The open-source project soapUI (from eviware) is probably the most complete and easiest to use soap testing suite and it’s free. It is a great tool to test AIF-WebServices, too.
Authenticating AIF-Services is in most cases configured to be authenticated with Windows credentials and so with NTLM. So far soapUI only supports NTLMv1 and because of this you need to be sure that your server does support the NTLMv1 which is configured with the LmCompatibilityLevel property in the HKLM\SYSTEM\CurrentControlSet\Control\Lsa hive.
Configuring soapUI for authenticating with Ntlm is quite easy and well documented.
To authenticate with Ntlm to an AIF-WebService you just need to configure the username, password and domain:
and the WS-A the default wsa:To:
On the server side the binding needs to be configured for Ntlm-authentication on transport level. This is by default set to “Windows”:
Now soapUI can consume the AIF-WebService:
Aif, WebServices, BC.Net, troubleshooting and architecture (formerly http://blogs.msdn.com/floditt)
Search This Blog
01 July 2010
Testing AIF-WebServices with soapUI
Subscribe to:
Post Comments (Atom)
This comment has been removed by the author.
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteHi Florian, dear all,
ReplyDeleteFirst of all: Thanks for your efforts and the tips on configuring AIF Webservices for useage with SoapUI !
I've followed the steps carefully to configure my (W2K8R2 x64) server for NTLMv1 and to set ClientCredentialType to "Ntlm" in web.config.
Unfotunately however, I continue to have the following problem: Whenever trying to add the WDSL in SoapUI it simply remains stuck at 'Loading WDSL' (the 'Knight Rider-like' progress indicator bar moves back and forth indefinitely without any obvious progress). Please note that this behaviour occurs for 'http://{servername FQN or IP-address}:8081/MicrosoftDynamicsAXAif50/customerservice.svc?wsdl'.
Environment:
- W2K8R2 x64
- LMCompatibilityLevel changed to 2 (Was absent, hence I assumed the default value of 3 here)
- IE9
Things I've tried:
- When opening the WDSL in IE9, IE does show me the WDSL.
- When using the publicly available 'http://www.webservicex.net/WeatherForecast.asmx?wsdl', adding the WDSL works like a charm.
- Replace server name by IP-address or Localhost (no difference)
My question:
- Anyone have a clue as to what could be causing this ? (Could this be related to the x64 environment ? I'm quite sure all the registry entries in Wow6432Node are there as well.
-Is there a workaround for using SoapUI to add the WDSL and to consume the AX-webservice(s) ?
I will continue to investigate this and update you. Possible next steps/workaround that I might pursue next:
- use ProcessMonitor to check what's going on
- Check the SoapUI log files more carefully (didn't find anything relevant until now)
- create a .NET proxy and somehow publish that for consumption (eventually it needs to be consumed by a Linux based PHP platform)
With best regards / thank you,
Maarten Roset
Hello Maarten,
ReplyDeletesorry for my late response, but your mail did unfortunately arrive in the spam-box and not visible for me earlier. I hope that I will have the time to rebuild this scenario. Can you please send me the web.config and the SoapUI project, so that I can have a better idea of your environment?
Kind regards,
Florian
Hi Florian,
ReplyDeleteThanks for your reply.
In the meantime, I have been able to successfully solve the problem by modifying the web.config and IIS-properties. We are now successfully calling/using the webservices from SoapUI and PHP using Basic Authentication (which we will enhance with a Self Signed SSL Certificate later on).
If you're interested, I am more than happy to send you the document in which I describe the steps I went through in order to get it working.
With best regards,
Maarten
P.S. Please mail me at mroset followed by the at-symbol followed by the domain for Google mail ;-)).
Hi Maarten,
DeleteI was reading this post because I'm having a similar issue. Could be possible that you send me the document with the steps you went through using Basic Auth and the SSL Certificate in order to get it working?
My mail is: miguel.gonzalez@caudexit.com
Thanks in advance.
Kind regards,
Miguel.
Please share the steps, tried with NTLM, still failing.
