Posts

Showing posts from October, 2012

News from the Open Cloud

There are interesting new initiative on the cloud front. Here are a few that catch my attention in the past weeks:
OASIS Cloud Application Management for Platforms (CAMP). OASIS Cloud Authorization (CloudAuthZ).The AWS GovCloud (US) Region Camp remind me of BootCamp or LeBootCamp :)
Is CloudAuthZ the next OAuth?
With all the buzz around cloud, I am curious to see where we are going. 
How are all these new initiatives going to impact us on the Web, while using DropBox, EverNote, or Google+, LinkedIn, Apple and the like? 
Where is the trust going to be on the WEB?
I'll like to keep the center-stage in this role game and own my identity, keep my tokens secured in my wallet like I do today. I am not sure I want to trust comercial entities to do this for me, free of charges.
Can players like Adobe, Microsoft, Oracle, RedHat and the telcos get into this game and provide the unified platform for everyone to standardize on?

soapUI is back, with lot more for you.

Image
It has been a long time since I last used soapUI - see my 2007 post - when I was using version 2.1.x. Today, I got 4.5.1, from the same location: http://www.soapui.org/
I wanted to test a simple WS using WS-Security username token and ran into an interesting issue; the invocations were failing with an HTTP error : 401 Unauthorized. 
The solution was simple - switch the HTTP authentication to use preemptive mode (see documentation).

Here are 2 common HTTP errors codes: HTTP/1.1 403 ForbiddenThe username/password you provided is not valid.HTTP/1.1 401 UnauthorizedThe server is sending back an auth challenge that may be ignored by the HTTP client library - the hint on the response is "WWW-Authenticate: BASIC realm="owsm".
And 1 common soap fault:

<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
  <env:Header/>
  <env:Body>
    <env:Fault xmlns:ns0="http://schemas.oracle.com/owsm/policy-enforcement-2007-06">
  …