FYI - E71 browser bug in HTTP POST authentication

Some time ago I wrote a simple CGI script to upload photos from my old Nokia 6820. (but as the camera was so awful, I didn't use it much...)
When I tried to use it with my new E71, it didn't work and the browser exited unexpectedly.
When I had a look, it seems I had a public page with a form to upload a file using  POST, then a CGI script that required basic authentication (i.e. a password). The N71 uploaded the file, got a 401 response, then died. Working browsers upload the file, get a 401, pop up a password dialogue, then resubmit the file with an authentication string and get the success response.
This seemed a somwhat crazy way to do it, on reflection, so I moved the form into the CGI directory. Now it works on the N71 - does an authentication step on the GET, and sends the authentication string with the first and only POST request.
(version 100.07.76; says latest for my phone in Canada)

After having read the RFC 4954, I must agree that the RFCs are a bit contradictory in this case.
RFC 2821 states that "all buffers and state tables [are] cleared". RFC 4954 states, that "after an AUTH command [...] no more AUTH commands may be issued [...]".
Taking both statements together, it wouldn't be possible to send two Emails within one authenticated session.
I digged into that a bit deeper, and discovered that some guys already found this contradiction:
http://notabug.com/2002/drums-archive/6812
Unfortunately they simply removed the sentence. Replacing it with a more precise statement would have been much better. Especially the behaviour of the RSET command in authenticated connections should have been descibed.
So the RSET command resets all buffers and state tables of a _transaction_. The buffers and state tables of the _connection_ remain untouched. So the RSET command shouldn't flush an authentication, because it belongs to a _connection_.
Due to this misleading statements, we have some (a lot of) mail servers out there which flush the authentication. So it might be a good idea to take out the RSET command after the AUTH, though Nokia/Symbian implementation is not against the RFCs.
Simply go through the topics, and you will see that a lot of people have problems sending Emails. And they blame their Nokia, because all other mail clients work flawless.
So I agree: An RSET directly after an AUTH shouldn't do any harm. But in reality it does - due to misleading RFCs and therefore incorrect server implementations. And as you say, RSET doesn't make much sense there, so it should be removed.
Kreye

Similar Messages

  • HTTP authentication key for hand shake at receiver side for HTTP POST

    Hi All,
    HTTP post receiver system is expecting an authentication key to be send by PI HTTP_AAE adapter while posting XML message to them.
    The receiver system has a utility program in JAVA to validate this key. Has anyone done this kind of scenario in PI 7.31/7.4
    How does this simple authentication mechanism works? If this doesn't work, we have to rely on just uname/pwd but that is not really recommended for our landscape because of security concerns. So the key is the only better option as of now. Please help!!
    thx
    mike
    Attached some import packages used in the java util program in the receiver system. for  validating the authentication key send by PI
    import java.security.MessageDigest;
    import java.util.Calendar;
    import java.security.NoSuchAlgorithmException;
    import java.io.UnsupportedEncodingException;
    import java.io.IOException;
    import sun.misc.BASE64Encoder;
    import sun.misc.BASE64Decoder;
    I am not pasting the java program utility here due to proprietary reasons. thx for understanding

    Hi Michael
    You can construct the target URL to include the query parameter/value using Dynamic Configuration in Message Mapping.
    This previously worked on the ABAP HTTP adapter, but from the thread below it seems it is not supported on the HTTP_AAE. Not sure what version you are on, and if SAP has provided support for this in the latest SPs.
    HTTP_AAE Adapater - using of dynamic url parame... | SCN
    If HTTP_AAE approach can't work for you, you can use the SOAP adapter - check ASMA and "Do not use SOAP envelope"
    Here is a snippet of the code you can use in a UDF for your message mapping
       //write your code here
      DynamicConfiguration conf = (DynamicConfiguration)container
        .getTransformationParameters()
        .get(StreamTransformationConstants.DYNAMIC_CONFIGURATION);
    DynamicConfigurationKey key = DynamicConfigurationKey.create("http://sap.com/xi/XI/System/SOAP", "TServerLocation");
    String url = "http://local.yahooapis.com/MapsService/V1/mapImage?appid=" + appid + "--&street=" + street + "&city=" + city + "&zip=" + zip;
    conf.put(key, url);
    return appid;
    Rgds
    Eng Swee

