Ftp over http authentication

Similar Messages

• WCCP on ASA for FTP over HTTP

  Hello,
  We have a WSA appliance that we have in explicit mode and want to configure as transparent. The protocols we cache and analyze with WSA are HTTP, HTTPS, native FTP and FTP over HTTP.
  Is there a service number on WCCP for FTP over HTTP protocol? Or it is included within HTTP?
  Thanks a lot in advance.
  Best regards,
  Igor

  Igor,
  The service number 60 (ftp-native service) only applies  to transparent redirection of FTP native requests and does not apply to  FTP-over-HTTP requests.
  On the other hand; the Content Engine listens for redirected HTTP  requests on the standard HTTP port (default port 80). To enable the  Content Engine to listen for WCCP-intercepted HTTP traffic on ports  other than the default port, configure the custom-web-cache service (98 and 99) or a  user-defined WCCP service (services 90 to 97).
  I hope this helps.
  Regards,
  Juan Lombana
  Please rate helpful posts.

• Ftp over http proxy

  Hi Experts,
  As per sap notes using n/w proxy in ftp adapter is not possible.
  Please let me know what are the possible workarounds.
  Regards,
  Ayush

  hi
  please check your F/W settings.
  and if you can setup FTP on the PI server, you should test on the PI server as FTP server.
  youll find waht is the problem.
  naoki

• Ftp and http access over XDB repository is not allowed...

  When I try to execute the following command on a reasonably fresh Oracle 11 installation:
  insert into "XMLTEST" ( "name", "xmlfof" ) values ( 'small', DBMS_XDB.GETCONTENTXMLTYPE('/public/small.xml') );
  -- The schema is correctly registered, the file "small.xml" is in the /public repository folder, the user has every conceivable role and priviledge
  -- http access works fine from a remote location, tried to execute the command on the server and from remote system...
  I get the following error message:
  ORA-31020: Der Vorgang ist nicht zulässig, Ursache: For security reasons, ftp and http access over XDB repository is not allowed on server side ORA-06512: in "XDB.DBMS_XDB", Zeile 1915
  Searching for an answer on the forum didn't produce any concreate explanation... Does anyone have any idea how to solve this problem?

  As it turns out, the XML file contained a reference to a DTD at an external web-site, which caused the problem - it was identical to that described here:
  Re: ORA-31020 when using XML with external DTD or entities
  After removing the reference, everything works perfectly...

• Retreiving files over http or ftp.

  I was wondering what program I should use to retreive files over http or ftp. Previously I had used wget per my hosting provider's recommendation. It worked when I was ssh logged in to his server (via Mac Terminal). However, when I try using wget on my local Mac it says "command not found".

  Thanks. So if I specify a file name (-o /path/to/file), does the incoming file get renamed to that (and put in that location) or does this specify the directory (-o /path/to/directory) that the incoming file will go to? I wasn't quite clear on that.
  Also, I keep hearing about stdout. What is it exactly? I assumed it was just the Terminal window itself, the alternative being things like | more or | nano or something like that... Or am I totally up the wrong tree?

• Exchange 2010 RPC over HTTPs failing with authentication error

  Hi.  I have my remote.xxx.co.uk domain and autodiscover.xxx.co.uk domain pointing to my SBS2011 server, have ports 25, 80, 443 open.  The Microsoft Connectivity Analyzer fails with the below error.
  Outlook will autodiscover happily on the local network, and works fine.  Phones etc do too.
  Outlook at a remote VPN connected site won't connect through autodiscover, but will if you do it manually (ignoring the RPC Proxy settings).  Everything works for a while, but then I guess outlook decides to use autodiscover to complete all the connection
  details, and then these machines can no longer connect to exchange as I guess they decide the speed is too slow and try to connect using RPC instead.
  Users can access OWA happily, and activesync is working on phones etc.
  SSL cert is a wildcard type on my domain, and certs are installed - all green and happy when visiting OWA on both remote.xxxxx.co.uk and autodiscover.xxxxx.co.uk domains.
  I cannot work out why I have an authentication error for RPC?
  Any advice would be great!
  Testing HTTP Authentication Methods for URL https://remote.xxxxx.co.uk/rpc/rpcproxy.dll?xxxxxx.xxxxxx.local:6002.
  The HTTP authentication test failed.
  Additional Details
  Exception details:
  Message: The operation has timed out
  Type: System.Net.WebException
  Stack trace:
  at System.Net.HttpWebRequest.GetResponse()
  at Microsoft.Exchange.Tools.ExRca.Extensions.RcaHttpRequest.GetResponse()
  Elapsed Time: 100065 ms

