Re: Seeing same behavior as in Getting "9124 Incorrect credentials supplied"

pheesen
Regular Visitor

Seeing same behavior as in Getting "9124 Incorrect credentials supplied"

I'm a new user and I'm seeing the same behavior as in the earlier question, Getting "9124 Incorrect credentials supplied".

 

I think I'm following the instructions in:

"Configuring a Two-Way SSL Keystore Using an Auto-generated CSR"

    Testing Two-Way SSL Connectivity Using SOAPUI
        Configuring the Helloworld API Request and Testing the Connection
            Click Submit Request (green chevron icon below) to test your connection. If successful, you should see the current timestamp in the response panel, as shown below.  (FYI, The screenshot looks like it belongs to the "TestSuite" section)

 

What do you think is wrong?

 

SoapUI http log:

Mon Jun 05 15:55:54 PDT 2017:DEBUG:>> "GET /vdp/helloworld HTTP/1.1[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:>> "Accept-Encoding: gzip,deflate[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:>> "Authorization: Basic UUpRTElKQVgyMDRVM1dLUUpZMzkyMXU0bHlMVWN0MUJKbjRhZnhFUGxUTGFyeWJtMDp4UldWekxRR1NBSW1zWFZpQXMzc3lmag==[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:>> "Host: sandbox.api.visa.com[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:>> "Connection: Keep-Alive[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:>> "User-Agent: Apache-HttpClient/4.1.1 (java 1.5)[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:>> "[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:<< "HTTP/1.1 401 Unauthorized[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:<< "X-SERVED-BY: l55c006[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:<< "X-CORRELATION-ID: 1496703354_752_76_l55c006_VDP_ARM[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:<< "X-APP-STATUS: 401[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:<< "X-Frame-Options: SAMEORIGIN[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:<< "X-XSS-Protection: 1; mode=block[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:<< "X-Content-Type-Options: nosniff[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:<< "Strict-Transport-Security: max-age=2592000;includeSubdomains[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:<< "Cache-Control: no-cache, no-store, must-revalidate[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:<< "Pragma: no-cache[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:<< "Expires: Thu, 01 Jan 1970 00:00:00 GMT[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:<< "Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:<< "X-Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:<< "X-WebKit-CSP-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:<< "Content-Type: application/json;charset=UTF-8[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:<< "Content-Length: 119[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:<< "Date: Mon, 05 Jun 2017 22:55:54 GMT[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:<< "Connection: keep-alive[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:<< "[\r][\n]"
Mon Jun 05 15:55:54 PDT 2017:DEBUG:<< "{"responseStatus":{"code":"9124","severity":"ERROR","info":"","status":401,"message":"Incorrect credentials supplied"}}"

 

Also tried cUrl to see if that would make a difference:

curl -v --header "Authorization: Basic UUpRTElKQVgyMDRVM1dLUUpZMzkyMXU0bHlMVWN0MUJKbjRhZnhFUGxUTGFyeWJtMDp4 UldWekxRR1NBSW1zWFZpQXMzc3lmag==" -E cert.pem --key key_8b3c444a-87db-42c7-aac0-269afe819b00.pem https://sandbox.api.visa.com/vdp/helloworld
* STATE: INIT => CONNECT handle 0x600092030; line 1397 (connection #-5000)
* Added connection 0. The cache now contains 1 members
* Trying 23.75.184.31...
* TCP_NODELAY set
* STATE: CONNECT => WAITCONNECT handle 0x600092030; line 1450 (connection #0)
* Connected to sandbox.api.visa.com (23.75.184.31) port 443 (#0)
* STATE: WAITCONNECT => SENDPROTOCONNECT handle 0x600092030; line 1557 (connection #0)
* Marked for [keep alive]: HTTP default
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* STATE: SENDPROTOCONNECT => PROTOCONNECT handle 0x600092030; line 1571 (connection #0)
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Request CERT (13):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS handshake, CERT verify (15):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: C=US; ST=California; L=Foster City; O=Visa International Service Association; OU=Developer Platform; CN=sandbox.api.visa.com
* start date: Aug 2 00:00:00 2016 GMT
* expire date: Oct 1 23:59:59 2017 GMT
* subjectAltName: host "sandbox.api.visa.com" matched cert's "sandbox.api.visa.com"
* issuer: C=US; O=GeoTrust Inc.; CN=GeoTrust SSL CA - G3
* SSL certificate verify ok.
* STATE: PROTOCONNECT => DO handle 0x600092030; line 1592 (connection #0)
> GET /vdp/helloworld HTTP/1.1
> Host: sandbox.api.visa.com
> User-Agent: curl/7.50.3
> Accept: */*
> Authorization: Basic UUpRTElKQVgyMDRVM1dLUUpZMzkyMXU0bHlMVWN0MUJKbjRhZnhFUGxUTGFyeWJtMDp4UldWekxRR1NBSW1zWFZpQXMzc3lmag==
>
* STATE: DO => DO_DONE handle 0x600092030; line 1654 (connection #0)
* STATE: DO_DONE => WAITPERFORM handle 0x600092030; line 1781 (connection #0)
* STATE: WAITPERFORM => PERFORM handle 0x600092030; line 1791 (connection #0)
* HTTP 1.1 or later with persistent connection, pipelining supported
< HTTP/1.1 401 Unauthorized
< X-SERVED-BY: l55c008
< X-CORRELATION-ID: 1496704371_203_272_l55c008_VDP_ARM
< X-APP-STATUS: 401
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 1; mode=block
< X-Content-Type-Options: nosniff
< Strict-Transport-Security: max-age=2592000;includeSubdomains
< Cache-Control: no-cache, no-store, must-revalidate
< Pragma: no-cache
< Expires: Thu, 01 Jan 1970 00:00:00 GMT
< Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.comhttps://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
< X-Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
< X-WebKit-CSP-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
< Content-Type: application/json;charset=UTF-8
< Content-Length: 119
< Date: Mon, 05 Jun 2017 23:12:51 GMT
< Connection: keep-alive
<
* STATE: PERFORM => DONE handle 0x600092030; line 1955 (connection #0)
* multi_done
* Curl_http_done: called premature == 0
* Connection #0 to host sandbox.api.visa.com left intact
{"responseStatus":{"code":"9124","severity":"ERROR","info":"","status":401,"message":"Incorrect credentials supplied"}}
4 REPLIES 4
Sanobar
Frequent Helper

