238323737303134373538363b61646d696e3d313a313b747970653d363a7a696d6272613b</authToken>
      <nosession/>
    </context>
  </soap:Header>
  <soap:Body>
    <AuthRequest xmlns="urn:zimbraAdmin">
      <account by="name">admin</account>
      <password>***</password>
    </AuthRequest>
  </soap:Body>
</soap:Envelope>
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
  <soap:Header>
    <context xmlns="urn:zimbra">
      <change token="907"/>
    </context>
  </soap:Header>
  <soap:Body>
    <AuthResponse xmlns="urn:zimbraAdmin">
      <authToken>0_31eaf7e80c9e15c68a36f9d1e804d0724ad6dfa1_69643d33363a63646666663332332d383463372d343038662d393439352d3939396436386130333636623b6578703d31333a313238323737303134373637313b61646d696e3d313a313b747970653d363a7a696d6272613b</authToken>
      <lifetime>43200000</lifetime>
      <a n="zimbraIsDomainAdminAccount">false</a>
    </AuthResponse>
  </soap:Body>
</soap:Envelope>

What am I missing in here?

fmatar · #2 (**permalink**) 08-25-2010, 09:27 AM

I have sorted out this problem by installing the java certificate now I get an error of a different kind

The error is the following:

Code:

java.io.IOException: Server returned HTTP response code: 405 for URL: https://volcano.webpatterns.net:7071/service/admin/soap
java.io.IOException: Server returned HTTP response code: 405 for URL: https://volcano.webpatterns.net:7071/service/admin/soap?wsdl

What could be the cause of this?

marcmac · #3 (**permalink**) 08-25-2010, 09:38 AM

You should look in the server logs for the errors, but I think your auth request is invalid; you need a "by" attribute, and if you're doing an admin auth by name, you need the fully qualified email address.

fmatar · #4 (**permalink**) 08-25-2010, 09:57 AM

I don't think that's the actual problem, I have modified my SOAP request to authenticate a regular user, from zmsoap it works fine, the command looks as follows:

Code:

./zmsoap -m tom -p cruise -u https://localhost:7071/service/admin/soap --type account AuthRequest/account=tom @by=name ../password=cruise -vv

the output is as follows:

Code:

Sending auth request to https://localhost:7071/service/admin/soap
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
  <soap:Header>
    <context xmlns="urn:zimbra">
      <nosession/>
    </context>
  </soap:Header>
  <soap:Body>
    <AuthRequest xmlns="urn:zimbraAccount">
      <account by="name">tom</account>
      <password>***</password>
    </AuthRequest>
  </soap:Body>
</soap:Envelope>
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
  <soap:Header>
    <context xmlns="urn:zimbra">
      <change token="420"/>
    </context>
  </soap:Header>
  <soap:Body>
    <AuthResponse xmlns="urn:zimbraAccount">
      <authToken>0_25ef8acf5ba34db4629d9b99cf3eb91dc843d9a7_69643d33363a31633835323736312d346165392d343039342d613930312d6539383031393935646362343b6578703d31333a313238323932373932323031323b76763d313a313b747970653d363a7a696d6272613b</authToken>
      <lifetime>172800000</lifetime>
      <skin>beach</skin>
    </AuthResponse>
  </soap:Body>
</soap:Envelope>
Sending request to https://localhost:7071/service/admin/soap
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
  <soap:Header>
    <context xmlns="urn:zimbra">
      <authToken>0_25ef8acf5ba34db4629d9b99cf3eb91dc843d9a7_69643d33363a31633835323736312d346165392d343039342d613930312d6539383031393935646362343b6578703d31333a313238323932373932323031323b76763d313a313b747970653d363a7a696d6272613b</authToken>
      <nosession/>
    </context>
  </soap:Header>
  <soap:Body>
    <AuthRequest xmlns="urn:zimbraAccount">
      <account by="name">tom</account>
      <password>***</password>
    </AuthRequest>
  </soap:Body>
</soap:Envelope>
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
  <soap:Header>
    <context xmlns="urn:zimbra">
      <change token="420"/>
    </context>
  </soap:Header>
  <soap:Body>
    <AuthResponse xmlns="urn:zimbraAccount">
      <authToken>0_9a273e82149b90652ce8b765003dcf2204ea6ae2_69643d33363a31633835323736312d346165392d343039342d613930312d6539383031393935646362343b6578703d31333a313238323932373932323035353b76763d313a313b747970653d363a7a696d6272613b</authToken>
      <lifetime>172800000</lifetime>
      <skin>beach</skin>
    </AuthResponse>
  </soap:Body>
</soap:Envelope>