  Hi.
  To update.
  I tried to recreate the virtual directories in the Exchange Management Console, using the recreate links and via the shell, but while they were recreated, they did not function as they should due to issues in the meta database.
  I then found the following which worked.
  Looking at the ActiveSync virtual directories, when running the below command, the result showed the directory was there, so I then knew to delete it.
  In EMS I ran,
  => Ran "$site = [ADSI]"IIS://localhost/W3SVC/1/Root/Microsoft-Server-ActiveSync""
  Result: Carriage return.
  => Ran "$site"
  Result:
  distinguishedName:
  Path: {C:\Program Files\Microsoft\ExchangeServer\V14\Client Access\Sync}
  In EMS I then ran,
  => Ran "$Site = [ADSI]"IIS://localhost/W3SVC/1/Root""
  Result: Carriage return.
  => Ran "$site.Delete("IIsWebVirtualDir","Microsoft-Server-ActiveSync")"
  Result: Carriage return.
  => Ran "$site.SetInfo()"
  Result: Carriage return.
  => Ran "$site"
  Result: Carriage return.
  => Ran "iisreset"
  I then recreated the virtual directories. 
  In EMS I ran,
  => Ran "New-ActiveSyncVirtualDirectory -WebSiteName "Default Web Site""
  Results: Successfully recreated.
  => Ran "iisreset"
  I am not sure exactly, but I did this for multiple virtual directories, and everything came to life just as it should.

• Ftp over ssl

  Hi All,
  I would like to check if it is possible to have a ftp server (ftp over ssl) hosted externally to be accessible via the cisco switches, routers etc? Can this result be achieved?
  Thanks
  Alex

  It should. Check out https://packetpros.com/cisco_kb/ios_http.html. Change the http commands to https.

• Preview failed because Adobe Muse could not make a connection over HTTP. The most common cause of this is Firewall software which prevents HTTP connections. You may need to change Firewall settings to allow Adobe Muse to make connections.

  Preview failed because Adobe Muse could not make a connection over HTTP. The most common cause of this is Firewall software which prevents HTTP connections. You may need to change Firewall settings to allow Adobe Muse to make connections.
  no firewall at all, in win 8.1, turned it off for all networks
  ftp and publish works just fine

  Hi,
  Please take a look at this post : Re: Adobe Muse - Preview Failed
  Regards,
  Aish

• Windows Integrated Security with SSRS, Sharepoint 2013 and SSAS over http

  I have the following setup and problem:
  Sharepoint 2013 with SSRS in Sharepoint integrated mode
  SSAS 2012 SP1 with http access (IIS + msmdpump) enabled on the same box as SSAS
  Every component I have tried works fine with this (PerformancePoint, .bism connections, SSIS packages etc.), connecting over http using Kerberos and windows integrated authentication.
  SSRS (.rsds) connections in Sharepoint fail a connection test when using the same http connection string + Windows integrated authentication which works for everything else. The error is: "Unsupported data format: -> Microsoft.ReportingServices.DataExtensions.AdomdTestConnectionException:
  Unsupported data format:"
  SQL server profiler shows that the windows username is reaching the SSAS server is all cases.
  Kerberos delegation is set up for SSAS and is working.
  Switching the .rsds connection to saved credentials (same user as I tried with Windows integrated auth) works fine and SQL server profile logs look the same as the Windows integrated case.
  So, everything seems to work with Kerberos + http apart from SSRS ... any idea welcome. I did read that SSPI is not supported for http connections but then again, there are sites which give examples of exactly such connection strings. I can't find any
  mention of this case or exact problem anywhere ...

  For information, this was fixed by applying the .NET 4.5.1 patch as advised by MS support. Now http connections from integrated mode SSRS work ok.

• FILE Adapter over HTTP

  Hi,
  Does anybody know if File Adapter woks with files over http?
  For example:
  I have a CSV file at http://xxx.com/file1.csv, I want to process this file and send to RFC Adapter.
  Can I put "http://xxx.com/" in "Source Directory" of file sender communication channel?
  Any sugestions? (FTP is not a choice)
  regards,
  Luiz Alberto

  Hi Luiz,
     I don't think this will work with File Adapter.
  Thanks and Regardds,
  Chandu.