  • Http_utl.text_write for http 'POST" does not work

    i have a proc that uses utl_http code I have seen all over on web sites for 'POST'ing to a REST web service ..... i use utl_http.write_text to write data to the request body but no data gets written ...... below are the code segments I use
    url entered directly into browser that **works fine**: http://www.media.com/admintool/Services.aspx?par_string=[{ "PAR_Transaction_Id" : 5566338, "MRI_Title_Name" : "4 Wheel & Off Road"}]
    calling routine:
    declare
    l_url varchar2 (300) := 'http://www.media.com/admintool/Services.aspx';
    l_data clob;
    l_query varchar2(32767);
    begin
    dbms_output.enable(3000000);
    l_data := '[{
    "PAR_Transaction_Id" : 5566338,
    "MRI_Title_Name" : "4 Wheel & Off Road"}]
    http_util_pkg.http_post(
    p_url_in => l_url, p_data_in => l_data);
    end;
    called routine segment:
    l_http_req := utl_http.begin_request (p_url_in, 'POST');
    -- Set the HTTP request headers
    utl_http.set_header(l_http_req, 'User-Agent', 'Mozilla/4.0');
    utl_http.set_header(l_http_req, 'content-type', p_data_type);
    utl_http.set_header(l_http_req, 'content-length', v_length);
    -- Write the data to the body of the HTTP request
    utl_http.write_text(l_http_req, 'par_string=');
    while v_index <= v_length
    loop
    utl_http.write_text(l_http_req, substr(p_data_in, v_index, 4000));
    dbms_output.put_line ('data = ' || substr(p_data_in, v_index, 4000));
    v_index := v_index + 4000;
    end loop;
    results .... you can see below that the header content length is non-zero but the response header says there is no content, so something is haywire with the write_text method
    url = http://www.media.com/admintool/Services.aspx
    length in data = 1271
    http package; url = http://www.media.com/admintool/Services.aspx
    after set authentication
    after write headers
    data = [{
    "PAR_Transaction_Id" : 5566338,
    "MRI_Title_Name" : "4 Wheel & Off Road"}]
    after write text
    status code: 200
    reason phrase: OK
    Connection: close
    Date: Tue, 06 Apr 2010 03:59:27 GMT
    Server: Microsoft-IIS/6.0
    X-Powered-By: ASP.NET
    X-AspNet-Version: 2.0.50727
    Cache-Control: private
    Content-Length: 0 *************** response header says no content !!!
    can you help me figure out what is wrong with the utl_http.write_text method ???
    thank you

    Please do not resurrect old threads - rather ask your question in a new thread. If need be, add a URL in your new thread posting that refers to the old thread. Also add as much relevant details as possible. Your Oracle version (all 4 digits). Your o/s. If possible, sample code and data that can be used as a test case. Complete error details. And what the intent of the code is (i.e. what the actual problem is that you're trying to solve).
    As for HTTP post - works just fine as far as I've used it.

  • Securing Web Applications by HTTP Basic Authentication

    We are working on providing security for web applications in Webdynpro.We downloaded the material from net regarding this.In that it was mentioned to open the webdynpro project's web.xml file in the Netweaver Developer Studio.In the material,we are asked to click the General  TAb and check "Login Configuration".But there is no such checkbox in our general tab screen.Also many tabs are missing like Context,Resources,mapping,Environment,EJB's,Web objects.How to enable/display these tabs?Is there any means of setting properties in the server to get these tabs?
    regards,
    J.Iswaryal
    K.Brinda

    Hi J.Iswaryal,
    I guess two things based on your post.
    1. You have created one wer service and you want to make secure this web service using HTTP basic authentication.
    2. You have such wweb service and you want to consume this web service lets say in webdynpro application.
    <b>For, point one,</b>
    After creating web service goto webservice perspective in NWDS. there, choose your web service project.
    Now, open Web service configuration file recided in your project.
    Here, go under config1-> security and double click on it.
    It will display security options for this web service.
    Choose transport protocol as HTTP, Authentication mechanism as HTTP authentication and choose Basic radio button.
    Now, save this, rebuild this and deploy on server.
    <b>For point 2,</b>
    Make model for your web service.
    before calling your web service, set your username and password in code as shown below.
    wdContext.current<web service model node>element().modelobject()._setusername(<username>);
    wdContext.current<web service model node>element().modelobject()._setPassword(<password>);
    Rehards,
    Bhavik

