BPEL HTTP Header Problem

Similar Messages

• OSB http Header Problem

  Hello all,
  (I hope I'm right here with my Oracle Service Bus problem)
  I have a Oracle Service Bus Proxy Service, that calls a Business Service (not in my control).
  That business service is somehow crap, cause it doesn't respond correctly (in sense of http protocol):
  POST / HTTP/1.1
  Content-Type: text/xml; charset=utf-8
  User-Agent: Java1.6.0_05
  Host: somehost.net:8080
  Accept: text/html, image/gif, image/jpeg, */*; q=.2
  Connection: Keep-Alive
  0093
  <?xml version="1.0" encoding="UTF-8"?>
  <somePayload/>
  0000
  *<TheResponse/>*
  <TheResponse/> is all i get from that service. No http header..
  My Proxy service doesn't like responses with no HTTP/1.1 200 OK
  and returns an error (although its a correct answer.. from the service)
  Is there a posibility to avoid this error and get the plain response instead?
  Thanx in advance
  Pat

  You're right, that service doesn't respond correctly as defined by HTTP. I don't think there is an out of the box feature in OSB you could use to overcome this.
  However, you can possibly write your own transport implementation as described here:
  http://download.oracle.com/docs/cd/E13159_01/osb/docs10gr3/transportsdk/architecture.html
  There's also sample implementation that could be useful:
  http://download.oracle.com/docs/cd/E13159_01/osb/docs10gr3/transportsdk/example.html

• SOAP Receiver - HTTP header problem

  Hi,
  Scenario: IDOC - - XI - - SOAP(webservice).
  Third party is asking for missing "/" (path?) in header after "POST". Following is the message received by third party. How to override this header to put "/" after POST? Please help.
  POST  HTTP/1.0
  Accept: /
  Host: 100.10.2.5:9092
  User-Agent: SAP-Messaging-com.sap.aii.messaging/1.0505
  Authorization: Basic Z2hydHNvYXA6bm92ZWxs
  content-id: <soap-48E034BD9F5B3308E1000000876CF529@sapcom>
  Content-Type: text/xml; charset=utf-8
  Content-Length: 313
  SOAPACTION: "#batchRequest"
  <SOAP:Envelope xmlns:SOAP='http://schemas.xmlsoap.org/soap/envelope/'>
      <SOAP:Header/>
      <SOAP:Body>
          <ns0:cvgtransaction xmlns:ns0='http://abc.com/xi/Novell' event='modify' workforceID='1' type='employee'>
              <attribute name='WWID' operation='replace'>1234567</attribute>
          </ns0:cvgtransaction>
      </SOAP:Body>
  </SOAP:Envelope>

  Hi!
  with XI standard tools you have no chance to manipulate the soap envelope created by the XI. You have to configure your soap receiver communication channel to not create a soap envelope "Do not use SOAP envelope") and then you use e.g. a XSLT mapping to create a soap envelope by yourself.
  Regards,
  Volker

• Problem adding HTTP header to request

  Hi all,
  My company is wanting to access our Adobe Connect through our
  SAP portal without requiring the user to stop and enter their Adobe
  Connect password.
  The documentation available says that this should be possible
  using a combination of SAPSSOEXT (to interrogate the SAP ticket and
  authenticate the user coming from the SAP portal) and HTTP header
  authentication within Adobe Connect (by inserting the authenticated
  username into a custom HTTP header).
  However the problem is that I'm intending to use Java, but I
  can't find any Java functionality that will allow me to add a
  header into an HTTP request.
  Has anyone done anything like this before? Any ideas on how
  to go about it?
  Thanks in advance,
  David

  In 10.1.3.5, there were several examples or samples in the Oracle BPEL folder. I think there were ones called HTTPGetService and HTTPPostService. You might check to see if they are still around.