• Flat file over HTTP or SOAP

  Hey Guys,
  I need to post a Flat file over HTTP (or SOAP), is this possible without developing my own Adapter module?
  I just need to get a Flat file from a FTP server and post to another server via HTTP,since there is no message mapping involved, i developed the scenario without any Integration Repository objects, it is just a pass-through scenario.
  Now i am stuck on the receiver side since i am unable to post Flat file over HTTP.
  Secondly i have Login URL, Logout URL and upload URL from the receiver system, i don't see any place in receiver HTTP adapter to put all these 3 URL's, can i use SOAP adapter to put all these URL anywhere?
  Any help would be appreciated.
  Thanks
  Saif
  Edited by: Saif Manzar on Jan 19, 2010 2:51 AM

  Hey Guys,
  I need to post a Flat file over HTTP (or SOAP), is this possible without developing my own Adapter module?
  I just need to get a Flat file from a FTP server and post to another server via HTTP,since there is no message mapping involved, i developed the scenario without any Integration Repository objects, it is just a pass-through scenario.
  Now i am stuck on the receiver side since i am unable to post Flat file over HTTP.
  Secondly i have Login URL, Logout URL and upload URL from the receiver system, i don't see any place in receiver HTTP adapter to put all these 3 URL's, can i use SOAP adapter to put all these URL anywhere?
  Any help would be appreciated.
  Thanks
  Saif
  Edited by: Saif Manzar on Jan 19, 2010 2:51 AM

• File upload over HTTP into IFS

  The webui classes provide functionality to upload a file over HTTP as multipart/form-data. It takes care of splitting out the boundaries, and other form data, leaving just the file to store in IFS. My question is this:
  1. Since the webui classes are not a part of the API, are they supported for development purposes? (i.e, can I mimic the behavior of the webui in my application?) I suspect not.
  2. Why doesn't the IFS API provide the ability to handle multipart/form data over http? Even the webcommandapp example application assumes the file is already local to the webserver computer, which leads me to believe it's my responsibility to get it there over HTTP or FTP.

  I think the best way out for now is to use the Oreilly classes that are available at : http://www.servlets.com/resources/com.oreilly.servlet/
  to handle the multipart-form data;until Oracle provides this feature in a later release of the ADK

• AS2 over HTTP Send port question.

  I have an application that builds and  sends flat and EDI files to FTP, FILE, SqlAdapter send ports and now they want AS2 over an HTTP port, I understand the AS2 settings (using party resolution, etc.) what I don't get is how/what exactly is receiving
  the message on the other side... They don't have a web service nor a page, I created a site to test but what do I do? Send an edi file to a url????
  Bico Bielich

  From your question I understand, you have been asked to send message through AS2. Do they also going to receive message through AS2 from their party? Is your question is about how to receive the message through AS2 which you also want to send over AS2?
  You can configure
  BTSHTTPReceive.dll to receive messages over HTTP and configure the Receive location with AS2 EDI pipeline component to receive messages over AS2 into BizTalk which can be subscribed by your send port filter or Orchestration ( if you have any process
  to be applied before sending the message over AS2 send).
  Check the Tutorial-3 part of AS2 which illustrate an example which receives an AS2 message through BTSHTTPReceive.dll. 
  Tutorial 3: AS2 Tutorial
  And following references shall help you configure the BTSHTTPReceive.dll:
  How to Configure IIS for an HTTP Receive Location
  Configuring BTSHTTPReceive.dll to work on IIS 7 
  If this answers your question please mark it accordingly. If this post is helpful, please vote as helpful by clicking the upward arrow mark next to my reply.