  • SOAP over HTTP/POST

    Hi everyone,
    I'd be eternally grateful if someone could provide me with a quick + easy solution to the following (basic?) task.
    I have a user form with the required parameters and a submit button. I have an XML schema which specifies the format for the soap requests and responses. How do I accept user input, wrap it into a soap request, send it via HTTP/POST to a server ( http://localhost:9999/xyz/xyz), wait for a soap response and display the response in a readable format to the user when they press the submit button? Not that hard is it?!
    Please try to be a specific as possible because I'm no Java expert. I'm just so confused with all the tutorials about wsdl, bpel, tomcat, jax ws, glassfish etc etc etc!
    I use netbeans and java app server 9, though I'm open to other IDEs/servers.
    Any help will be greatly appreciated,
    Ruth

    https://saaj.dev.java.net/source/browse/*checkout*/saSAAJ: aj/saaj-ri/docs/index.html
    The Java Web Services Tutorial:
    http://java.sun.com/webservices/docs/1.6/tutorial/doc/index.html
    (Chapter 5)
    SOAP Tutorial: http://www.w3schools.com/soap/default.asp

  • Get file from HTTP POST (upload image)

    Hello,
    I would like to integrate http://www.plupload.com flash component to my APEX 4.1 website. I need it because I want to resize image and transform image before upload on client side, upload multiple files etc..
    But I don't know how to read image binary data from POST method.
    When I hit "Start upload" button on plupload component it makes some transformations and creates POST method like this:
    ------pluploadboundary1334433145869
    Content-Disposition: form-data; name="name"
    p16qp6jm3nhan1ca46me1ocr3tu1.jpg
    ------pluploadboundary1334433145869
    Content-Disposition: form-data; name="chunks"
    1
    ------pluploadboundary1334433145869
    Content-Disposition: form-data; name="chunk" 0
    ------pluploadboundary1334433145869
    Content-Disposition: form-data; name="file"; filename="centerd.jpg"
    Content-Type: image/jpeg
    ÿØÿà�JFIF������ÿÛ�„�
    image content
       now I would like to read content of this HTTP POST and read sended image and store it to DB.
    Question is... how can I read file sended with HTTP POST in APEX pl/sql process or pl/sql procedure?
    Thank you...
    Edited by: cardel on Apr 14, 2012 11:17 PM

    Hi,
    here are my two cents ...
    this will be a bit difficult. When you use the standard APEX File upload it is not PL/SQL handling the POST request. The request is handled by the webserver - depending on the variant you are using it is either mod_plsql, the C code of the Embedded Gateway or the APEX Listener. The webserver is also doint the insert into APEX' file repository. So I see two options:
    It might be possible to configure your plugin (don't know about it) the behave the same as a standard browser upload. Then for APEX there would be no difference - mod_plsql should handle the files accordingly.
    If you want to handle the POST request yourself, as said, you can't do this in PL/SQL. It would be possible to write a Java servlet doing this and deploy that servlet on the same container as the APEX Listener (when using Apache with mod_plsql you would need an additional Java server for that) ....
    Hope this helps ...
    Best regards
    -Carsten

  • HTTP POST from ECC 6.0 to XI

    On ECC 6.0, I have an XMLstring that I need to post to an external URL.  I need this to go through XI.  It is actually an HTTPS post.  How can this be accomplished?  Can anyone point me in the right direction as far as how this would work in XI?  Here is a smippet of code on ECC
    CALL METHOD cl_http_client=>create
        EXPORTING
          host          = POST_HOST
          service       = '443'
          scheme        = '2'
          ssl_id        = 'ANONYM'
       proxy_host    =  wf_proxy
       proxy_service =  wf_port
        IMPORTING
          client        = http_client.
      http_client->propertytype_logon_popup = http_client->co_disabled.
      wf_user = '' .
      wf_password = '' .
    proxy server authentication
      CALL METHOD http_client->authenticate
        EXPORTING
          proxy_authentication = 'X'
          username             = wf_user
          password             = wf_password.
      CALL METHOD http_client->request->set_header_field
        EXPORTING
          name  = '~request_method'
          value = 'POST'.
      CALL METHOD http_client->request->set_header_field
        EXPORTING
          name  = '~request_protocol'
          value = 'HTTPS/1.0'.
      CALL METHOD http_client->request->set_header_field
        EXPORTING
          name  = 'HOST'
          value = POST_HOST.
      CALL METHOD http_client->request->set_header_field
        EXPORTING
          name  = '~request_uri'
          value = L_POST_URI.
      CALL METHOD http_client->request->set_header_field
        EXPORTING
          name  = 'Content-Type'
          value = 'text/xml; charset=utf-8'.
      CALL METHOD http_client->request->set_header_field
        EXPORTING
          name  = 'Content-Length'
          value = txlen.

