Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

11|Session SoapFault trying to authenticate #154

Closed
zhaonan0218 opened this issue Mar 9, 2018 · 20 comments
Closed

11|Session SoapFault trying to authenticate #154

zhaonan0218 opened this issue Mar 9, 2018 · 20 comments

Comments

@zhaonan0218
Copy link

zhaonan0218 commented Mar 9, 2018

Hi Dieter,

I was trying to use the client to make a PNR retrieve request, but received error message: Amadeus\Client\Result Object ( [status] => FATAL [messages] => Array ( [0] => Amadeus\Client\Result\NotOk Object ( [code] => 11 [text] => [level] => Session ) ) [response] => [responseXml] => soap:Client 11|Session| )

I checked the log and pasted below, I suspect the reason was the version of the client, could you take a look for me please? thank you!
[2018-03-09 21:34:07] RequestResponseLogs.INFO: Called PNR_Retrieve with request: <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="http://xml.amadeus.com/PNRRET_15_1_1A" xmlns:ns2="http://www.w3.org/2005/08/addressing" xmlns:ns3="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wsswssecurity-secext-1.0.xsd" xmlns:ns4="http://xml.amadeus.com/2010/06/Security_v1">SOAP-ENV:Headerns2:MessageID67FD7569-1766-F71A-9042-6E919A1EA972</ns2:MessageID>ns2:Actionhttp://webservices.amadeus.com/PNRRET_15_1_1A</ns2:Action>ns2:Tohttps://nodeA1.test.webservices.amadeus.com/ENDPOINT</ns2:To><oas:Security xmlns:oas="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <oas:UsernameToken xmlns:oas1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" oas1:Id="UsernameToken-1"> oas:UsernameUSERNAME</oas:Username> <oas:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">NONCE</oas:Nonce> <oas:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">DIGEST</oas:Password> oas1:Created2018-03-09T20:34:07:119Z</oas1:Created> </oas:UsernameToken> </oas:Security>ns4:AMA_SecurityHostedUser<ns4:UserID POS_Type="1" PseudoCityCode="OFFICEID" AgentDutyCode="SU" RequestorType="U"/></ns4:AMA_SecurityHostedUser></SOAP-ENV:Header>SOAP-ENV:Bodyns1:PNR_Retrievens1:retrievalFactsns1:retrievens1:type2</ns1:type></ns1:retrieve>ns1:reservationOrProfileIdentifierns1:reservationns1:controlNumberRMBT66</ns1:controlNumber></ns1:reservation></ns1:reservationOrProfileIdentifier></ns1:retrievalFacts></ns1:PNR_Retrieve></SOAP-ENV:Body></SOAP-ENV:Envelope> [] []
[2018-03-09 21:34:07] RequestResponseLogs.INFO: Response: <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:awsse="http://xml.amadeus.com/2010/06/Session_v3" xmlns:wsa="http://www.w3.org/2005/08/addressing">soap:Headerwsa:Tohttp://www.w3.org/2005/08/addressing/anonymous</wsa:To>wsa:Fromwsa:Addresshttps://nodeA1.test.webservices.amadeus.com/1ASIWSAMNH</wsa:Address></wsa:From>wsa:Actionhttp://webservices.amadeus.com/PNRRET_15_1_1A</wsa:Action>wsa:MessageIDurn:uuid:b79fc2a0-31a2-97b4-6932-618a5519b17a</wsa:MessageID><wsa:RelatesTo RelationshipType="http://www.w3.org/2005/08/addressing/reply">67FD7569-1766-F71A-9042-6E919A1EA972</wsa:RelatesTo><awsse:Session TransactionStatusCode="End">awsse:SessionIdSESSID</awsse:SessionId>awsse:SequenceNumber1</awsse:SequenceNumber>awsse:SecurityTokenSECTOKEN</awsse:SecurityToken></awsse:Session></soap:Header>soap:Bodysoap:Faultsoap:Client 11|Session|</soap:Fault></soap:Body></soap:Envelope> [] []

@DerMika
Copy link
Collaborator

DerMika commented Mar 9, 2018

Usually this is because you use incorrect authentication parameters. Are you sure you properly base_64 encoded the password?