• Problem in accessing webservice over https with auth cert enabled...Urgent

  Hi All,
  I am stuck in accessing webservices using ssl and auth certificate.
  I am using jdk 6 and it is not any issue with the problem I am facing...
  This is what I do...
  I have a webservice deployed which is accessible over https.
  On server, I run..
  - to generate keystoye
  keytool -genkey -alias tomcat-sv -dname "CN=<Server Machine Id>, OU=X, O=Y, L=Z, S=XY, C=YZ" -keyalg RSA -keypass changeit -storepass changeit -keystore server.keystore
  generate server certificate
  keytool -export -alias tomcat-sv -storepass changeit -file server.cer -keystore server.keystore
  On client, i run..
  To generate client keystore-
  keytool -genkey -alias tomcat-cl -dname "CN=<Client Machine Id>, OU=X, O=Y, L=Z, S=XY, C=YZ" -keyalg RSA -keypass changeit -storepass changeit -keystore client.keystore
  To generate client certificate -
  keytool -export -alias tomcat-cl -storepass changeit -file client.cer -keystore client.keystore
  Thne I import server's certificate into client keystore and Client's certificate to server's keystore by
  import server's cer to client keystore -
  keytool -import -v -trustcacerts -alias tomcat -file "C:\java\jdk1.6.0_10\bin\server.cer" -keystore client.keystore -keypass changeit -storepass changeit
  inport client's cer to server keystore -
  keytool -import -v -trustcacerts -alias tomcat -file "C:\jdk1.6.0_06\bin\client.cer" -keystore server.keystore -keypass changeit -storepass changeit
  when i try to call webservices through a java client (which is called by a python script), I get error as
  *"Exception while waiting for close java.net.SocketException: Software caused connection abort: recv failed"*
  *"faultString: java.net.SocketException: Software caused connection abort: recv failed"*
  complete log is as following
  C:\apache-tomcat-6.0.10\webapps\webservice>tradereport.py
  Jun 23, 2008 3:05:59 PM currenex.share.log.CxLogger log
  INFO: details=before SSL change
  Jun 23, 2008 3:05:59 PM currenex.share.log.CxLogger log
  INFO: details=after SSL change
  log4j:WARN No appenders could be found for logger (org.apache.axis.i18n.ProjectResourceBundle).
  log4j:WARN Please initialize the log4j system properly.
  trigger seeding of SecureRandom
  done seeding SecureRandom
  %% No cached client session
  *** ClientHello, TLSv1
  RandomCookie: GMT: 1214213509 bytes = { 50, 7, 252, 244, 34, 192, 54, 190, 160, 197, 162, 65, 78, 3, 120, 182, 179, 199
  , 160, 208, 223, 247, 41, 216, 188, 138, 228, 70 }
  Session ID: {}
  Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_1
  28_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_
  DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA
  _EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WI
  TH_DES40_CBC_SHA]
  Compression Methods: { 0 }
  main, WRITE: TLSv1 Handshake, length = 73
  main, WRITE: SSLv2 client hello message, length = 98
  main, READ: TLSv1 Handshake, length = 7873
  *** ServerHello, TLSv1
  RandomCookie: GMT: 1214213504 bytes = { 98, 89, 26, 148, 19, 15, 45, 155, 163, 196, 220, 193, 150, 127, 19, 44, 130, 16
  5, 78, 243, 155, 34, 214, 123, 198, 89, 102, 15 }
  Session ID: {72, 95, 110, 128, 129, 101, 2, 252, 120, 147, 235, 106, 51, 210, 236, 197, 28, 197, 154, 236, 116, 85, 185
  , 177, 153, 9, 235, 160, 228, 124, 191, 206}
  Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
  Compression Method: 0
  %% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
  ** SSL_RSA_WITH_RC4_128_MD5
  *** Certificate chain
  chain [0] = [
  Version: V3
  Subject: CN=Anuj-Shukla, OU=X, O=Y, L=Z, ST=XY, C=YZ
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
  Key: Sun RSA public key, 1024 bits
  modulus: 1155910927093088021038703558200517321935975136532818479526927502986487608253029863427194046282623217778572406
  007584457425344367852682875007488075549568987019062497769571000978532532156228707400592262495876461712276454493567147822
  56749486566093981751121311864618619780132448329770352303648687445023336431685957
  public exponent: 65537
  Validity: [From: Mon Jun 23 14:17:18 GMT+05:30 2008,
                 To: Sun Sep 21 14:17:18 GMT+05:30 2008]
  Issuer: CN=Anuj-Shukla, OU=X, O=Y, L=Z, ST=XY, C=YZ
  SerialNumber: [    485f6316]
  Algorithm: [SHA1withRSA]
  Signature:
  0000: 48 05 F9 A9 89 C6 87 83 C4 02 C4 44 F4 7C A0 54 H..........D...T
  0010: F6 9A 57 69 F0 DB 37 79 FD 8F 90 E9 8F 3E C2 DB ..Wi..7y.....>..
  0020: 9F D7 CC 15 28 0A 73 80 0A DC D0 7F EC 1C EE BD ....(.s.........
  0030: 23 EF E7 28 79 F3 7F C7 CC 7D A6 C6 F7 59 9A 17 #..(y........Y..
  0040: 73 ED 8B FF 6A 76 7F F7 4F 97 48 DF 23 A6 4C 42 s...jv..O.H.#.LB
  0050: B2 B4 5C 00 D0 77 88 12 F4 97 4E 66 7C EE F0 66 ..\..w....Nf...f
  0060: E6 95 8C B1 58 BF C5 E8 B5 64 A3 D5 5E EA 07 02 ....X....d..^...
  0070: FE 3D 63 7F F4 0B DC 86 66 B7 4B 4F 0C 1C 69 0F .=c.....f.KO..i.
  *** CertificateRequest
  Cert Types: RSA, DSS
  Cert Authorities:
  <CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE>
  <[email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte
  Consulting, L=Cape Town, ST=Western Cape, C=ZA>
  <[email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc,
  L=Cape Town, ST=Western Cape, C=ZA>
  <CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE>
  <CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US>
  <CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US>
  <CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE>
  <CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by
  ref. (limits liab.), O=Entrust.net>