    Hi Tony,
    You need to go through multiple steps.
    1) Creation of Scenario in XI ( Integration Repository)
         First create datatype which will represent the data that is to be passed to URL. Then message type, message interface, message mapping, Interface mapping.
    2) Creation of Directory scenario ( Integration Directory)
         Need to create Communication channel using either SOAP adapter or HTTP adapter as you need to pass the data to url.
    3) Proxy:
       Once you create first step then structure will be available in proxy ( SPROXY transaction) . There you will need to call method for outbound proxy.
    For above mentioned steps you can search in SDN which will guide you to multiple helping thread.

  • Submitting a PDF form via HTTP Post: Beginner's Questions

    Hi,
    I am completely new to PDF forms, so I have been finding the documentation and options overwhelming.
    I am hoping to get pointed to the documentation/tutorials/examples I really need.
    I would like to build a "proof of concept" for my boss.  I would like to include a screen in our Java ( JSP & Spring ) webapp where either a PDF form is embedded or is accessed via a link.
    I have
    Adobe Acrobat Distiller X standard license
    Adobe Acrobat X Standard
    Microsoft Office 2010
    I made a small, 3 field Microsoft Word form.  I then converted it via DIstiller into a PDF form.
    I then found this document about how to submit a PDF form to a server side component:
    http://acrobatusers.com/tutorials/form-submit-e-mail-demystified
    My big problem with this document it doesn't have an example nor an example showing what is going on in a full HTML page.   As I result I have some questions:
    Can I see such an example somewhere?
    Does the call to the javascript function doc.SubmitForm(urlToMyServerSideComponent) go in a script tag on the HTML page like other javascripts?
    Can I execute that submit function from an HTML button or do I need to put a "submit" button on the PDF form?
    Do I need Adobe LiveCycle in order to create a PDF form with a "submit" button?  Free versions?
    Can I send via HTTP POST ?
    Do I need Adobe LiveCycle to crate a PDF form with a digital signature?
    Is there a document/tutorial that fits where I am starting off from? ( Please no books, I am tyring to show my boss that this is something that can be done, in a reasonable amount of time, not time to get and go through a book ).
    Thanks in advance for any tips that get me pointed in the right direction
    Steve

    To answer some of your specific questions:
    2, 3. The submit form button needs to be on the PDF. You can either configure a Submit Form action or use the submitForm JavaScript method.
    4, 6: No to both questions. You can create the form in Acrobat. Such forms are knows as Acroforms, as opposed to XFA forms that are created with LiveCycle Designer. Acroforms have wider support.
    5: Yes, that's the method that's used when submitting to a web server. You have your choice of formats. The "HTML Form" option causes the form data to be submitted in the same format as an HTML form, so the same type of server-side code can be used to process the data. As Dave's tutorial shows, the server should return an FDF as the response, however, as opposed to HTML content.
    It's a mistake to try to embed the PDF in a web page. So much depends on the user's browser, PDF viewer, and how both are configured. PDF forms can be submitted directly from Adobe Reader/Acrobat, so it's not necessary for them to be viewed in a browser. Note that Adobe Reader for iOS/Android don't yet support submitting to a web server (apart from FormsCentral), but that's is supposedly being worked on.
    Since you mentioned digital signatures, be aware that for Reader users to be able to sign, the document has to be Reader-enabled, either with Acrobat Pro or LiveCycle Reader Extensions (which is not the same as LiveCycle Designer). Digital signatures in PDF forms are not yet supported on mobile devices. Also, you will want to submit the entire PDF, as opposed to just the form data, when submitting a digitally signed form.

  • How to call HTTP Post Method URL in SOA 10g

    Hi,
    I have a requirement where i need to call a HTTP Post Method, I have a URL, if i hit it in the browser, i am getting the response details. I know there is a HTTP Binding Adapter in 11g, but we are on 10g. Can anyone please let me know whether we can do it in 10g and how ?
    Thanks Always
    N

    You will need to write the WSDL by yourself. Just make sure you have the end point detail, operation name(if required) and the schema available to write the WSDL.

