Forum Discussion

Richard__Harlan's avatar
Richard__Harlan
Historic F5 Account
Jan 31, 2006

(401)Authorization Required with JAVA

Starting to work on a new Java site to interface with the BigIP. Everything we try to run it we get a 401 error back. The user is and passowrd are fine. It just will not work. Attach are some code snips. Any help would be great. Thanks

 

 

(0) Application Error

 

**Message 1**:

 

com.deere.u90.iaf.deployment.exceptions.ApplicationException: com.deere.u90.iaf.deployment.exceptions.ApplicationException: No 'Active' BigIP server found.

 

endPoint URLs and states follows:[no endPoints]

 

 

**Message 2**:

 

com.deere.u90.iaf.deployment.exceptions.ApplicationException: org.apache.axis.AxisFault: Exception attempting to determine 'Active' BigIP server.

 

Current endpointURLs = https://[userid]:[password]@bigip.com:443/iControl/iControlPortal.cgi

 

 

**Message 3**:

 

(401)Authorization Required

 

 

 

 

 

public BigIPHelper(String nodeName, String userAuthID) {

 

super();

 

 

this.userAuthID = userAuthID;

 

 

userID = Application.GetInstance().getConnectionManagerConfigurationView().getString(JDBC_USERID + ApplicationProperties.GetConnectionManagerPropertySfx());

 

password = Application.GetInstance().getConnectionManagerConfigurationView().getString(JDBC_PASSWORD + ApplicationProperties.GetConnectionManagerPropertySfx());

 

 

XTrustProvider.install();

 

 

String bigIPEnvironment = determineBigIPEnvironment(nodeName);

 

 

String[] endPointURLs = buildBigIPEndPointURLs(bigIPEnvironment);

 

 

endPointURL = determinePrimaryBigIPServer(endPointURLs);

 

 

establishBindings();

 

}

 

 

 

private void establishBindings() {

 

try {

 

virtualServerBinding = (iControl.LocalLBVirtualServerBindingStub) new iControl.LocalLBVirtualServerLocator().getLocalLBVirtualServerPort(new java.net.URL(endPointURL));

 

virtualServerBinding.setTimeout(60000);

 

 

poolBinding = (iControl.LocalLBPoolBindingStub) new iControl.LocalLBPoolLocator().getLocalLBPoolPort(new java.net.URL(endPointURL));

 

poolBinding.setTimeout(60000);

 

 

nodeAddressBinding = (iControl.LocalLBNodeAddressBindingStub) new iControl.LocalLBNodeAddressLocator().getLocalLBNodeAddressPort(new java.net.URL(endPointURL));

 

nodeAddressBinding.setTimeout(60000);

 

}

 

catch (Throwable t) {

 

throw new ApplicationException(0, "Exception encountered while establishing BigIP web service bindings.\nendPonitURL = " + endPointURL.replaceAll(password, "[password]"), t);

 

 

}

 

}

 

4 Replies

  • It's unclear from your code sample what exactly the value is for your endpointURL. Your error message states that it is this:

     

     

    https://[userid]:[password]@bigip.com:443/iControl/iControlPortal.cgi

     

     

    I'm assuming that you are patching the "[userid]" and "[password]" strings with valid userids and passwords for the system but if you are then I don't see any reason why it wouldn't work.

     

     

    Are you sure that you have the value of endpointURL is valid before you create the client binding variables? Without seeing the code for the "endPointURL = determinePrimaryBigIPServer(endPointURLs);" call, I can't tell.

     

     

    -Joe
  • Richard__Harlan's avatar
    Richard__Harlan
    Historic F5 Account
    Learned a little more hope you can explane this. No why it did not work fixed it with adding a upper case user id and now it all works. But can you explane this. the lower upper case failes because I am guessing it is useing local auth and not AD auth since I did not make the user id. So the system see a difference in the user id. The simple solution I thought was to add the Upper case user to the users list, no the system now see both user ids as the same and not different as it was durning logon. Sorry just a little crabby spend all this time working on it and it is such a simple solution. Thanks
  • Hi Joe,

     

    I am accessing the same url 'https://[userid]:[password]@:443/iControl/iControlPortal.cgi' and my username/password are correct. There is no uppercase/lowercase issue with them. Still I am getting error '(401)F5 Authorization Required'. The only difference is I am using ruby/rails to access it instead of Java. Can you tell me what could be the problem here? Your comment will be very helpful to me.

     

     

    -Kalpesh
  • the http[s]://[userid:[password]@server/uri is not a standard format. It's something that was implemented for some early browsers and the java libraries seem to have supported it. The clients that do support it will try to extract user:pass from before an "@" symbol in the hostname field and then convert that to the appropriate request authentication headers. Odds are the Ruby libraries do not do this. You'll have to find out how the ruby libraries pass credentials with the HTTP Requests and configure those credentials with your user:pass. Wish I could give you more details but I very much a noob with Ruby. I do know users are using it though so it can be done. Please post if you get a solution so others can know how you did it.

     

     

    -Joe