  <OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
  <CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
  <CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE>
  <CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE>
  <OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certificat
  ion Authority - G2, O="VeriSign, Inc.", C=US>
  <OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
  <CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. b
  y ref. (limits liab.), O=Entrust.net, C=US>
  <CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE>
  <[email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consu
  lting cc, L=Cape Town, ST=Western Cape, C=ZA>
  <CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS i
  ncorp. by ref. limits liab., O=Entrust.net, C=US>
  <CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only"
  , OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
  <[email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCe
  rt, Inc.", L=ValiCert Validation Network>
  <CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE>
  <CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
  <CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE>
  <OU=Equifax Secure Certificate Authority, O=Equifax, C=US>
  <OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US>
  <CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US>
  <CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only"
  , OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
  <CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB>
  <OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certificat
  ion Authority - G2, O="VeriSign, Inc.", C=US>
  <CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
  <OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certificat
  ion Authority - G2, O="VeriSign, Inc.", C=US>
  <OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US>
  <CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2>
  <CN=Anuj-Shukla, OU=X, O=Y, L=Z, ST=XY, C=YZ>
  <CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incor
  p. by ref. (limits liab.), O=Entrust.net>
  <OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US>
  <[email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte C
  onsulting, L=Cape Town, ST=Western Cape, C=ZA>
  <[email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consu
  lting, L=Cape Town, ST=Western Cape, C=ZA>
  <CN=Client, OU=X, O=Y, L=Z, ST=XY, C=YZ>
  <CN=GeoTrust Global CA, O=GeoTrust Inc., C=US>
  <OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
  <CN=Sonera Class1 CA, O=Sonera, C=FI>
  <OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US>
  <CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
  <CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake Cit
  y, ST=UT, C=US>
  <CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only"
  , OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
  <CN=America Online Root Certification Authority 1, O=America Online Inc., C=US>
  <CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by
  ref. (limits liab.), O=Entrust.net>
  <CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US>
  <CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
  <CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
  <CN=Sonera Class2 CA, O=Sonera, C=FI>
  <CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE>
  *** ServerHelloDone
  *** Certificate chain
  *** ClientKeyExchange, RSA PreMasterSecret, TLSv1
  main, WRITE: TLSv1 Handshake, length = 141
  SESSION KEYGEN:
  PreMaster Secret:
  0000: 03 01 E5 87 BC 2A E8 70 60 BA DE FA BB 42 2D 1E .....*.p`....B-.
  0010: 3D 21 DB 52 A7 6C FC 55 9F 77 3A 97 B5 33 F7 33 =!.R.l.U.w:..3.3
  0020: 2A FD 65 5A 78 CE 1F F4 63 29 15 D1 48 4C 46 7A *.eZx...c)..HLFz
  CONNECTION KEYGEN:
  Client Nonce:
  0000: 48 5F 6E 85 32 07 FC F4 22 C0 36 BE A0 C5 A2 41 H_n.2...".6....A
  0010: 4E 03 78 B6 B3 C7 A0 D0 DF F7 29 D8 BC 8A E4 46 N.x.......)....F
  Server Nonce:
  0000: 48 5F 6E 80 62 59 1A 94 13 0F 2D 9B A3 C4 DC C1 H_n.bY....-.....
  0010: 96 7F 13 2C 82 A5 4E F3 9B 22 D6 7B C6 59 66 0F ...,..N.."...Yf.
  Master Secret:
  0000: 98 D5 9E C0 97 14 DB 9F 0E 3B 15 6B 1E F8 06 2C .........;.k...,
  0010: 27 99 A4 69 B8 E4 16 03 BD 89 B9 D0 CB C5 C9 DF '..i............
  0020: AE 4B 16 56 56 B2 02 F8 E0 71 1D D8 04 05 11 BF .K.VV....q......
  Client MAC write Secret:
  0000: 6F B7 22 74 D6 1E 44 16 C5 CB CE CE 8E 0F 46 E1 o."t..D.......F.
  Server MAC write Secret:
  0000: F8 DA 34 1A 53 55 E0 6D 50 25 3E 7F E5 69 91 51 ..4.SU.mP%>..i.Q
  Client write key:
  0000: F7 05 6E 10 62 0C AE 4A BC 96 E2 25 BA BC 46 BD ..n.b..J...%..F.
  Server write key:
  0000: E2 7D 11 FF 4A F3 C5 4F 94 9D 5C 57 71 5A 16 D1 ....J..O..\WqZ..
  ... no IV used for this cipher
  main, WRITE: TLSv1 Change Cipher Spec, length = 1
  *** Finished
  verify_data: { 216, 54, 180, 236, 72, 70, 181, 20, 31, 128, 165, 12 }
  main, WRITE: TLSv1 Handshake, length = 32
  main, waiting for close_notify or alert: state 1
  main, Exception while waiting for close java.net.SocketException: Software caused connection abort: recv failed
  main, handling exception: java.net.SocketException: Software caused connection abort: recv failed
  Jun 23, 2008 3:06:06 PM currenex.share.log.CxLogger log
  INFO: details=Exception occured while calling Login service in callLoginWebService
  AxisFault
  faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
  faultSubcode:
  faultString: java.net.SocketException: Software caused connection abort: recv failed
  faultActor:
  faultNode:
