Unable to parse the WSDL at location 'http://server.domain.com/file.wsdl': HTTP response failed with status 401

Document ID : KB000057264
Last Modified Date : 14/02/2018
Show Technical Document Details

Solution

Background

The Gateway is capable of communicating with external servers and services to access necessary files or dependencies. For example: The Publish?SOAP Web Service?dialog gives an administrator or policy author the capability of specifying a WSDL via an HTTP(S) URL. Additional connection settings may need to be set for this HTTP(S) URL to be accessible. These settings can be set via the Manage HTTP Options task and?will be used for all connections to a specified host.

If an HTTP(S) URL used by the Gateway requires custom HTTP options to access--such as static credentials or custom SSL/TLS settings--then consuming an HTTP(S) URL in certain dialogs may fail. In the example above--a Gateway needs to consume an external WSDL in order to publish a SOAP web service. Access to this WSDL is restricted on its host system to users with valid HTTP Basic credentials. The?Publish?SOAP Web Service?dialog does not provide an area for specifying these credentials but the?Manage HTTP Options?task allows them to be specified for the necessary host.

Presentation

The Gateway will return a dialog with the following error message:?Unable to parse the WSDL at location 'http://server.domain.com/file.wsdl': HTTP response failed with status 401.

The following error message (with an accompanying stack trace) will also be present in the Policy Manager log file on the workstation connected to the Gateway via the Policy Manager:?java.io.IOException: HTTP response failed with status 401

Resolution

The?Manage HTTP Options?task can be used to specify a set of valid credentials for a particular host. The screen capture below shows an example configuration to provide HTTP options to the file specified above:

A screen capture of the Edit HTTP Options dialog

The General tab of the dialog specifies the rules to which the HTTP options will apply. Any settings set in this dialog will apply to that host and URI rule. In this example--pre-configured credentials will be used to connect to?server.domain.com?when accessing?/file.wsdl. These rules are strictly adhered to and any deviation will result in them not being leveraged. For example: A connection to?server.domain.com?and accessing /myApp.svc?will?not?use the configured options. Additionally, a connection to www.domain.com?and accessing?/file.wsdl?will?not?use the configured options.

These rules can be made as complex or as broad as necessary. The Gateway also supports to use of multiple HTTP options rules for different resources or hosts. The screen capture below illustrates the use of multiple unique HTTP options in one Gateway cluster:

A screen capture of the Manage HTTP Options task with multiple rule sets

Correctly setting the HTTP options for a particular host will allow an operator or administrator to consume services or resources on protected systems that are remote to the Gateway. If the HTTP options are set correctly then the HTTP 401 error experienced when consuming a WSDL should not occur when publishing a SOAP service with an external WSDL protected with credentials.