How to supress HTTP Header in AS2 Receive

I am trying to setup an AS2 connection (my first ever). My setup is an asynchronous receive and send port combination. Things are working fine and my trading partner is receiving the MDN. Trading partner does not want the HTTP header information when they
send the EDI over AS2. How can I suppress the below text from the successful http response from my receive location? I am guessing this would be something at the IIS layer. I got this link but this seems to be a thing of last resort.
http://blogs.msdn.com/b/varunm/archive/2013/04/23/remove-unwanted-http-response-headers.aspx
Content-Length: 0
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Tue, 26 Aug 2014 12:31:13 GMT
Please help!

Last resort or only option, either way, you have to follow the methods provided in that article.
The only other way to accomplish this would be writing a completely custom Adapter.

Similar Messages

How to add HTTP Header Response X-Frame-Options:SAMEORIGIN from OWA published via Forefront TMG 2010 to stop Clickjacking

How to add HTTP Header Response X-Frame-Options:SAMEORIGIN from OWA published via Forefront TMG 2010 to stop Clickjacking. I have put the IIS setting X-Frame-Options:SAMEORIGIN on my Internal CAS Server. However as the OWA page is published through
Forefront TMG 2010, the iFrame tag is not blocked when the page is first opened. Only when you login with your credentials to the OWA page inside the frame and the page reaches IIS on the Internal CAS it gets blocked. I want to block it in the first
instance when it is opened from TMG.

Hi,
Thank you for the post.
To modify the http header, please refer to this blog:
http://tmgblog.richardhicks.com/2009/03/27/using-the-isa-http-filter-to-modify-via-headers-and-prevent-information-disclosure/
Regards,
Nick Gu - MSFT

How to set HTTP header field "cookie" with http receiver adapter?

Hi,
I am using http receiver adapter (not axis) in a scenario. I could not set a parameter with key cookie in http header. Is there some kind of restriction to set it? I am able to set others like connection and create custom fields using ASMA and dynamic key configuration via UDF on mapping.
Could you please comment on, is cookie http parameter special or noneditable by PI's http adapter? I am looking for a solution without editing any abap code...
Regards,

I believe it is possible since axis adapter provides very same functionality. Let me summarize my scenario may be it helps:
I am trying to call series of webservice lets say in a BPM. First service (login service) will provide me with a session id (in http header with key Set-Cookie) then I will call another service which has that session id in its http header with key cookie then I am going to logout. So I am testing the second part now, but it doest let me send cookie http header parameter.
I hope I clarified a bit more my problem.
Regards,

How to read http header from Forms

Hi,
I have a forms application deployed on 10g AS. We are planning to integrate Oracle Identity management with our forms application. Currently, I access my forms application with an url, say http://hostname/forms/frmservlet?config=test. And, I get a Signon form, where I capture the logon and pwd, and specific to the user credential, I show another form. By integrating my appln with Identity management, I would be protecting my resource in the oracle access system, the WebGate component will do the backend authentication process along with the access server and the directoy service. Upon successful authentication, the DN form the LDAP repository (lets say the userid of my forms application) for the user is returned to the WebGate as http header information/cookie by the Access System. Now without altering the code in frmservlet Servlet, I need to capture the http header info (which contains the userid for the forms application of the user) in my default Signon form. How can I capture this?
Can someone please help
Regards,
Suresh

hi
the following link may helpful to you
http://e-docs.bea.com/wls/docs81/webserv/anttasks.html#1111537
Regards
Prasanna Yalam

How to supress the header if there is no detail record in the report

Hi,
I am trying to create a report using the TEXT_IO utility in oracle forms. The header part is created in one program unit and detail part is created in another program unit. How can I supress the header if there is no detail part? I came to know that I can use HOST command . How can I use this? Can any one help me in resolving this?
My report should apppear in the format specified below.
case number : 1
Name Address1 Address2 State ZIp
XXXXX XXXXXXX XXXXXXXx XXXXX XXXxx
case number: 2
Name Address1 Address2 State Zip
YYYYY YYYYYY YYYYYYY YYYYY YYYY
Edited by: 837462 on Feb 16, 2011 6:12 PM

Hi
i think it's a better idea to paste ur code here...
but logically... i supposed u have 2 function header_function & detail_function e.g. both functions returns either 1 or 0 if there is data then it returns and the contrary if returns 0
In the calling these functions i e.g. WHEN-BUTTON-PRESSED u need to validate as follow
DECLARE
v_header_output varchar(2);
v_detail_output varchar(2);
BEGIN
v_header_output := header_function ( PARAMETERS ... , ,);
v_detail_output := header_function ( PARAMETERS ... , ,);
IF v_detail_output = 0 THEN
v_header_output := 0; -- or u can do some works that change the return of the header_function to null or 0
END IF;
END;Hope it works...
Regards,
Abdetu...