Re: Seeing same behavior as in Getting "9124 Incorrect credentials supplied"

Hello pheesen,

 

you are missing username from your credentials. See the logs below:

 

2017-06-05 23:12:51,237 LL="ERROR" CR="1496704371_203_272_l55c008_VDP_ARM" RE="1496704371203" DE="2" TR="tomcat-http--25" LN="c.v.g.a.t.ARMControllerServlet" MSG=ARMControllerServlet handleRequest Error java.util.concurrent.ExecutionException: java.util.concurrent.ExecutionException: com.visa.gpd.arm.iam.TokenException: Incorrect credentials supplied at com.google.common.util.concurrent.AbstractFuture$Sync.getValue(AbstractFuture.java:299) ~[guava-17.0.jar:na] at com.google.common.util.concurrent.AbstractFuture$Sync.get(AbstractFuture.java:286) ~[guava-17.0.jar:na] at com.google.common.util.concurrent.AbstractFuture.get(AbstractFuture.java:116) ~[guava-17.0.jar:na]

2017-06-05 23:12:51,224 LL="ERROR" CR="1496704371_203_272_l55c008_VDP_ARM" RE="1496704371203" DE="1.T1.1" TR="tomcat-http--9" LN="c.v.v.i.a.s.IAMStorProcService" MSG=username doesn't exists in database

 

Thanks

Sanobar

 

pheesen
Regular Visitor

Re: Seeing same behavior as in Getting "9124 Incorrect credentials supplied"

Hi Sanobar,

What username are we talking about and where do I put it?  In SoapUI I added the userid/password for the app VisaDirect_SnB that I created in my dashboard.  I don't recall seeing instructions for any other username.

 

The userid for the app is QJQLIJAX204U3WKQJY3921u4lyLUct1BJn4afxEPlTLarybm0.  Are you saying that username isn't in your DB?

Sanobar
Frequent Helper

Re: Seeing same behavior as in Getting "9124 Incorrect credentials supplied"

Hello,

user ID and password are the values displayed on the UI for the app that is created, there is no other username needed to make an api call.

Please see the instructions on getting started on how to use soapUI tool to make Mutual Auth API calls.

 

 

I hope this is helpful

 

Thanks

Sanobar

pheesen
Regular Visitor

Re: Seeing same behavior as in Getting "9124 Incorrect credentials supplied"

My application credentialsMy application credentialsSoapUi ssl configurationSoapUi ssl configurationSoapUi authorization setupSoapUi authorization setup

That's my SoapUi configuration, as best as I can tell it's correct.

