Unofficial Content
  • This documentation is valid for:

When an application uses GAM and External Web Services Authentication Type with GAM is configured, if there are any problems with the Authentication Type configuration in GAM, a generic error may occur when a user tries to log in:

Error in webservice response, the service is not responding, please contact the application's administrator. (GAM40)

Below is a guide to identify the cause of this problem and find a solution.

Note that the web service has to send and receive a default structure so that the GAM can use it as an authentication service. The details can be found in this document: External Web Services Authentication Type.

First, make sure that the service responds correctly before trying to authenticate using GAM. One way to check this is to run the URL of the service's WSDL in the browser. Once that is confirmed, check the Authentication Type settings on the GAM Backend. To do so, run the GAM back end (gamhome object), go to "Authentication Types," and in the authentication type already defined click on "update" to confirm the following:

1. Private Encryption Key

The Private Encryption Key specified must be the correct one. This parameter is used to encrypt the user name and password, using GeneXus’ encrypt64 function. The web service must use this key to decrypt using the decrypt64 function. It is not mandatory to specify a key.

2.  Server name

The server name (you can also configure the IP) must be accessible from the application server where the application that uses the GAM is running.

3. Port

The port where the service listens must be specified.

4. Base URL

The base URL consists of the entire content of the URL without the servername:port and service name. For example, if the service URL is as follows:

https://www.samples.com/gxlogin/agamwslogin.aspx?wsdl

Specify BASE URL: gxlogin

Another example for the following service URL:

https://www.samples.com/gxlogin/servlet/agamwslogin?wsdl

Specify BASE URL: gxlogin/servlet

5. Secure protocol

If the web service listens on HTTPS, as in the previous examples, specify:

Secure protocol= Yes; otherwise, if it listens on HTTP specify Secure protocol= No.

6. Web service name

The web service name must not include the extension.

Here is an example if you have the following service URL:

https://www.samples.com/gxlogin/agamwslogin.aspx?wsdl

Specify:

web service name = agamwslogin
web service extension = aspx

Another example:

https://www.samples.com/gxlogin/servlet/agamwslogin?wsdl

web service name = agamwslogin
web service extension = <empty>

How to find out more about the cause of a problem with external web service authentication

If the service is running on HTTP (not HTTPS), you can use a tool such as tcptrace to intercept the communication between client and server in order to better understand the cause of a connection problem.
Tcptrace listens to the communication between client and server. It must be configured so that GAM redirects to the listen port of tcptrace and, in turn, it redirects to the web service.

To do so, follow the steps below:

1. Run the GAM back end and update the external web service authentication type by specifying:

  • server name: localhost (or the server name or IP of the machine where tcptrace is running).
  • server port: 88 (any free port)

As shown in the figure below:

wsexternostcptrace
Figure 1.

2. Run tcptrace and set:

  • Listen on port: 88 (the port specified in figure 1).
  • Destination server : <server name where the web service is run>
  • Destination port: <port where the web service listens>

wsexternostcptrace2
Figure 2.

When the user tries to log in to the system using the defined external web service authentication type, the POST to the service and its HTTP response will be displayed in the tcptrace console, which often helps find the possible causes of errors.

Last update: February 2024 | © GeneXus. All rights reserved. GeneXus Powered by Globant