Now the same generated request, sent through the SOAP API is as follows:

Code:

<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
    <SOAP-ENV:Header>
        <context xmlns="urn:zimbra">
            <nosession/>
        </context>
    </SOAP-ENV:Header>
    <SOAP-ENV:Body>
        <AuthRequest xmlns="urn:zimbraAccount">
            <account by="name">tom</account>
            <password>cruite</password>
        </AuthRequest>
    </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

and the error I get is the following:

Code:

java.io.IOException: Server returned HTTP response code: 405 for URL: https://volcano.webpatterns.net:7071/service/admin/soap
java.io.IOException: Server returned HTTP response code: 405 for URL: https://volcano.webpatterns.net:7071/service/admin/soap?wsdl

Can anyone assist?

marcmac · #5 (**permalink**) 08-25-2010, 10:10 AM

Again, look at the logs on the server to see why it's throwing that 405 response (method not allowed). Is your script performing a GET? That wsdl fetch line is not really necessary.

fmatar · #6 (**permalink**) 08-25-2010, 10:38 AM

What log file should I check? I see tons of log files in the /opt/zimbra/log folder

marcmac · #7 (**permalink**) 08-25-2010, 10:51 AM

mailbox.log.

Since you're getting a 405 response, which is unusual, it would probably help to post the full HTTP headers from your client as well, since the soap looks right (though the password in your request has a typo, compared to the zmsoap command line invocation you posted).

fmatar · #8 (**permalink**) 08-25-2010, 11:51 AM

True there's a typo error in the entry above, now since i'm using the soap api directly, how do I post the http headers? the code I have looks as follows:

Code:

public SOAPMessage authenticateById(String urlStr, String id, String password) throws SOAPException, IOException {
        MessageFactory mf = MessageFactory.newInstance();
        SOAPMessage sm = mf.createMessage();
        SOAPHeader sh = sm.getSOAPHeader();
        SOAPBody sb = sm.getSOAPBody();
        
        /* Build soap header */
        QName headerName = new QName("urn:zimbra", "context");
        SOAPHeaderElement headerElement = sh.addHeaderElement(headerName);
        QName noSessionQName = new QName("nosession");
        headerElement.addChildElement(noSessionQName);

        /* Build soap body */
        QName serviceName = new QName("urn:zimbraAccount", "AuthRequest");
        SOAPBodyElement bodyElement = sb.addBodyElement(serviceName);
        QName nameQn = new QName("account");
        SOAPElement nameElementValue = bodyElement.addChildElement(nameQn);
        nameElementValue.addAttribute(new QName("by"), "name");
        nameElementValue.addTextNode(id);
        QName passwordQn = new QName("password");
        SOAPElement passwordElementValue = bodyElement.addChildElement(passwordQn);
        passwordElementValue.addTextNode(password);

        sm.writeTo(System.out);

        URL url = new URL(urlStr);
        Service service = Service.create(url, serviceName);

        Dispatch<SOAPMessage> dispatch = service.createDispatch(serviceName, SOAPMessage.class, Service.Mode.MESSAGE);
        SOAPMessage request = MessageFactory.newInstance().createMessage(null, new FileInputStream("result.xml"));
        SOAPMessage response = dispatch.invoke(request);
        response.writeTo(System.out);
        return sm;
    }

So basically to invoke the AuthRequest for user: henry with password 1234 at url https://localhost:7071/soap/admin/service you would do the following

Code:

  authenticateById("https://localhost:7071/service/admin/soap", "henry", "1234");

marcmac · #9 (**permalink**) 08-25-2010, 12:15 PM

There should be a way to have the API show the http(s) transaction, but you'll have to research the API docs to find it.

fmatar · #10 (**permalink**) 08-26-2010, 12:33 AM

The error has been resolved, I have updated my client to invoke the soap services differently and now they work like charm. Thanks for the feedback

Zimbra

Downloads

Product Information

Toolbox

Why Join?