How to access HTTP Header from within Web service?

Hello,
Is there a way to access HTTP header variables like CONTENT_TYPE, CONTENT_LENGTH from within Web Logic web service.
I was able to get the HTTP header variable from within Apache AXIS services by calling context.getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST
How can i do this from weblogic web service.
I need this to verify the client SSL_CLIENT_DN
In access I can get the header as follows.
HttpServletRequest req = (HttpServletRequest) context
.getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST);
clientID = req.getHeader("SSL_CLIENT_S_DN_Email");
Thanks
--Arun

hi
the following link may helpful to you
http://e-docs.bea.com/wls/docs81/webserv/anttasks.html#1111537
Regards
Prasanna Yalam

How to configure https head on GSS-4492-k9 ver 3.2 (0)?

I have upgraded gss to version 3.2(0) because I need to track a server that uses only https.
I configured a https head KA VIP answer type but the answer never goes on-line.
I tried using www.google.com as the VIP address but not go online too.
The gss is behind a firewall.
I suspected of the firewall but from the gss CLI it seems that the firewall is open for the https traffic:
200.189.189.232 is the server IP and 74.125.234.48 is the www.google.com IP
GSS-02.dms.local#telnet 200.189.189.232 443
Trying 200.189.189.232...
Connected to 200.189.189.232.
Escape character is '^]'.
Connection closed by foreign host.
GSS-02.dms.local#telnet 74.125.234.48 443
Trying 74.125.234.48...
Connected to 74.125.234.48.
Escape character is '^]'.
Connection closed by foreign host.
GSS-02.dms.local#
Can anyone help me on this configuration?
Thanks

Hi,
there's not much on CCO yet. Here's how the GUI looks like for the new probe:
http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/gss4400series/v3.2/release/note/GSSRN32.html#wp305534
If you don't find any clue in the GSS logs, try taking a traffic capture to check what the server is responding to the probe. Keep in mind only code 200 is accepted as a positive reply.
hope this helps,
Fabrizio

Attributes passed in HTTP Header but not received in my application!! Help

Hi all,
I am running Sun Directory Server 5.2, Access Manager 7.0 and Policy Agent 2.1 on an IBM Websphere 5.0 web server.
I am using a "shared" authorization model where I am using the AM only for the authentication part.
The way my application is structured, it is supposed to receive certain attributes from the LDAP and then based on these attributes the application does the authorization.
I am trying to receive the values using
request.getHeader("app_variable1").
However, sometimes the attribute picks the value and at other times it becomes null. It is not working consistently.
I have done the necessary changes required in the amAgent.properties file:
1. I have disabled the agent realm in websphere
2. com.sun.am.policy.amFilter.mode = SSO_ONLY
com.sun.am.policy.agents.do_sso_only = true
3. com.sun.am.policy.amFilter.ldapattribute.mode = HEADER
4.
com.sun.am.policy.amFilter.ldapattribute.map[attribute1]=app_variable1
com.sun.am.policy.amFilter.ldapattribute.map[attribute2]=app_variable2
// where attribute1 is an existing attribute in the LDAP
// where app_variable1 is the variable name which is mapped to the ldap attribute for getting the value in my application
// request.getHeader("app_variable1")
The values appear on the index.jsp page when I getHeader() there, but as soon as I forward to the Servlet which does the authorization, it behaves erraticaly - sometimes system.out.log has a "null" value for the attributes and at other times it gets the values and works fine.
Can somebody PLEASE tell me what is going on? I have tried out everything but just cant break through this one.
ANY help would be really appreciated....
Thanks...
Note: I also tried using cookies for passing values, and they work absolutely fine - consistently, but cookies are disabled in many browsers and hence carry a disadvantage. I HAVE to use headers - which are not giving the value consistently
--------

Bernhard:
Actually the headers are not set to null. I have an intermediate index.jsp page which is the first page that is redirected to by the AM - it is this page which calls my LoginServlet.
The value appears consistently on this index.jsp page but after it is forwarded to the LoginServlet it starts behaving inconsistently. I check the system.out log in my websphere /logs folder and that tells me that LoginServlet does not consistenly get these values from the header.
The wierd part is that if I use cookies or attributes, it works perfectly - each time every time. However, only in the case of headers (which is the method i am required to do) it behaves inconsistently.
ANY feedback/help on this would be really appreciated bern.. thanks..
~saahil

How to pass http header in outbound HTTP Binding?

