Maximo web services security

Question

For securing Maximo web services on an environment security has been configured but without succeeding:

1. Maximo Web services has been created and tested via SoapUI successfully before applying security.
2. Security configuration has been applied at the EJB level since I'm using native security, this is as per IBM Maximo support note: https://www.ibm.com/support/pages/node/466937
3. I tried retesting the web service by sending a transaction having specified HTTP Header MAXAUTH with a value of username:password encoded as a Base64 string, where username:password is a valid Maximo user, but it was failing with the below response message:

<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
   <S:Body>
      <ns0:Fault xmlns:ns1="http://www.w3.org/2003/05/soap-envelope" xmlns:ns0="http://schemas.xmlsoap.org/soap/envelope/">
         <faultcode>ns0:Server</faultcode>
         <faultstring>javax.xml.ws.WebServiceException</faultstring>
      </ns0:Fault>
   </S:Body>
</S:Envelope>

Kindly help.

Answer 1

It is working fine now after passing the correct HTTP header, below is the explanation:

When sending the transaction, the specified value for the HTTP Header MAXAUTH value was not in the correct format and encoding.

The correct value should be a in the following format username:password encoded as a Base64 string, where username:password is a valid Maximo user.

Correct value of username:password encoded as a Base64 string, where username:password is a valid Maximo user.

For example, if Maximo username:password is maxadmin:max12345! then the MAXAUTH HTTP header Base64 string value is bWF4YWRtaW46bWF4MTIzNDUh