Here's the SoapUI log

Wed Jun 07 11:15:29 PDT 2017:DEBUG:>> "GET /vdp/helloworld HTTP/1.1[\r][\n]"
Wed Jun 07 11:15:29 PDT 2017:DEBUG:>> "Accept-Encoding: gzip,deflate[\r][\n]"
Wed Jun 07 11:15:29 PDT 2017:DEBUG:>> "Authorization: Basic UUpRTElKQVgyMDRVM1dLUUpZMzkyMXU0bHlMVWN0MUJKbjRhZnhFUGxUTGFyeWJtMDp4UldWekxRR1NBSW1zWFZpQXMzc3lmag==[\r][\n]"
Wed Jun 07 11:15:29 PDT 2017:DEBUG:>> "Host: sandbox.api.visa.com[\r][\n]"
Wed Jun 07 11:15:29 PDT 2017:DEBUG:>> "Connection: Keep-Alive[\r][\n]"
Wed Jun 07 11:15:29 PDT 2017:DEBUG:>> "User-Agent: Apache-HttpClient/4.1.1 (java 1.5)[\r][\n]"
Wed Jun 07 11:15:29 PDT 2017:DEBUG:>> "[\r][\n]"
Wed Jun 07 11:15:30 PDT 2017:DEBUG:<< "HTTP/1.1 401 Unauthorized[\r][\n]"
Wed Jun 07 11:15:30 PDT 2017:DEBUG:<< "X-SERVED-BY: l55c012[\r][\n]"
Wed Jun 07 11:15:30 PDT 2017:DEBUG:<< "X-CORRELATION-ID: 1496859329_300_83_l55c012_VDP_ARM[\r][\n]"
Wed Jun 07 11:15:30 PDT 2017:DEBUG:<< "X-APP-STATUS: 401[\r][\n]"
Wed Jun 07 11:15:30 PDT 2017:DEBUG:<< "X-Frame-Options: SAMEORIGIN[\r][\n]"
Wed Jun 07 11:15:30 PDT 2017:DEBUG:<< "X-XSS-Protection: 1; mode=block[\r][\n]"
Wed Jun 07 11:15:30 PDT 2017:DEBUG:<< "X-Content-Type-Options: nosniff[\r][\n]"
Wed Jun 07 11:15:30 PDT 2017:DEBUG:<< "Strict-Transport-Security: max-age=2592000;includeSubdomains[\r][\n]"
Wed Jun 07 11:15:30 PDT 2017:DEBUG:<< "Cache-Control: no-cache, no-store, must-revalidate[\r][\n]"
Wed Jun 07 11:15:30 PDT 2017:DEBUG:<< "Pragma: no-cache[\r][\n]"
Wed Jun 07 11:15:30 PDT 2017:DEBUG:<< "Expires: Thu, 01 Jan 1970 00:00:00 GMT[\r][\n]"
Wed Jun 07 11:15:30 PDT 2017:DEBUG:<< "Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval'  https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src  https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;[\r][\n]"
Wed Jun 07 11:15:30 PDT 2017:DEBUG:<< "X-Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval'  https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src  https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;[\r][\n]"
Wed Jun 07 11:15:30 PDT 2017:DEBUG:<< "X-WebKit-CSP-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval'  https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src  https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;[\r][\n]"
Wed Jun 07 11:15:30 PDT 2017:DEBUG:<< "Content-Type: application/json;charset=UTF-8[\r][\n]"
Wed Jun 07 11:15:30 PDT 2017:DEBUG:<< "Content-Length: 119[\r][\n]"
Wed Jun 07 11:15:30 PDT 2017:DEBUG:<< "Date: Wed, 07 Jun 2017 18:15:29 GMT[\r][\n]"
Wed Jun 07 11:15:30 PDT 2017:DEBUG:<< "Connection: keep-alive[\r][\n]"
Wed Jun 07 11:15:30 PDT 2017:DEBUG:<< "[\r][\n]"
Wed Jun 07 11:15:30 PDT 2017:DEBUG:<< "{"responseStatus":{"code":"9124","severity":"ERROR","info":"","status":401,"message":"Incorrect credentials supplied"}}"

The log shows an Authorization header being sent containing the base64 encoding of my application's userid/password.  Isn't that all that's needed as far as user credentials?

Wed Jun 07 11:15:29 PDT 2017:DEBUG:>> "Authorization: Basic UUpRTElKQVgyMDRVM1dLUUpZMzkyMXU0bHlMVWN0MUJKbjRhZnhFUGxUTGFyeWJtMDp4UldWekxRR1NBSW1zWFZpQXMzc3lmag==[\r][\n]"
base64.b64decode('UUpRTElKQVgyMDRVM1dLUUpZMzkyMXU0bHlMVWN0MUJKbjRhZnhFUGxUTGFyeWJtMDp4UldWekxRR1NBSW1zWFZpQXMzc3lmag==')
'QJQLIJAX204U3WKQJY3921u4lyLUct1BJn4afxEPlTLarybm0:xRWVzLQGSAImsXViAs3syfj'

I can't see what I may be missing.  To me, it looks like that should work.  What am I doing wrong?

 

I've also downloaded the java code that's generated for my application (VisaDirect_SnB, samplecode-JAVA-8b3c44.zip) and I have the same problem when I run that code.