I have to call a Rest service from my composite. The Rest service needs couple of Headers. I'm using HTTP Binding for this call.
How can I set the HTTP headers in the HTTP Binding outbound call ?
Thanks
--Sreeny

1. Right-click on HTTP binding adapter and select "configure WS policy"
2. Under security, click on "+" sign and add oracle/wss_http_token_client_policy
3.Go to Oracle Weblogic Admin console
Under Security Realms->myrealm->Users and Groups-> New User.
Add username/password
4.Go to Oracle Weblogic Enterprise Manager(EM)
Right click on Weblogic Domain->mydomain(it could be anyname or SOAClusterDomain)
select Security->credentials
Create a key named "mykey" (or any name) under oracle.wsm.security with the same username/password you have given on step 3.

Single-Sign-On (SSO) configuration on JAVA Stack through HTTP Header method

Hello SDN community,
in the context of a Proof of Concept, we are testing the integration of Microsoft Sharepoint Portal with SAP Backend (addin) systems.
As the architecture impose use an external scenario (access from the internet), we couldn't use the Kerberos (SPNego) solution and thus we chosed the http header solution which in short uses an intermediary web server (in this case the IIS of the MOSS solution) which will act as authority.
I miss information on how the workflow works for this http header authentication method. Through the visual administrator of the addin JAVA stack, it is possible to configure each application with a customized authentication (a choice of security modules). But this all that I know.
My task is to configure SSO. From a sharepoint portal, the user should be able to access Web Dynpros and BSPs. I imagine that the very first call to a webdynpro or bsp (or maybe when we log on the sharepoint portal), the request to the WDP or BSP will first be forwareded by the intermediary server to the JAVA stack (or is it the SAP dispatcher that has to be configured).
Is there an application to be built on the java stack to deal with the authentication, modify http header?
What will the Java stack return? a sap long ticket? a token?
How will the redirect work (to by example a BSP which is in the ABAP stack)?
SAP preconise to secure with SSL the link between the intermediary web server and the JAVA stack, is IP restriction also a solution?
A lot of questions about how this SSO http header should work,
I would be very greatful for any help, or info,
Kind regards,
Tanguy Mezzano