@zhaonan0218
Copy link
Author

zhaonan0218 commented Mar 9, 2018

Thank you for your prompt response. And yes, I used base64 password. I have a project xml file and the request format looked a little different than the one in log file, for example the PNR retrieve request looked something like this, I'm not sure if this is the issue:

<SOAP:Envelope xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/" xmlns:amasec="http://xml.amadeus.com/2010/06/Security_v1" xmlns:awsse="http://xml.amadeus.com/2010/06/Session_v3" xmlns:typ="http://xml.amadeus.com/2010/06/Types_v1" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
   <SOAP:Header>
      <wsa:MessageID>f4c46b1e-818b-b03-2b70-f9c2e67aafde</wsa:MessageID>
      <wsa:To>https://nodeA1.test.webservices.amadeus.com/1ASIWSAMNH</wsa:To>
      <wsa:Action>http://webservices.amadeus.com/PNRADD_15_1_1A</wsa:Action>
      <awsse:Session TransactionStatusCode="Start"/>
      <wsse:Security>
         <wsse:UsernameToken>
            <wsse:Username>USERNAME</wsse:Username>
            <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">${WS-Security#Password}</wsse:Password>
            <wsse:Nonce>${WS-Security#Nonce}</wsse:Nonce>
            <wsu:Created>${WS-Security#Created}</wsu:Created>
         </wsse:UsernameToken>
      </wsse:Security>
      <amasec:AMA_SecurityHostedUser>
         <amasec:UserID AgentDutyCode="GS" POS_Type="1" PseudoCityCode="OFFICEID" RequestorType="U"/>
      </amasec:AMA_SecurityHostedUser>
   </SOAP:Header>
   <SOAP:Body>
      <PNR_Retrieve>
         <retrievalFacts>
            <retrieve>
               <type>2</type>
            </retrieve>
            <reservationOrProfileIdentifier>
               <reservation>
                  <controlNumber>RMBT66</controlNumber>
               </reservation>
            </reservationOrProfileIdentifier>
         </retrievalFacts>
      </PNR_Retrieve>
   </SOAP:Body>
</SOAP:Envelope>

@DerMika
Copy link
Collaborator

DerMika commented Mar 9, 2018

I'm currently not home so it's a little hard to compare the two on mobile. I'll look more deeply after the weekend.

@zhaonan0218
Copy link
Author

Hi Dieter, sorry to bother you. But did you get a chance to take a look at the request and error message we had? Thank you.

@DerMika
Copy link
Collaborator

DerMika commented Mar 15, 2018

To be clear, generated_request is what this library generates?

Because there seems to be an error in original_request where it uses the PNRADD action to call a PNR Retrieve message, which would never work anyway.

For the rest, I can't see any problems in the authentication headers in the generated_request.

So what exactly is the problem you're experiencing now, is it still error "soap:Client 11|Session"?

You may want to get in touch with Amadeus Support and have them investigate what's going wrong.

@zhaonan0218
Copy link
Author

zhaonan0218 commented Mar 15, 2018

Thank you for your reply Dieter, yes generated_request is the one that this library generated.
Here is the complete error log, what would you recommendations?