  • How to call HTTP POST method in SOA 10g

    Hi,
    I have a requirement where i need to call a HTTP Post Method, I have a URL, if i hit it in the browser, i am getting the response details. I know there is a HTTP Binding Adapter in 11g, but we are on 10g. Can anyone please let me know whether we can do it in 10g and how. ?
    Thanks Always
    N

    Look at 10g samples under tutorials/702.bindings.

  • HTTP POST to PHP server problem

    Hi, im trying post a long string to php from a MIDLET, but i have some problems. When i send the whole String, my php server cant receive the request (i have not any response), but, if the string that i send is 1/5 from the original, the process is successful correctly. have somebody any idea?
    thx

    this is my problem, extracted from another topic on this forum:
    "Hi everyone.
    I have a problem, and hope someone may help me.
    My midlet is uploading sizeable data via http POST.
    I'm using WTK104, since i need MIDP1.0
    The code have been tried on DefaultGrayPhone emulator
    and add-on Nokia's Series 60 Emulator.
    Both emulators chunck data, however in different ways.
    Deafult one simply produces wrong chunk length (possibly a bug),
    Nokia's one always chunks by equal offsets of 2016 bytes.
    I'm not using flushing, just close. All the data is being send
    at once by one output stream write call.
    So I believe (after proper investigation) that MIDP will use chunked Transfer-Encoding method whatever
    on such sizeable a data as mine is (up to 50KB) and there's no way to override this behaviour.
    Here the main problem appears - Apache refuses to accept chunked encoding in request. The corresposnding message is given in error log
    *chunked transfer encoding forbidden*. The returned code is 411 - Content-Length requred. I see no way to override this behaviour of Apache. I was trying to upload my data into Zope web-server, which is my primary goal, but it doesn't handle chunked request either.
    Has anyone faced the same problem? Who has managed to POST sizeable data from midlet? Which web servers did you use for that?
    Any inputs are highly appreciated!
    Anton"
    Another:
    "> So I believe (after proper investigation) that MIDP
    will use chunked Transfer-Encoding method whatever
    on such sizeable a data as mine is (up to 50KB) and
    there's no way to override this behaviour.Is this true? When I try to set the content-length headers and then write a large byte[] to the output stream I got from an HttpConnection, the HttpConnection appears to remove the content-length header altogether and automatically sets the transfer-encoding to chunked.
    Note- I am not calling flush on the outputstream, but I am calling httpconnection.getResponseCode, which I believe calls flush on the outputstream.
    Abraham"
    I have the identical problem.

  • Setting session state post-authentication

    Hi all,
    This application uses DATABASE ACCOUNT authentication, and has a post-authentication process that sets a few application items using code such as
    apex_util.set_session_state('F_MY_ITEM', v_my_value);These items are used to secure certain tab options within the application.
    The post-authentication PL/SQL works fine, I can't see anything wrong the the logic. I've debugged it and I know the values are being set. I'm checking the value of session state straight after using v('F_MY_ITEM'), along with checking my session ID matches up - everything seems ok there.
    The issue is that when I log in, the session state is not set for those items - even though the post-auth process is called with no errors raised. Apex debug states
    ... Session State: Save "MY_ITEM" - saving same value "Y"If I log out, then log in (without closing browser tab), the values are now set as expected (visual confirmation using conditionally displayed tabs, and of course checking session state from developer toolbar)
    Notably, Debug states something slightly different
    ... Session State: Save item "MY_ITEM" newValue="Y" escape_on_input="Y"There are a few other differences with the debug output, this this seems the most pertinent.
    The only difference I've been able to track down is if I'm logged into the application builder in the same browser.
    If I attempt to log in with a freshly opened browser, navigate directly to application URL, the behaviour works as expected. Tabs appear as if items are set.
    Could the fact I'm authenticated in the application builder be messing with session state behaviour?
    This is with Apex 4.0.2.00.07; agnostic to browser (IE/FF/Chrome); 11gr2
    Cheers,
    Scott

    I did consider this because I experienced the same thing with page processes.
    However, in this case my post-auth function is within a package and I don't use bind variables.
    I was essentially doing this in my package:
    apex_util.set_session_state('F_MY_ITEM', 'Y');
    my_log_proc(v('F_MY_ITEM'));And seeing Y in the debug log, yet once on my home page, viewing session state I see F_MY_ITEM as empty - unless in the scenario I described.
    It's not a showstopper since the users won't be logged in to the application builder, but it would be nice to know the cause.

