Showing results for 
Search instead for 
Did you mean: 

SOAP Sender Adapter gets error '(401) Unauthorized.'

0 Kudos

Hi all,

we are using XI 3.0 and have a scenario with a SOAP Sender Adapter, which is using "HTTPS with Client Authentication". I have configured everything I have found on the forum at Visual Admin and Integration Directory:

  • Set the UME property ume.logon.allow_cert to TRUE in 'Service-->UME Provider'

  • Imported client certificate and root CA certificate to 'Service-->Keystore'

  • Created user with role role SAP_XI_APPL_SERV_USER

  • Assigned this user to the client certificate in 'Security Provider-->UserManagement'

  • Added the user to xi_adapter_soap_message and xi_adapter_soap_help in 'Security Provider'

  • Added the root CA in 'SSL Provider>Dispatcher>Client Authentication' and marked 'Request client certificate.

  • Added the user to BusinessSystem at tab 'Assigned Users'

  • Added the user to Sender Agreement at tab 'Assigned Users'.

  • Our business partner got a certificate of our server and the according PrivateKey is added to 'SSL Provider>Dispatcher>Server Identity'

Unfortunately, our server certificate is not verified by an root CA!!

When the business partner now browse the URL 'https://url:port/XISOAPAdapter/MessageServlet?channel=:BS_3RD_PARTNER:SOAP_SENDER&nosoap=true' on his system, he will get a 'Message Servlet is in Status OK'.

But when he tries to process the URL directly in his messaging system, he gets an error '(401) Unauthorized.'

Any hints what could be the problem between browing the URL in InternetExplorer and sending from the messaging system?

Does it really mean that authorization was successful, when getting 'Message Servlet is in Status OK' in the Browser?

How can I assign an user when not using ClientAuthentication?

I would be very thankful for every help...

Grtz, Juergen

Accepted Solutions (0)

Answers (2)

Answers (2)

0 Kudos

It was an issue on the business partner side...


Former Member
0 Kudos

Hi Grallert,

401 will be usually when user name or password is wrong. Please check with a different user and give a try.

Check this blog for some more info:




0 Kudos

Hi Satish,

could the user or password also be wrong, even if you get 'Message Servlet is in Status OK' when browsing the URL in the Internet Explorer? I would have seen this as a sign, that the user authentication works basically...

Is there a special place to store the password in the Visual Admin, or will the password be used, which is available in the SU01 ?



Active Contributor
0 Kudos


>could the user or password also be wrong


Check the User ID whether it has the Role, Basis team will help in that


Agasthuri Doss