Hi Tanguy,
to tell you the truth I'm really unsure about what you are trying to achieve. When I started posting to your thread I thought all you wanted was trying to access your J2EE engine via Browser and authenticate against the engine using HTTP Header Variables. Nevermind:
Here are some answers to your question:
in fact I did succeed, the problem was that even after domain-relaxation done by the J2EE, I had to change the domain of th SAP cookie to the bbbb.domain.com to be understood (I would have thought that all hosts in/under domain .domain would have accepted such a cookie but it seems that no...).
The server does not care about the domain because Cookies in an HTTP Request do not contain any domain information. The domain is just important when the Cookie is set by the server so your Client (Browser) will know in which cases the Cookie may be sent or not. So if your domain is xxx.yyy.domain.com and your cookie is issued to .domain.com then your Browser will definitely sent it to all hosts under .domain.com (This includes xxx.yyy.domain.com etc.)
My current scenario is: in a first request get a SAP Logon Ticket from the Java Stack, then change its domain and then directly call the backend with it.
You can do that but there is no Client involved in this scenario. So this is useful if you just want to test the functionality (e.g. authentication to J2EE using Header Variables (This works finally!!!) and then use the fetched Logon Ticket to test SSO against any trusted Backend!!)
So everything's is in a Java Client application without using any redirection.
If I understand you, you're solution is from the Browser call a servlet (which is deployed on the Java Stack and has no authentication schema) by passing to it our http header.
No, you should initially authenticate somewhere! I thought that maybe you had some resource you access before accessing the Java Stack. This could be any application (e.g. deployed on a Tomcat or JBOSS or other server or if you like even SAP J2EE). After authenticating there you are aware of the username and could use it to procceed (e.g. Authenticate against the J2EE using the same user and HTTP Header authentication for that particular user!)
That servlet will transfer the http header (with the HttpClient app) in order to get from the Java Stack a SAP Logon ticket, and then to redirect to the resource and by sending back the cookie in client browser. Am I correct?
This was just a suggestion because I realized that there was no Client ever involved in any of your testing (looked strange to me!). I was just thinking that it would be easier for you to just get the Cookie into your Browser so your Browser would do the rest for you (in your case finally send the Logon Ticket Cookie to your Backend to test SSO using Logon Tickets!).
The AuthenticatorServlet somehow serves as a Proxy to your client because your client is not able to set the Header Variable. That's why I initially suggested to use a Proxy (e.g. Apache) for that purpose. The problem is just that if you use a Proxy you will have to tell it somehow which username it should set in the Header Variable (e.g. using a URL Parameter or using a personalized client certificate and fetch the username (e.g. cn=<username> from the certificate!)
This way of doing would simplify the calls for sso for each new application needing authentication, instead of having all code each time in it...
I'm stuck again! Do you want to authenticate an End User or do you want to authenticate an application that needs to call any resources in your Backend that requires authentication?
So my problem now, is how to call the servlet from the client browser:
I'm trying to call my servlet from the browser but I don't succeed. I am able to understand how to reach a jsp from the Java Stack, but not to reach a servlet. I don't find the path to my servlet:
<FORM method="POST" action="SSORedirect2" >
A JSP is a servlet too. There is just no JAVA Class involved!
You do not need any POST Request to invoke a Servlet.
I see that my servlet is deployed, but I don't how what path to give to my form to invoke the servlet, here follows my web.xml
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE web-app (View Source for full doctype...)>
- <web-app>
<display-name>WEB APP</display-name>
<description>WEB APP description</description>
- <servlet>
<servlet-name>SSOredirect2</servlet-name>
<servlet-class>com.atosorigin.examples.AuthenticatorServlet</servlet-class>
</servlet>
- <servlet>
<servlet-name>SSORedirect2.jsp</servlet-name>
<jsp-file>/SSORedirect2.jsp</jsp-file>
</servlet>
- <security-constraint>
<display-name>SecurityConstraint</display-name>
- <web-resource-collection>
<web-resource-name>WebResource</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
- <auth-constraint>
<role-name>DefaultSecurityRole</role-name>
</auth-constraint>
</security-constraint>
- <security-role>
<role-name>DefaultSecurityRole</role-name>
</security-role>
</web-app>
If you have an AuthenticatorServlet Class all you need is to add the Servlet Mapping in your web.xml file
e.g.
<servlet>
<description>
</description>
<display-name>AuthenticatorServlet</display-name>
<servlet-name>AuthenticatorServlet</servlet-name>
<servlet-class>com.atosorigin.examples.AuthenticatorServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>AuthenticatorServlet</servlet-name>
<url-pattern>/AuthenticatorServlet</url-pattern>
</servlet-mapping>
You can directly call the Servlet in your Browser by calling the URL provided in the url-pattern of your Servlet mapping ( in this case /AuthenticatorServlet). The engine will invoke the Class "com.atosorigin.examples.AuthenticatorServlet" in the background and do whatever you defined there!
I have also to pass my http header and the redirectUrl in the GET request.
If you like! I just suggested this for testing purposes. As I stated before you need a way to tell your proxy (or in your case AuthenticatorServlet) which user should be set when calling the Engine in order to authenticate using HTTP Header. You could use the URL Paramater to define the user you actually want to use when you set the Header Variable.
I just introduced the redirectURL because you were talking about redirects all the time. So if you finally want to call the Backend you could define the Backend URL in the redirectURL Parameter and the Servlet will make sure that you are redirected to this location after the whole process!
Thx for your input very helpful,
But again 0 points
Cheers

BPEL HTTP Header Problem

Hello @all
I�m new to Open ESB and NetBeans.
Does anybody has an idea how to put HTTP-Header to the BPEL-Process?
I have to call a WebService (from BPEL) which expects user authentication (sessionId) in the HTTP-Header . How do I do that? Do I have to modify my WSDL-File?
Thanks for your posts in advance

You would have already defined your WSDL accommodating this requirement. If not, then yes, you might have to change your wsdl.
Assuming you are sending the user info all the way from the BPEL process and assuming soap-http protocol. Typically the way i see this done is, you define a wsdl message with the parts that correspond to your business logic and parts that you would use in the "soap headers". In the BPEL it is always "business as usual" you deal with the abstract wsdl message. It would be developers responsibility to fill the wsdl message parts correctly. Once this message goes through the soap-http BC, it would be the BC's job to then put things as required by the HTTP protocol.
hope that helps,
Kiran B.