  • Initiating an HTTPS post via Oracle Forms 6i

    Greetings all...
    Here is my problem. I would love some advise/next steps on solving it.
    We are currently using web-version of Forms 6i with the JInitiator 1.1.8.16. I have a new requirement for an existing form where it needs to initiate an HTTPS "post" (not "get") to a remote server and then receive a response of success or not and some other information that the form will then act upon. I believe this means I cannot simply use the "web.show_document" built-in because it uses the "get" method rather than the "post" method.
    Although I am a veteran Forms developer, I am new to all this java stuff. It has been recommended to me that I incorportate a JavaBean into the form to call on this remote service, but I have no idea what that means -- I've never opened JDeveloper. It was also mentioned that maybe there is already a JavaBean in existence that I can just use. I don't know what details of my situation would be useful to know to determine if one exists or not. Does this possibly existing JavaBean need to know already which URL I want to go to? Will it need to know the exact parameters I want to pass or could there be a JavaBean out there to simply "call any URL using the post method" regardless of the number of parameters to send it?
    I've looked through some of the forum for this question and since I'm clueless on java stuff, I didn't find anything that jumped out as an answer for me. Can someone (or many of you would be fine) clue me on the best approach? Thanx.
    Shane.

    Since the initial post above, I've discovered more to this situation that doesn't give me much hope of implementation.
    The "response" that I get back from the remove service is simply a "redirect" telling the initiating browser to go to a URL that I have to set up. When the response comes back, the remote service will tell the browser to go to this redirected URL with the "responses" as parameters in the URL resulting in the user's browser calling this "redirect" URL with a "get" method.
    Not sure what all that means to be honest, but am wanting to learn.
    Shane.

  • BPEL to invoke Webservice secured with HTTP Basic authentication

    Hi All,
    Iam trying to call a Synchronous BPEL porcess from BPEL by passing HTTP basic authentication.I have done below steps to achieve this.
    1) Created Target Synchronous process ex : B
    2) Created Source Syncronous Process ex : A
    Iam trying to call B(Target) from A(source).
    3) Open Composite.xml of A(Source)
    4) Right Click on External Refernce B(Target) parter link and click Configure WS policies
    5) Under Security tab attach oracle/wss_username_token_client_policy
    6) Login to em/console
    7) Right click on A(Source) Composite and click Service/Refence Properties>>B(Target)
    8) Enter username and password under HTTP Basic Authentication.
    9)Test from em.console(when we are testing under security tab I have checked None radio button)
    So this is the Error message which is throwing.
    ==================================
    The selected operation process could not be invoked.
    An exception occured while invoking the webservice operation. Please see logs for more details.
    oracle.sysman.emSDK.webservices.wsdlapi.SoapTestException: SOAP must understand error:{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security, {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security.
    java.lang.Exception: oracle.sysman.emSDK.webservices.wsdlapi.SoapTestException: SOAP must understand error:{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security, {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security. at oracle.sysman.emas.model.wsmgt.WSTestModel.invokeOperation(WSTestModel.java:570) at oracle.sysman.emas.view.wsmgt.WSView.invokeOperation(WSView.java:381) at oracle.sysman.emas.view.wsmgt.WSView.invokeOperation(WSView.java:298) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at com.sun.el.parser.AstValue.invoke(AstValue.java:157) at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:283) at org.apache.myfaces.trinidadinternal.taglib.util.MethodExpressionMethodBinding.invoke(MethodExpressionMethodBinding.java:53) at org.apache.myfaces.trinidad.component.UIXComponentBase.broadcastToMethodBinding(UIXComponentBase.java:1245) at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:183) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$1.run(ContextSwitchingComponent.java:87) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:298) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:91) at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:87) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$1.run(ContextSwitchingComponent.java:87) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:298) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:91) at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:81) at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:475) at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:756) at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._invokeApplication(LifecycleImpl.java:673) at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:273) at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:165) at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265) at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227) at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125) at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292) at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:85) at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:420) at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:54) at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:420) at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:247) at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:157) at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.help.web.rich.OHWFilter.doFilter(Unknown Source) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.emSDK.license.LicenseFilter.doFilter(LicenseFilter.java:101) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:191) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.emas.fwk.MASConnectionFilter.doFilter(MASConnectionFilter.java:41) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:159) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.eml.app.AuditServletFilter.doFilter(AuditServletFilter.java:179) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.eml.app.EMRepLoginFilter.doFilter(EMRepLoginFilter.java:203) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.core.app.perf.PerfFilter.doFilter(PerfFilter.java:141) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.eml.app.ContextInitFilter.doFilter(ContextInitFilter.java:527) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:202) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3588) at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321) at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121) at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2200) at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2106) at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1428) at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201) at weblogic.work.ExecuteThread.run(ExecuteThread.java:173) Caused by: oracle.sysman.emSDK.webservices.wsdlapi.SoapTestException: SOAP must understand error:{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security, {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security. at oracle.sysman.emas.model.wsmgt.PortName.invokeOperation(PortName.java:712) at oracle.sysman.emas.model.wsmgt.WSTestModel.invokeOperation(WSTestModel.java:564) ... 68 more Caused by: oracle.sysman.emSDK.webservices.wsdlapi.SoapTestException: SOAP must understand error:{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security, {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security. at oracle.sysman.emSDK.webservices.wsdlapi.dispatch.DispatchUtil.invoke(DispatchUtil.java:260) at oracle.sysman.emSDK.webservices.wsdlparser.OperationInfoImpl.invokeWithDispatch(OperationInfoImpl.java:843) at oracle.sysman.emas.model.wsmgt.PortName.invokeOperation(PortName.java:664) ... 69 more Caused by: javax.xml.ws.soap.SOAPFaultException: SOAP must understand error:{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security, {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security. at oracle.j2ee.ws.client.jaxws.DispatchImpl.throwJAXWSSoapFaultException(DispatchImpl.java:874) at oracle.j2ee.ws.client.jaxws.DispatchImpl.invoke(DispatchImpl.java:707) at oracle.j2ee.ws.client.jaxws.OracleDispatchImpl.synchronousInvocationWithRetry(OracleDispatchImpl.java:226) at oracle.j2ee.ws.client.jaxws.OracleDispatchImpl.invoke(OracleDispatchImpl.java:97) at oracle.sysman.emSDK.webservices.wsdlapi.dispatch.DispatchUtil.invoke(DispatchUtil.java:256) ... 71 more
    =======================================
    Please let me know if Iam missing any steps.
    Thanks
    SSV