• Problem setting Unicode (utf-8) in http header using tomcat

  Hi:
  I am trying to set a file name in utf-8 to http header using the following code:
  response.setContentType("text/html; charset=utf-8");
  response.setHeader("Content-disposition", "attachment; filename=&#35299;&#27770;.zip");
  // I actually has file name in utf-8 here to set to the header, and I know that the name is correctly
  // and I also looked into the response object MimeHeaders object and saw the head is correctly there
  then write the content of zip file using ServletOutputStream.
  The problem I have is that the file name is not displayed correctly when prompted to save or open in the pop up window next. I found out using Fiddler that the request header is wrong:
  Content-disposition: attachment; filename=&#65533;zn&#65533;�.zip
  I am using Tomcat 5.0.28. Any idea how to get this working?
  Thanks in advance!

  You are setting the charset for the content to be UTF-8. (That is why the method is called setContentType.) But HTTP headers are not part of the content and so that has no effect on the header.
  The original specification for HTTP only allowed US-ASCII characters in headers. It is possible that more recent versions have features that allow for non-ASCII header data, but I don't know if that is the case or how you would use those features if they exist.

• HTTP header insertion problem with ACE

  Hi
  I try to configure the HTTP header insertion feature based on the action-list type modify http. Unfortunately it does not works.
  The config looks like that
  action-list type modify http TEST
  header insert both Host header-value test:test.
  I added this action-list to the correct policy-map.
  When I checked the snifer output on the server side, there is no test value in the HTTP header.
  I test the same feature based on the "insert-http" command in the policy-map and this one works.
  Could anybody help me with this problem?
  Thank you in advance
  Regards
  Lucas

  Hi Lukas,
  Add a new parameter-map named PRMAP_PERST_REBLNC and add this to the policy map using command appl-parameter http advanced-options PRMAP_PERST_REBLNC as shown below:
  action-list type modify http test-insert
  header insert both My-Header header-value test
  header insert both SSL header-value TRUE
  policy-map type loadbalance http first-match HtppInsert
  class class-default
  serverfarm linux1-80
  action test-insert
  policy-map multi-match SLB1
  class VIP-122-80
  loadbalance vip inservice
  loadbalance policy HtppInsert
  loadbalance vip icmp-reply active
  loadbalance vip advertise active
  loadbalance vip advertise metric 1
  connection advanced-options SetTos
  appl-parameter http advanced-options PRMAP_PERST_REBLNC
  parameter-map type http PRMAP_PERST_REBLNC
  persistence-rebalance
  Hope this will make all the packets are inserted with the http header not the first one only.
  If it works then plz inform.
  Kind Regards.
  Sachin Garg

• Src IP HTTP header insertion problem

  I have configured a vserver to loadbalance to 2 proxy servers over TCP port 8080.
  I use a policy to insert the source ip address of the client workstation to be
  inserted in the HTTP header.
  We use the same vserver to loadbalance HTTPS traffix.
  Appearantly the CSM also tries to insert the ip address when HTTPS traffic
  is passing this vserver.
  Is this a correct beheavior? How can I solve this one?
  Thanks!
  Regards Wim

  Actually mozilla lets you specify different ports for proxy http and proxy https.
  Anyway, are the servers behing your CSM proxy servers ?
  Do you have 'persistent rebalance" configured ?
  If so, could you try to turn do 'no persistent rebalance' and see if that solves your problem.
  Normally, https connection via a proxy are still done with HTTP connection with the request "CONNECT x.x.x.x:443" and the CSM should be able to inset the requested info.
  But we need to avoid the CSM to inspect further packets as this would be ssl traffic -> so disable peristent rebalance.
  Just an idea.
  Regards,
  Gilles.