Deleteemail :- ankur.1bhayana@gmail.com
Hi Florian
ReplyDeleteIm trying to use SOAPui with AX2012 webservices. So far I have set up a service that is published on a IIS and I manage to read the WDSL in SOAPui and the operations is automaticly added to the project. But then Im trying to send a request AX just respnd wiht a Access denied message.
Object Server 01: An error has occurred in the services framework. Method: AifMessageInspector::AfterReceiveRequest. Error: System.Security.SecurityException: Logon failure: unknown user name or bad password.
You have any idea in how to configure it so it works?
/Fredrik
Fredrik, perhaps you need to set the Aut parameters for the Request you're trying.
ReplyDeleteClick on Request, an then, in the request windows, click at Aut Tab (it's placed at bottom), and set the auth parameters.
Florian, did you succeed in testing Ax2012 AIF-WebServices with soapUI?
ReplyDeleteIf so, I would be really glad to see how did you performed that... I'm stuck with "401 - Unauthorized Access" issues...
Hi Bull
ReplyDeleteIv managed to get get my SOAPui to work with my AX 2012 webservice. I followed Florians instructions in how to configure SOAPui and set the LmCompatibilityLevel setting in the registry to "2". I also had to change the authentication method on the bindings on the AIF ports HTTP adapter to use NTLM instead of windows.
Sometime i get problems reading the WDSL from SOAPui but thats easy solved by opening the WDSL in EI and save it as a file and then use the file to read WDSL in SOAPui.
Hi Fredrik,
DeleteI've try Florian instructions also your instruction but still can't get SOAPui to get proper response from AIF.
I always get error:
Object Server 01: An error has occurred in the services framework. Method: AifMessageInspector::AfterReceiveRequest. Error: System.Security.SecurityException: The user name or password is incorrect.
at System.Security.Principal.WindowsIdentity.KerbS4ULogon(String upn, SafeTokenHandle& safeTokenHandle)
at System.Security.Principal.WindowsIdentity..ctor(String sUserPrincipalName, String type)
at System.Security.Principal.WindowsIdentity..ctor(String sUserPrincipalName)
at Microsoft.Dynamics.Ax.Services.AxSessionInitBehavior.getUserSid(String logonAsUser)
at Microsoft.Dynamics.Ax.Services.AxServiceOperationContext.InitializeSession()
at Microsoft.Dynamics.Ax.Services.AxServiceOperationContext.InitializeContext()
at Microsoft.Dynamics.Ax.Services.AxServiceOperationContext.Attach(OperationContext owner)
at System.ServiceModel.ExtensionCollection`1.InsertItem(Int32 index, IExtension`1 item)
at System.Collections.Generic.SynchronizedCollection`1.Add(T item)
at Microsoft.Dynamics.Ax.Services.AifMessageInspector.AfterReceiveRequest(Message& request, IClientChannel channel, InstanceContext instanceContext)
The Zone of the assembly that failed was:
MyComputer
Even though I've fill in the correct authentication in the "Auth" tab. Do you know how to solve this?
Thank you.
Hi,
DeleteI am also facing same issue in visual studio web service working perfectly but via SoapUI i am getting same error as above.
Please reply
Looked like that SOAPUI changed the Url for their article. I just updated the link. Please try it again and try your AIF-service with the described configuration.
ReplyDeleteHello :)
ReplyDeleteWe are struggling to perform some SOAP requests from within soapUI 4.5.2 to AX2009.
The WSDL is loaded fine in soapUI and we see the methods, but when we try to run the request, the following answer comes back from AX:
Sie können sich nicht bei Microsoft Dynamics AX anmelden. Fehlerdetails: You are not a recognized user of Microsoft Dynamics AX. Contact your system administrator for help.. Überprüfen Sie die Ereignisanzeige des Webservers auf weitere Informationen, oder wenden Sie sich an den Administrator.
We have input the right credentials in the Auth tab and used all authorization types, including NTLM, to no avail.
Any help would be highly appreciated... :)