NTLM and Http request
can anyone tell me how to do proxy authetication if NTLM authorization is involved...i wrote a java client that is behind MS Proxy server and hence facing problem in establishing connection with sites...i am getting UnknownHost Exception when i try to call conn.connect() i think it's due to NTLM protocol..Can any one help me in this.
Thanks in advance
mano
Here is the solution for NTLM auth http://www.luigidragone.com/networking/ntlm.html
You may need to change it to support auth on MS proxy...
Similar Messages
-
Switching between https and http requests
Hi,
Our application is built using ADF 10.1.3
This application need to be integrated with an in house built single sign on system. ( SSO system is built in C# and .NET)
This single sign on system only understand https request. Once user is validated against single sign on system, our application's authorization page is called in HTTPS mode. Once the user is authorized, he is forwarded to home page. While forwarding to home page, we want to convert the HTTPS request to HTTP.
Currently once the user is authenticated, all requests are happening in HTTPS mode.
We do not know how to make http request from existing https requested page.
Any help is appreciated.
Thanks
RanajitHi,
the way to do this is by redirecting the call from a PhaseListener or command button. The solution Avrom refers to is a PhaseListener that uses XML configuration file to determine whether or not the page you are navigating to requires https or http. The code that handles the protocol switch is printed below
* Determines if the requested page requires SSL and if the current protocol
* meets this need. If not the protocol is switched between http and https
* @param viewId
* @param pageRequiresSSL
public void handleProtocolSwitch(String viewId, boolean pageRequiresSSL)
ExternalContext exctx = FacesContext.getCurrentInstance().getExternalContext();
boolean isSecureSSLChannel = ((HttpServletRequest)exctx.getRequest()).isSecure();
// pages that require SSL and SSL is on, or pages that don't require
// SSL but SSL is on and should be kept
if (pageRequiresSSL && isSecureSSLChannel || !pageRequiresSSL && isSecureSSLChannel && isKeepSSLMode) {
printDebugMessage("Page requires SSL = "+pageRequiresSSL+", channel is secure = "+isSecureSSLChannel+", is keep SSL = "+isKeepSSLMode);
printDebugMessage("No protocol change required");
// page requires SSL and SSL is not active. Switch to SSL.
if (pageRequiresSSL && !isSecureSSLChannel) {
printDebugMessage("Page requires SSL = "+pageRequiresSSL+", channel is secure = "+isSecureSSLChannel);
printDebugMessage("Protocol change required to use https");
switchToHttps(viewId);
// switch to HTTP is page doesn't require SSL and channel isn't secure
// and isKeepSSLMode is false
if (!pageRequiresSSL && !isKeepSSLMode && isSecureSSLChannel) {
printDebugMessage("Page requires SSL = "+pageRequiresSSL+", channel is secure = "+isSecureSSLChannel+", is keep SSL = "+isKeepSSLMode);
printDebugMessage("Protocol change required to use http");
switchToHttp(viewId);
if (!pageRequiresSSL && !isSecureSSLChannel) {
printDebugMessage("Page requires SSL = "+pageRequiresSSL+", channel is secure = "+isSecureSSLChannel);
printDebugMessage("No protocol change required");
* Switches from https to http using a redirect call
* @param viewId
private void switchToHttp(String viewId) {
FacesContext facesContext = FacesContext.getCurrentInstance();
ExternalContext exctx = facesContext.getExternalContext();
ViewHandler vh = facesContext.getApplication().getViewHandler();
String pageURI = vh.getActionURL(FacesContext.getCurrentInstance(), viewId);
//redirect to http URL
String remoteHost = getHostNameFromRequest();
printDebugMessage("Switch to http on host "+ remoteHost);
try {
String port = httpPort.equalsIgnoreCase("80") ? "" : ":" + httpPort;
String url = "http://" + remoteHost + port + pageURI;
printDebugMessage("Redirecting to http URL "+ url);
//TODO check request Map
this.printDebugMessage(" Content size of RequestMap before redirect "+exctx.getRequestMap().size());
exctx.redirect(url);
} catch (IOException e) {