• Problems with http header "Content-Location"

  Does anyone know how to override the
  "Content-Location" http header. We are having issues with search engines and this header being returned from Apache/oc4j. In a nutshell, I have a site that uses the
  Struts framework, where the actual urls submitted would be for example
  (http://mysite/home.do), where ".do" is just a servlet mapping. When we have
  tried to follow the one link that has been spidered, it actually contains
  the full path that appears in the "Content-Location" header (i.e.
  http://mysite/web-inf/jsps/bogus.jsp) which in this case can't even be
  accessed. The feedback we get from third-party utilities that try to spider
  the site is that it is stopping because it has already indexed "bogus.jsp",
  which in reality will always appear since it is a template, where the actual
  urls will be different as is above.
  Because the "Content-Location" header is being returned to any
  client hitting the site, search engine spiders stop indexing at the first page because the value in "Content-Location" is the same.
  Solutions tried:
  mod_headers in Apache - have tried "Header unset"
  HttpServletResponse.setHeader()
  Any help would be appreciated

  Hi there,
  i'm having a similar problem to this when trying to run some web page speed optimisation software...
  i think the issue also causes problems with the Opera browser (although this may have been fixed in the latest version).
  anybody any ideas how to stop the header being sent in the response?
  many thanks,
  Andy

• HTTP header and Filter: problem

  Hi,
  Let's suppose I need to check HTTP header values for some reason. I created a filter to analyze request information before passing it to servlet.
  Anyway filter's method doFilter() takes a ServletRequest as a parameter, not HttpServletRequest, therefore I can't use HttpServletRequestWrapper and its method getHeaders(). ServletRequestWrapper does not have such a method. Casting from ServletRequest to HttpServletRequest won't work - Weblogic does not allow this.
  Anyway I need to extract headers information for the request and I know for sure it is an HTTP request, of course.
  Does anyone here know how can I extract header information in this case?

  Anyway filter's method doFilter() takes a
  ServletRequest as a parameter, not
  HttpServletRequest, therefore I can't use
  HttpServletRequestWrapper and its method
  getHeaders().However you are actually getting an HttpServletRequest object as your actual parameter, so just cast it to HttpServletRequest and do what you need to do.

• HTTP Header SOAPAction Problem

  hi Everyone,
  this is an extract of my test soap program:
  SOAPConnectionFactory soapfactory = SOAPConnectionFactory.newInstance();
  SOAPConnection connection = soapfactory.createConnection();
  URL endpoint = new URL("http://url.asmx");
  MessageFactory messagefactory = MessageFactory.newInstance();
  SOAPMessage message = messagefactory.createMessage();
  SOAPPart soapPart = message.getSOAPPart();
  SOAPEnvelope envelope = soapPart.getEnvelope();
  SOAPBody body = envelope.getBody();
  soapFactory = SOAPFactory.newInstance();
  Name insertNewUser = soapFactory.createName("insertNewUser","","namespace");
  SOAPBodyElement bodyElement = body.addBodyElement(insertNewUser);
  response = connection.call(message, endpoint);
  response.writeTo(System.out);
  connection.close();when i send the call, this the response from the server:
  <?xml version="1.0" encoding="utf-8"?>
  <soap:Envelope xmlns:soap="...">
  <soap:Body>
  <soap:Fault>
  <faultcode>soap:Client</faultcode>
  <faultstring>Server did not recognize the value of HTTP Header SOAPAction:.</faultstring>
  <detail />
  </soap:Fault>
  </soap:Body>
  </soap:Envelope>
  This is my question:
  How can I set the HTTP Header SOAPAction?
  Thanks.
  Roberto

  Hi try out the following code.
  MimeHeaders hd = message.getMimeHeaders();
  hd.addHeader("SOAPAction", "http://tempuri.org/HelloWorld");This will add the SOAP Action header to ur HTTP headers.
  Regards
  Aditya

• Howto connect with http to a socket - header problem?

  Hi
  i am writing a midlet that connects via http to a server with a java socket.
  i can receive the data, but when i try to return data to the sockets outputstream,
  the midlet doesnt receive it and waits endlessly.
  Do i have to send a http header in the return connection?
  Does anybody have another idea?
  if not, how do i send the header and how should it look like?
  Thanks for your help.
  Mathis

  if you use a socket connection you need to talk the language the server understands, means, you need to send the commands that are specified in the rfc for the protocol you use. means, talking to a webserver is different that talking to pop3 server or to a ftp server.....
  and, just for your information: sockets are not requiered in the j2me specification, means that not all vendors have implemented socket protocol into their devices. only required is http.