[2018-03-09 22:11:46] RequestResponseLogs.INFO: Amadeus\Client\Session\Handler\Base::__construct(): Logger started. [] []
[2018-03-09 22:11:47] RequestResponseLogs.ERROR: SOAPFAULT while sending message PNR_Retrieve:  11|Session| code: 0 at /Applications/MAMP/htdocs/amadeus/vendor/amabnl/amadeus-ws-client/src/Amadeus/Client/Session/Handler/Base.php line 194:  #0 /Applications/MAMP/htdocs/amadeus/vendor/amabnl/amadeus-ws-client/src/Amadeus/Client/Session/Handler/Base.php(194): SoapClient->__call('PNR_Retrieve', Array) #1 /Applications/MAMP/htdocs/amadeus/vendor/amabnl/amadeus-ws-client/src/Amadeus/Client.php(1149): Amadeus\Client\Session\Handler\Base->sendMessage('PNR_Retrieve', Object(Amadeus\Client\Struct\Pnr\Retrieve), Array) #2 /Applications/MAMP/htdocs/amadeus/vendor/amabnl/amadeus-ws-client/src/Amadeus/Client.php(225): Amadeus\Client->callMessage('PNR_Retrieve', Object(Amadeus\Client\RequestOptions\PnrRetrieveOptions), Array) #3 /Applications/MAMP/htdocs/amadeus/test.php(81): Amadeus\Client->pnrRetrieve(Object(Amadeus\Client\RequestOptions\PnrRetrieveOptions)) #4 {main} [] []
[2018-03-09 22:11:47] RequestResponseLogs.INFO: Called PNR_Retrieve with request: <?xml version="1.0" encoding="UTF-8"?> <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="http://xml.amadeus.com/PNRRET_15_1_1A" xmlns:ns2="http://www.w3.org/2005/08/addressing" xmlns:ns3="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wsswssecurity-secext-1.0.xsd" xmlns:ns4="http://xml.amadeus.com/2010/06/Security_v1"><SOAP-ENV:Header><ns2:MessageID>2195F644-1B69-DCC1-4AD1-97E111D2094E</ns2:MessageID><ns2:Action>http://webservices.amadeus.com/PNRRET_15_1_1A</ns2:Action><ns2:To>https://nodeA1.test.webservices.amadeus.com/ENDPOINT</ns2:To><oas:Security xmlns:oas="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> 	<oas:UsernameToken xmlns:oas1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" oas1:Id="UsernameToken-1"> 		<oas:Username>USERNAME</oas:Username> 		<oas:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">NONCE</oas:Nonce> 		<oas:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">PASSWORD</oas:Password> 		<oas1:Created>2018-03-09T21:11:46:972Z</oas1:Created> 	</oas:UsernameToken> </oas:Security><ns4:AMA_SecurityHostedUser><ns4:UserID POS_Type="1" PseudoCityCode="OFFICE" AgentDutyCode="SU" RequestorType="U"/></ns4:AMA_SecurityHostedUser></SOAP-ENV:Header><SOAP-ENV:Body><ns1:PNR_Retrieve><ns1:retrievalFacts><ns1:retrieve><ns1:type>2</ns1:type></ns1:retrieve><ns1:reservationOrProfileIdentifier><ns1:reservation><ns1:controlNumber>RMBT66</ns1:controlNumber></ns1:reservation></ns1:reservationOrProfileIdentifier></ns1:retrievalFacts></ns1:PNR_Retrieve></SOAP-ENV:Body></SOAP-ENV:Envelope>  [] []
[2018-03-09 22:11:47] RequestResponseLogs.INFO: Response:  <?xml version="1.0" encoding="UTF-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:awsse="http://xml.amadeus.com/2010/06/Session_v3" xmlns:wsa="http://www.w3.org/2005/08/addressing"><soap:Header><wsa:To>http://www.w3.org/2005/08/addressing/anonymous</wsa:To><wsa:From><wsa:Address>https://nodeA1.test.webservices.amadeus.com/1ASIWSAMNH</wsa:Address></wsa:From><wsa:Action>http://webservices.amadeus.com/PNRRET_15_1_1A</wsa:Action><wsa:MessageID>urn:uuid:fb8e8064-dc52-9544-5df1-79b565b3b826</wsa:MessageID><wsa:RelatesTo RelationshipType="http://www.w3.org/2005/08/addressing/reply">2195F644-1B69-DCC1-4AD1-97E111D2094E</wsa:RelatesTo><awsse:Session TransactionStatusCode="End"><awsse:SessionId>SESSION</awsse:SessionId><awsse:SequenceNumber>1</awsse:SequenceNumber><awsse:SecurityToken>SECTOKEN</awsse:SecurityToken></awsse:Session></soap:Header><soap:Body><soap:Fault><faultcode>soap:Client</faultcode><faultstring> 11|Session|</faultstring></soap:Fault></soap:Body></soap:Envelope> [] []

@DerMika
Copy link
Collaborator

DerMika commented Mar 15, 2018

Since you usually get 11|Session errors when using incorrect authentication parameters, you should definitely doublecheck your authentication parameters.

Important to note is that you sometimes receive the password from Amadeus already in a base64_encoded format. So make sure you're not double-encoding the password!

And if that doesn't fix it, you should contact Amadeus support and have them investigate.

@zhaonan0218
Copy link
Author

zhaonan0218 commented Mar 15, 2018

I double checked with Amadeus, and the password should be good, but I did one more test using the original_request, and here is the response, which confirmed that the password is fine, maybe I could send you a private message with the information I have?

<SOAP:Envelope xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/" xmlns:awsse="http://xml.amadeus.com/2010/06/Session_v3" xmlns:wsa="http://www.w3.org/2005/08/addressing">
   <SOAP:Header>
      <wsa:To>http://www.w3.org/2005/08/addressing/anonymous</wsa:To>
      <wsa:From>
         <wsa:Address>https://nodeA1.test.webservices.amadeus.com/1ASIWSAMNH</wsa:Address>
      </wsa:From>
      <wsa:Action>http://webservices.amadeus.com/PNRRET_15_1_1A</wsa:Action>
      <wsa:MessageID>urn:uuid:6d6137bb-dd02-e994-318d-8da0e2aa5d76</wsa:MessageID>
      <wsa:RelatesTo RelationshipType="http://www.w3.org/2005/08/addressing/reply">f4c46b1e-818b-b03-2b70-f9c2e67aafde</wsa:RelatesTo>
      <awsse:Session TransactionStatusCode="InSeries">
         <awsse:SessionId>SESSION</awsse:SessionId>
         <awsse:SequenceNumber>1</awsse:SequenceNumber>
         <awsse:SecurityToken>SECTOKEN</awsse:SecurityToken>
      </awsse:Session>
   </SOAP:Header>
   <SOAP:Body>
      <soap:Fault xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
         <faultcode>soap:Server</faultcode>
         <faultstring>1931|Application|NO MATCH FOR RECORD LOCATOR</faultstring>
         <faultactor>SI:Backend</faultactor>
      </soap:Fault>
   </SOAP:Body>
</SOAP:Envelope>