printDebugMessage("Redirect to http port failed "+ e.getMessage());
* switches to https using a redirect call
* @param viewId
private void switchToHttps(String viewId) {
FacesContext facesContext = FacesContext.getCurrentInstance();
ExternalContext exctx = facesContext.getExternalContext();
ViewHandler vh = facesContext.getApplication().getViewHandler();
String pageURI = vh.getActionURL(FacesContext.getCurrentInstance(), viewId);
//redirect to https URL
String remoteHost = getHostNameFromRequest();
printDebugMessage("Switch to SLL/https on host "+ remoteHost);
try {
String port = httpsPort.equalsIgnoreCase("443") ? "" : ":" + httpsPort;
String url = "https://" + remoteHost + port + pageURI;
printDebugMessage("Redirecting to https URL "+ url);
//TODO check request Map
this.printDebugMessage(" Content of RequestMap before redirect "+exctx.getRequestMap().size());
exctx.redirect(url);
} catch (Exception e) {
printDebugMessage("Redirect to http port failed "+ e.getMessage());
* @return the hostname of the page request
private String getHostNameFromRequest() {
ExternalContext exctx = FacesContext.getCurrentInstance().getExternalContext();
String requestUrlString = ((HttpServletRequest)exctx.getRequest()).getRequestURL().toString();
URL requestUrl = null;
try {
requestUrl = new URL(requestUrlString);
} catch (MalformedURLException e) {
e.printStackTrace();
String remoteHost = requestUrl.getHost();
return remoteHost;
}If your container doesn't support session sharing between http and https then the session is renewed. In OC4J you will have to configure this.
Frank -
Localhost and http request dilemma!
Right I have 2 web app servers, one running on serverA from machine1 and one running on serverB from machine2.
OK, what I want to be able to do is from machine1 open a browser to a webpage running on serverB/page1.jsp.
From page1.jsp I want to make an http request to "localhost/page2.jsp" which is running on ServerA on machine1 and NOT on the same webserver as page1.jsp.
Now because each machine sees itself as localhost, when I use "localhost/page2.jsp" instead of making a request to "serverA/page2.jsp", it is trying to make a request to ServerB.page2jsp.
Now I cant just replace "localhost" with "ServerA" due to security restrictions of my web application. So far what I've tried is putting this javascript within page1.jsp:
<%
URL url = new URL("http://localhost:6080/page2.jsp");
HttpURLConnection httpConnection = (HttpURLConnection) url.openConnection();
httpConnection.setRequestMethod("GET");
httpConnection.setDoOutput(true);
httpConnection.connect();
InputStream in = httpConnection.getInputStream();
BufferedInputStream buffer = new BufferedInputStream(in);
for (;;) {
int data = buffer.read();
// Check for EOF
if (data == -1) {
break;
} else {
out.print((char) data);
httpConnection.disconnect();
%>Any thoughts or ideas are gladly appreciated, or if I'm goign about this all wrong let me know!BlueSmurf wrote:
What security is being restricted with this design?You can only connect to the web server by using "localhost" and not using its real host name or ip address.
So for example I want a web browser running on a windows machine to access page1.jsp from a linux machine running a web server and within page1 I want to make a http request to page2 running on a webserver on the windows machine and for example return the html from page2 into page1.
So far I've tried the scriplet in the above code which makes a call to localhost, but it makes a call to the wrong localhost, rather than localhost being the machine im running the browser in, localhost is machine that the web page is running on. I've also thought about using iframes, any thoughts on this approach? -
when I start a java applet behind a proxy server, a http request can be used by setting proxy variables http.proxyHost and http.proxyPort.
but is there any way I can get these values from the browser setting(or the internect connection LAN settings on the user's PC)? for the simplest case lets assume we are using internet explorer.
please let me know on how this can be done?
thanks!To my knowledge, the default situation is that the proxy will be set by the browser.