  faultDetail:
  {http://xml.apache.org/axis/}stackTrace:java.net.SocketException: Software caused connection abort: recv failed
  at java.net.SocketInputStream.socketRead0(Native Method)
  at java.net.SocketInputStream.read(Unknown Source)
  at com.sun.net.ssl.internal.ssl.InputRecord.readFully(Unknown Source)
  at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.waitForClose(Unknown Source)
  at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(Unknown Source)
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.sendChangeCipherAndFinish(Unknown Source)
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
  at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
  at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
  at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
  at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
  at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
  at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
  at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
  at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
  at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
  at org.apache.axis.client.Call.invoke(Call.java:2767)
  at org.apache.axis.client.Call.invoke(Call.java:2443)
  at org.apache.axis.client.Call.invoke(Call.java:2366)
  at org.apache.axis.client.Call.invoke(Call.java:1812)
  at currenex.webservice.share.definitions.AuthenticationBindingStub.login(AuthenticationBindingStub.java:362)
  at currenex.webservice.clients.util.WebserviceTestUtil.callLoginLogoutWebService(WebserviceTestUtil.java:132)
  at currenex.webservice.clients.util.TradeCreateTester.createWebLogin(TradeCreateTester.java:64)
  {http://xml.apache.org/axis/}hostname:anuj
  java.net.SocketException: Software caused connection abort: recv failed
  at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
  at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:154)
  at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
  at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
  at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
  at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
  at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
  at org.apache.axis.client.Call.invoke(Call.java:2767)
  at org.apache.axis.client.Call.invoke(Call.java:2443)
  at org.apache.axis.client.Call.invoke(Call.java:2366)
  at org.apache.axis.client.Call.invoke(Call.java:1812)
  at currenex.webservice.share.definitions.AuthenticationBindingStub.login(AuthenticationBindingStub.java:362)
  at currenex.webservice.clients.util.WebserviceTestUtil.callLoginLogoutWebService(WebserviceTestUtil.java:132)
  at currenex.webservice.clients.util.TradeCreateTester.createWebLogin(TradeCreateTester.java:64)
  Caused by: java.net.SocketException: Software caused connection abort: recv failed
  at java.net.SocketInputStream.socketRead0(Native Method)
  at java.net.SocketInputStream.read(Unknown Source)
  at com.sun.net.ssl.internal.ssl.InputRecord.readFully(Unknown Source)
  at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.waitForClose(Unknown Source)
  at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(Unknown Source)
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.sendChangeCipherAndFinish(Unknown Source)
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
  at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
  at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
  at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
  at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
  ... 12 more
  Jun 23, 2008 3:06:06 PM currenex.share.log.CxLogger log
  INFO: details=Login response is null, login was not successful
  Login was unsuccessful
  *In apache's server.xml, My webservice is deployed as*
  <Connector className="org.apache.catalina.connector.http.HttpConnector"
       port="8443" minProcessors="5" maxProcessors="75" enableLookups="true"
       acceptCount="10" debug="0"
       protocol="HTTP/1.1" SSLEnabled="true" secure="true"
  maxThreads="150" scheme="https"
       keystoreFile="lib/server.keystore"
  keystorePass="changeit" clientAuth="true"
            >
            <Factory className="org.apache.catalina.net.SSLServerSocketFactory"
       protocol="TLS"/>
  </Connector>
  Please note clientAuth="true" parameter,
  when I set it to false, My test runs smoothly and no exception/issue is reported
  Not to forget, my javaclient has following lines too..
  //System.setProperty("javax.net.ssl.keyStore", "C:\\java\\jdk1.6.0_10\\jre\\lib\\security\\cacerts");
  //System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
  //System.setProperty("javax.net.ssl.trustStore", "C:\\java\\jdk1.6.0_10\\jre\\lib\\security\\cacerts");
  //System.setProperty("java.protocol.handler.pkgs" , "com.sun.net.ssl.internal.www.protocol");
  System.setProperty("javax.net.ssl.trustStore","C:\\java\\jdk1.6.0_10\\bin\\client.keystore");
  System.setProperty("javax.net.ssl.trustStorePassword","changeit");
  //System.setProperty("com.sun.net.ssl.rsaPreMasterSecretFix" , "true");
  //System.setProperty("javax.net.ssl.keyStore", "C:\\java\\jdk1.6.0_10\\bin\\server.keystore");
  //System.setProperty("javax.net.ssl.keyStorePassword","changeit");
  System.setProperty("javax.net.debug", "ssl");
  s_log.info("after SSL change");
  I tried all possible combinbations of these properties but nothing worked...
  Please let me know if I am missing any required step.. here
  Ask me if you want to know more details about my problem.
  This is very urgent and critical.. Many thanks in advance.