@DerMika
Copy link
Collaborator

DerMika commented Mar 15, 2018

Well, the error you're getting now means that the system was unable to find the PNR you requested.

It also means you were successfully authenticated!

@zhaonan0218
Copy link
Author

zhaonan0218 commented Mar 15, 2018

Great, but that was the response I get using SOAP UI with the WSDL file we have, but the error message from the library was still soap:Client 11|Session|. That is the issue we are having now.

We actually sent you an email of proposal couple days ago regarding to a project of us, maybe you will be interested. It sent on March 9th to your private mail address , please let me know your thoughts. thank you!

@DerMika
Copy link
Collaborator

DerMika commented Mar 23, 2018

Ah right.

So which application are you using to test your password? And how does that handle your Amadeus password?

Because this library does a base64_decode of the provided password before it sends it to Amadeus (see https://github.com/amabnl/amadeus-ws-client/blob/master/src/Amadeus/Client/Session/Handler/SoapHeader4.php#L221).

This library works for many people, so I really can't think of anything that could be specific to your situation, except for providing the wrong authentication details. So if you're still getting the 11|Session error, the only course of action I can recommend is you contact Amadeus Support, have them look up the trace logs for your authentication attempts, and let them investigate what's going wrong.

@DerMika DerMika changed the title General question about usage 11|Session SoapFault trying to authenticate Mar 23, 2018
@DerMika
Copy link
Collaborator

DerMika commented Mar 23, 2018

Wait, I think I just found it.

You're using a custom DutyCode:

<amasec:UserID AgentDutyCode="GS" POS_Type="1" PseudoCityCode="OFFICE_ID" RequestorType="U"/>

So, are you specifying the 'dutyCode' => "GS", in the 'authParams'?

There is an example shown in the SoapHeader 2 authentication example here in the docs: https://github.com/amabnl/amadeus-ws-client/blob/master/docs/about-get-started.rst#set-up-a-test-client

@DerMika
Copy link
Collaborator

DerMika commented Mar 31, 2018

As we discussed offline, it seems like the password you were using was the cleartext password after all. Should be fixed by putting a base64_encode() around the cleartext password.

Can you confirm that fixes the problem?

@DerMika
Copy link
Collaborator

DerMika commented Apr 9, 2018

Assuming problem was fixed. You can re-open the issue if that wasn't the case after all.

@DerMika DerMika closed this as completed Apr 9, 2018
@quangminht
Copy link

quangminht commented Dec 11, 2018

@DerMika I read this issue! I think you should update document (you specifying the 'dutyCode' => "GS", in the 'authParams')
image

Thanks you very much! This topic really help me!

@haiderg
Copy link

haiderg commented Feb 1, 2019

Hi DerMika,

We are facing the same error message "11|Session". In our case it is strange because the same code is working fine on all of our developers system and on one of our server. But it is throwing the exception with message "11|Session" on the server where we have IIS and all of our web sites hosted.

Can you please help me in this issue as I worked hard to fix it but no success.

Thanks in advance!!!

@konorws
Copy link

konorws commented Aug 31, 2019

Can you please help me in this issue as I worked hard to fix it but no success.

Thanks in advance!!!

Did you manage to solve your problem? I have exactly the same situation. Locally, everything works but on the server returns error code 11

@hiteshagja
Copy link

Getting same error

<soap:Body>
      <soap:Fault>
         <faultcode>soap:Client</faultcode>
         <faultstring>11|Session|</faultstring>
      </soap:Fault>
   </soap:Body>

For nounce I am generating alphabetic 8 char long, base64 encoded.
I tried Clear text password directly and base64 encoded.

But getting same error as mentioned.

Help!!

@haiderg
Copy link

haiderg commented Nov 12, 2019

For this issue we contacted with Amadeus but could not fix this issue and at last we have to change our hosting server. Please try some solutions I mentioned our case because we spent one week to fix this issue but no solution.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

7 participants
@DerMika @haiderg @hiteshagja @zhaonan0218 @quangminht @konorws and others