    Followed this post.......
    This is avery good question
    in 11g i have taken out the steps from my document which i created for one our customer
    go to composite
    Right click on the external reference service and select “Configure WS policies” :done
    Under the security tab, click add button and select “oracle/ wss_username_token_client_policy :done
    6. Now Open the property Inspector window and click the add button under “Binding properties” tab. :done
    7. Include the “oracle.webservices.auth.username--> :done
    value-->password :done
    8. Include the “oracle.webservices.auth.password”-->name :done
    value-->password :done
    Thanks
    SSV

  • CL_HTTP_CLIENT, HTTP POST of XML as a form field, encoding

    I am working on a couple of interfaces between a SAPsystem (NetWeaver 2004s, ABAP stack) and another system.
    On the SAP side we are using the built-in HTTP-client (CL_HTTP_CLIENT).
    For the interface from SAP to the other system, the other system expects an XML as the value of a form field in an HTTP POST request.
    In fact, it was described as doing the equivalent to this HTML-fragment in a web-browser:
    <form action="http://over.there.com/interface/import.php" method="post">
      <p>Please enter your xml data:
        <textarea name="data" cols="50" rows="10"></textarea>
        <input type="submit" value="submit">
      </p>
    </form>
    I assume I will have to do a SET_METHOD in order to get the POST method (as opposed to GET) and a SET_FORM_FIELD (for field "data").
    According to the reference I found at W3C ( http://www.w3.org/TR/html4/interact/forms.html ), the default encoding method for a POST is "application/x-www-form-urlencoded". Does this mean I have to do this encoding myself?
    Could I opt for another encoding - "text/xml" for example? If so, how? With a SET_HEADER_FIELD?

    Thank you.
    This is how we set the context-type:
        call method client->request->if_http_entity~set_content_type
            exporting
              content_type = p_contyp.
    where p_contyp contained 'text/xml'.
    This is how we set the form-field data:
    call method client->request->if_http_entity~set_form_field
            exporting
              name  = p_formfd
              value = xmlstring.
    where p_formfd contained 'data' - the name that was specified.
    This is how we make the request a POST:
    call method client->request->set_method
          exporting
            method = 'POST'.

Maybe you are looking for