  Hi ejp,
  thanks for your reply. I did read your post in other thread that you pointed.
  I had searched quite a lot on this issue and had idea that it might be due to firewall settings..
  but sadly, I don't know the solution. Well, you have seen the entire code that I wrote and exception too, Could you suggest me a way out? or any specific firewall setting or a workaround?
  Please let me know if you need any other info from my side regarding the code.
  Thanks a Ton!
  Anuj

• How to create a new user over HTTPS

  Hi. I have set up conf.xml and web.xml so that when the user accesses a page in the secure area of the website, then they are taken to a login page where they enter their username and password and the form calls j_security_check on the server. All this happens over SSL as the transport garauntee is CONFIDENTIAL. But how to create a new user over HTTPS? If I have a create new account pages in the secure area of the website, then the only way the user can access these pages is by logging in, but they don't have a login as yet.

  An update. It looks that if the auth-constraint section (which lists the roles that can access this area) is missing, then everyone can access the region and it is over HTTPS. So far, the following seems to be working
     <security-constraint>
        <display-name>View My Account</display-name>
        <web-resource-collection>
           <web-resource-name>My Account Area</web-resource-name>
           <url-pattern>/myaccount/*</url-pattern>
        </web-resource-collection>
        <auth-constraint>
           <role-name>myrole</role-name>
        </auth-constraint>
        <user-data-constraint>
           <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
     </security-constraint>
     <login-config>
        <auth-method>FORM</auth-method>
        <realm-name>Form-Based Authentication Area</realm-name>
        <form-login-config>
           <form-login-page>/newaccount/login.html</form-login-page>
           <form-error-page>/newaccount/loginerr.html</form-error-page>
        </form-login-config>
     </login-config>
     <security-role>
        <role-name>myrole</role-name>
     </security-role>
     <security-constraint>
        <display-name>Create New Account</display-name>
        <web-resource-collection>
           <web-resource-name>New Account Area</web-resource-name>
           <url-pattern>/newaccount/*</url-pattern>
        </web-resource-collection>
        <user-data-constraint>
           <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
     </security-constraint>