SOAP Receiver - HTTP header problem

Hi,
Scenario: IDOC - - XI - - SOAP(webservice).
Third party is asking for missing "/" (path?) in header after "POST". Following is the message received by third party. How to override this header to put "/" after POST? Please help.
POST HTTP/1.0
Accept: /
Host: 100.10.2.5:9092
User-Agent: SAP-Messaging-com.sap.aii.messaging/1.0505
Authorization: Basic Z2hydHNvYXA6bm92ZWxs
content-id: <soap-48E034BD9F5B3308E1000000876CF529@sapcom>
Content-Type: text/xml; charset=utf-8
Content-Length: 313
SOAPACTION: "#batchRequest"
<SOAP:Envelope xmlns:SOAP='http://schemas.xmlsoap.org/soap/envelope/'>
    <SOAP:Header/>
    <SOAP:Body>
        <ns0:cvgtransaction xmlns:ns0='http://abc.com/xi/Novell' event='modify' workforceID='1' type='employee'>
            <attribute name='WWID' operation='replace'>1234567</attribute>
        </ns0:cvgtransaction>
    </SOAP:Body>
</SOAP:Envelope>

Hi!
with XI standard tools you have no chance to manipulate the soap envelope created by the XI. You have to configure your soap receiver communication channel to not create a soap envelope "Do not use SOAP envelope") and then you use e.g. a XSLT mapping to create a soap envelope by yourself.
Regards,
Volker

Soap receiver - owerwrite default http header fields

Hi,
I'm using the soap receiver adapter in nosoap mode.
How can I owerwrite the default settings for the header fields in the http request?
The soap adapter will automatically set content-type = application/xml.
I would like for example set "text/xml".
Thanks,
Bela

Dear Mohan,
I tryed with the keep headers option but it didn't change anything to the HTTP header fields.
In the documentation we have the following : Keep Headers
If you want to include the header of the XI message in the Web service message, set the indicator.
Does it mean that I have to create a HTTP header section in the XI message??? Do you have an example?
Best regards,
Bela

How do I set the Http Header POST URL in SAAJ?

Hi ,
I am a newbie in the field of web services. I was trying to create a SOAP request with Http Header POST information having a POST url like
the following:
POST /OMASTI.xml HTTP/1.1
Content-Type: multipart/related; boundary="eladeladeladeladeladeladeladeladelad"; type=text/xml; start=11814460
Content-Length: 54596
Host: unspecified
SOAPAction: ""
to that effect I did the following in the SAAJ client:
MimeHeaders md = message.getMimeHeaders();
md.setHeader("SOAPAction" ,"\"\"");
md.setHeader("POST" ,"/OMASTI.xml");
However what I got was :
POST / HTTP/1.1
Accept: text/xml, text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
SOAPAction: ""
POST: /OMASTI.xml
Content-Type: multipart/related; type="text/xml"; boundary="----=_Part_2_32124414.1153146262750"
Content-Length: 3352
Cache-Control: no-cache
Pragma: no-cache
User-Agent: Java/1.5.0_07
Host: www.google.com
Connection: keep-alive
I have two POSTs in the header. How do I fix it? Please Help ASAP.
Regards,
Zeus

Hi,
Please forgive my ignorance. I did the same as you said. and then checked the Http request being sent out using ethreal software... it was the same as I had told earlier. Is only POST supported by the connection object? And the does the URL that comes in the Mime header as POST refer to the URL to which the request was sent? what I mean is that if the mime header says
POST /OMASTI.xml HTTP 1.1, does it mean that the URL that was passed to the connection object was "/OMASTI.xml" ? I had given the url as http://www.google.com to test the request being sent.. I only have a sample SOAP request which shows a HTTP header with the post url as I said before. I need to create a SOAP request with the same sort of Http header and the body needs to follow a certain OMA-STI protocol. My experience in the SOAP domain is almost nil. So please enlighten me.
Thanks in advance,
zeus

How to Set UserId in Http Header for SSO?

Hello All,
I have a requirement to set the userid into the HTTP Header so that i can use the "Header Variables for User Authentication" module provided by SAP to achieve the SSO .
Could some 1 let me know how can I achieve this? I know abt the HTTPServlet.setheader() method, But i need to set it using my JAVA application. Is there any way to set the HTTP Header using Java. I have already done a lot of googling, but havent got any results.
I am sure that, there must definitely be a way in which we can add the user id into the HTTP header, in all the results, they tell abt adding it using the HTTP Servlet or PHP and so on, but i need to add it from JAVA.(setting REMOTE_USER as "mysapuserid")
I have already added the "HeaderVariableLoginModule" in my login stack in the 2nd position, as per
http://help.sap.com/saphelp_nw04/helpdata/en/8f/ae29411ab3db2be10000000a1550b0/frameset.htm
Any pointers will be helpful,
Meghana
Edited by: Meghana Phadke on Apr 14, 2008 2:49 PM

Hi
As I understand, your java application is an EP client, check framework HttpClient :
http://hc.apache.org/httpclient-3.x/
http://hc.apache.org/httpclient-3.x/tutorial.html
Hope this help
Jakub Krecicki

How to supress HTTP Header in AS2 Receive

Similar Messages

Maybe you are looking for