• Make process manger send additional http header when querying WSDL ?

  Hello,
  is there a possibility to send an additional, custom http header when
  process manager reads WSDL from a webserver.
  Backgrund info: all our WSDLs are hosted on a special webserver which
  needs this field. Changing to another kind of repository is not an option.
  It would be nice if we could add some parameter to the appserver or domain
  configuration to add this field as a default for each request.
  Note that we don´t need the http field if we call partnerLinks. It´s only required for
  WSDL-query (= the URLs given in bpel.xml / </partnerLinkBinding> )
  Thanks in advance
  Bernd

  Hi,
  It is a memory or buffer related problem. Contact your BASIS.
  Looks like there is a shortage of space. Analyse the dump in ST22 and look for its proposals.
  OSS note 965351 might be applicable (if you are on 640/ unix).
  regards,
  NR

• Single-Sign-On (SSO) configuration on JAVA Stack through HTTP Header method

  Hello SDN community,
  in the context of a Proof of Concept, we are testing the integration of Microsoft Sharepoint Portal with SAP Backend (addin) systems.
  As the architecture impose use an external scenario (access from the internet), we couldn't use the Kerberos (SPNego) solution and thus we chosed the http header solution which in short uses an intermediary web server (in this case the IIS of the MOSS solution) which will act as authority.
  I miss information on how the workflow works for this http header authentication method. Through the visual administrator of the addin JAVA stack, it is possible to configure each application with a customized authentication (a choice of security modules). But this all that I know.
  My task is to configure SSO. From a sharepoint portal, the user should be able to access Web Dynpros and BSPs. I imagine that the very first call to a webdynpro or bsp (or maybe when we log on the sharepoint portal), the request to the WDP or BSP will first be forwareded by the intermediary server to the JAVA stack (or is it the SAP dispatcher that has to be configured).
  Is there an application to be built on the java stack to deal with the authentication, modify http header?
  What will the Java stack return? a sap long ticket? a token?
  How will the redirect work (to by example a BSP which is in the ABAP stack)?
  SAP preconise to secure with SSL the link between the intermediary web server and the JAVA stack, is IP restriction also a solution?
  A lot of questions about how this SSO http header should work,
  I would be very greatful for any help, or info,
  Kind regards,
  Tanguy Mezzano

  Hi Tanguy,
  to tell you the truth I'm really unsure about what you are trying to achieve. When I started posting to your thread I thought all you wanted was trying to access your J2EE engine via Browser and authenticate against the engine using HTTP Header Variables. Nevermind:
  Here are some answers to your question:
  in fact I did succeed, the problem was that even after domain-relaxation done by the J2EE, I had to change the domain of th SAP cookie to the bbbb.domain.com to be understood (I would have thought that all hosts in/under domain .domain would have accepted such a cookie but it seems that no...).
  The server does not care about the domain because Cookies in an HTTP Request do not contain any domain information. The domain is just important when the Cookie is set by the server so your Client (Browser) will know in which cases the Cookie may be sent or not. So if your domain is xxx.yyy.domain.com and your cookie is issued to .domain.com then your Browser will definitely sent it to all hosts under .domain.com (This includes xxx.yyy.domain.com etc.)
  My current scenario is: in a first request get a SAP Logon Ticket from the Java Stack, then change its domain and then directly call the backend with it.
  You can do that but there is no Client involved in this scenario. So this is useful if you just want to test the functionality (e.g. authentication to J2EE using Header Variables (This works finally!!!) and then use the fetched Logon Ticket to test SSO against any trusted Backend!!)
  So everything's is in a Java Client application without using any redirection.
  If I understand you, you're solution is from the Browser call a servlet (which is deployed on the Java Stack and has no authentication schema) by passing to it our http header.
  No, you should initially authenticate somewhere! I thought that maybe you had some resource you access before accessing the Java Stack. This could be any application (e.g. deployed on a Tomcat or JBOSS or other server or if you like even SAP J2EE). After authenticating there you are aware of the username and could use it to  procceed (e.g. Authenticate against the J2EE using the same user and HTTP Header authentication for that particular user!)
  That servlet will transfer the http header (with the HttpClient app) in order to get from the Java Stack a SAP Logon ticket, and then to redirect to the resource and by sending back the cookie in client browser. Am I correct?
  This was just a suggestion because I realized that there was no Client ever involved in any of your testing (looked strange to me!). I was just thinking that it would be easier for you to just get the Cookie into your Browser so your Browser would do the rest for you (in your case finally send the Logon Ticket Cookie to your Backend to test SSO using Logon Tickets!).
  The AuthenticatorServlet somehow serves as a Proxy to your client because your client is not able to set the Header Variable. That's why I initially suggested to use a Proxy (e.g. Apache) for that purpose. The problem is just that if you use a Proxy you will have to tell it somehow which username it should set in the Header Variable (e.g. using a URL Parameter or using a personalized client certificate and fetch the username (e.g. cn=<username> from the certificate!)
  This way of doing would simplify the calls for sso for each new application needing authentication, instead of having all code each time in it...
  I'm stuck again! Do you want to authenticate an End User or do you want to authenticate an application that needs to call any resources in your Backend that requires authentication?
  So my problem now, is how to call the servlet from the client browser:
  I'm trying to call my servlet from the browser but I don't succeed. I am able to understand how to reach a jsp from the Java Stack, but not to reach a servlet. I don't find the path to my servlet:
  <FORM method="POST" action="SSORedirect2" >
  A JSP is a servlet too. There is just no JAVA Class involved!
  You do not need any POST Request to invoke a Servlet.
  I see that my servlet is deployed, but I don't how what path to give to my form to invoke the servlet, here follows my web.xml
    <?xml version="1.0" encoding="UTF-8" ?>
    <!DOCTYPE web-app (View Source for full doctype...)>
  - <web-app>
    <display-name>WEB APP</display-name>
    <description>WEB APP description</description>
  - <servlet>
    <servlet-name>SSOredirect2</servlet-name>
    <servlet-class>com.atosorigin.examples.AuthenticatorServlet</servlet-class>
    </servlet>
  - <servlet>
    <servlet-name>SSORedirect2.jsp</servlet-name>
    <jsp-file>/SSORedirect2.jsp</jsp-file>
    </servlet>
  - <security-constraint>
    <display-name>SecurityConstraint</display-name>
  - <web-resource-collection>
    <web-resource-name>WebResource</web-resource-name>
    <url-pattern>/*</url-pattern>
    <http-method>GET</http-method>
    <http-method>POST</http-method>
    </web-resource-collection>
  - <auth-constraint>
    <role-name>DefaultSecurityRole</role-name>
    </auth-constraint>
    </security-constraint>
  - <security-role>
    <role-name>DefaultSecurityRole</role-name>
    </security-role>
    </web-app>
  If you have an AuthenticatorServlet Class all you need is to add the Servlet Mapping in your web.xml file
  e.g.
  <servlet>
    <description>
    </description>
    <display-name>AuthenticatorServlet</display-name>
    <servlet-name>AuthenticatorServlet</servlet-name>
    <servlet-class>com.atosorigin.examples.AuthenticatorServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>AuthenticatorServlet</servlet-name>
    <url-pattern>/AuthenticatorServlet</url-pattern>
  </servlet-mapping>
  You can directly call the Servlet in your Browser by calling the URL provided in the url-pattern of your Servlet mapping ( in this case /AuthenticatorServlet). The engine will invoke the Class "com.atosorigin.examples.AuthenticatorServlet" in the background and do whatever you defined there!
  I have also to pass my http header and the redirectUrl in the GET request.
  If you like! I just suggested this for testing purposes. As I stated before you need a way to tell your proxy (or in your case AuthenticatorServlet) which user should be set when calling the Engine in order to authenticate using HTTP Header. You could use the URL Paramater to define the user you actually want to use when you set the Header Variable.
  I just introduced the redirectURL because you were talking about redirects all the time. So if you finally want to call the Backend you could define the Backend URL in the redirectURL Parameter and the Servlet will make sure that you are redirected to this location after the whole process!
  Thx for your input very helpful,
  But again 0 points
  Cheers

• What happens to the HTTP header parameters I put there?

  Our tool puts some parameters into the HTTP header. But, it appears that the Dispatcher is not passing them to the WAS.  Could this be?
  Is there a way to tell the Dispatcher to not drop our HTTP header stuff? Perhaps a configuration setting? I didn't find any.
  When I set a break in my servlet running on NW WAS, I see:
  referer:
  Cookie:
  etc.
  but I don't see the parameters we put there.
  This is the NW SneakPreview download.

  Hi Farokh,
  I think there should be much problem passing parameters  through the Url. I am sorry however that I have not worked much on the Servlet but on WebDynpro, which I can share with you if its of any use to you.
  Regards
  Noufal

• Error in setting up HTTP Header Variable Authentication

  Hi,
  I am trying to set-up SSO for SAP Biller Direct aplication (deployed on SAP J2EE 7.0) using HTTP Header variable authentication.
  As per SAP documentation I have created a new login module "HeaderVariableLoginModule" pointing to class "com.sap.security.core.server.jaas.HeaderVariableLoginModule".
  Then I have added this new login module to Statck "Ticket" and the new config looks as below. HTTP header when UID is passed is USI_LOP.
  Name                                                                                Flag                                            Options
  com.sap.security.core.server.jaas.HeaderVariableLoginModule    Sufficient                                    ume.configuration.active= tue,
                                                                                  Header=USI_LOP
  BasicPasswordLoginModule                                                           Optional
  CreateTicketLoginModule                                                                 Optional                                         ume.configuration.active= tue
  EvaluateTicketLoginModule                                                              Sufficient                                      ume.configuration.active= tue
  The problem I am now having is that the authentication through HTTP_HEADEr does not work. Even though I ahve increased the trace level for JAAS module to debug, there is not any type of information generated in the log.
  Each time I call the Biller Direct URL from the extrenal web server which also passes the HEADER variable for Authntication, the authrisation just fails and I am being shown a Logon Screen to pust UID/PASSWORD.
  Can someone please guide me, how I can debug this? There is very no information whether anyone tried to login with HEADER varibale and that has failed...
  Also, I am not pretty sure whether I am using the right Authentication Stack, which is is Ticket in my case..
  But when I enter the application without any URL redirects and enter UID and password directly for Biller Direct, I get the following in log file, which makes me believe that I am using the right stack.
  LOGIN.OK
  User: CONDLG
  Authentication Stack: ticket
  Login Module                                                               Flag        Initialize  Login      Commit     Abort      Details
  1. com.sap.security.core.server.jaas.HeaderVariableLoginModule             SUFFICIENT  ok          false      false                
  2. com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule   OPTIONAL    ok          true       true                 
  3. com.sap.security.core.server.jaas.CreateTicketLoginModule               OPTIONAL    ok          true       true                 
  4. com.sap.security.core.server.jaas.EvaluateTicketLoginModule             SUFFICIENT  ok          false      false                
  Central Checks                                                                                true                 
  Any help will be very much apprecated..
  Thanks,
  Vikrant Sud

  Vikrant,
  The reason why it is not working is because your login modules in ticket stack are in wrong order and with wrong flags. The first one should be EvaluateTicketLoginModule with flag=SUFFICIENT, then the Header Variable login module, with flag=OPTIONAL, then CreateTicketLoginModule with flag=SUFFICIENT, then BasicPasswordLoginModule with flag=REQUISITE, and lastly CreateTicektLoginModule with flag=OPTIONAL
  Thanks,
  Tim