-
Behaviour of Service (MqActive and http-requests)
Hello,
I have a servlet which runs an mq-active listener and get input by http. Now my question: what is important about threads and concurrency ? - There could be the case, that the mq-active-listener gets an Message while there is an http-request. Should I start for each request of mq-active a new Thread?
thanks for you answer,
dak
Message was edited by:
dakgerHi David,
Thanks for correctly guessing our longer term plans. It's good to know this won't be a problem in the future.
However, that doesn't answer my original question, which is a bit more pressing than waiting until we have migrated. If it can't be done, it can't be done, and we'll just bear that in mind when responding to failover events. But I would prefer
a definitive "no, it can't" rather than a speculative "no".
Regards,
Simon -
Dear folks
I have done NTLM authentication successfully and got the logged in username, but my POST request quits working after NTLM authentication.
I have logged the HTTP headers using RequestDumperValve, it shows that even though the user is authenticated the browser sends authorization header on every POST request and its content-length is zero.
Im not able to understand the problem.
This problem is already discussed in many groups but all replied JCIFS, but i don't want to use it.
My configuration Apache 1.3,Tomcat 4.0,Mod_JK
Why the POST Request is not working?
Any help will be appreciated.
Regards
GaneshYep, I am french so sorry for my english. I have maybe a solution, i have got the same problem with POST request after NTLM auth, they don't work with my ajax application.
I have search search and search, and i have write that :
You must place that in first place in your html file, before any tag ( so before <html> tag ).
I hope that this can help anyone...
<%
boolean isUserNameRecuperer = false;
boolean isAutorisationSend = (request.getHeader("Authorization") != null);
if (!isAutorisationSend)
response.setHeader("WWW-Authenticate", "NTLM");
response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
return;
else
String authorisationCode = request.getHeader("Authorization");
boolean isNTLMAutorisation = authorisationCode.substring(0, 4).equals("NTLM");
if (isNTLMAutorisation)
authorisationCode = authorisationCode.substring(5);
BASE64Decoder base_64decoder = new BASE64Decoder();
byte[] authorisationCode64 = base_64decoder.decodeBuffer(authorisationCode);
System.out.println("NTLM Flag " +authorisationCode64[8]);
if( authorisationCode64[8] == 1 )
if (authorisationCode64[13] == 178)
System.out.println("NTLM Flag Error");
//stop
String retAuth = "NTLMSSP"+Character.toString((char)0)+Character.toString((char)2)+Character.toString((char)0)+Character.toString((char)0)+Character.toString((char)0)+Character.toString((char)0)+Character.toString((char)0)+Character.toString((char)0);
retAuth += Character.toString((char)0)+Character.toString((char)40)+Character.toString((char)0)+Character.toString((char)0)+Character.toString((char)0)+Character.toString((char)001)+Character.toString((char)130)+Character.toString((char)000)+Character.toString((char)000);
retAuth += Character.toString((char)0)+Character.toString((char)2)+Character.toString((char)2)+Character.toString((char)2)+Character.toString((char)0)+Character.toString((char)000)+Character.toString((char)000)+Character.toString((char)000)+Character.toString((char)000);
retAuth += Character.toString((char)0)+Character.toString((char)0)+Character.toString((char)0)+Character.toString((char)0)+Character.toString((char)0)+Character.toString((char)000)+Character.toString((char)000);
BASE64Encoder base_64encoder = new BASE64Encoder();
String retAuth64 = base_64encoder.encode(retAuth.getBytes());
retAuth64.trim();
response.setHeader("WWW-Authenticate", "NTLM "+ retAuth64);
response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
return;
else if (authorisationCode64[8] == 3)
//le domaine
int lenght = (authorisationCode64[31]*256 + authorisationCode64[30]); // longueur du domain
int offset= (authorisationCode64[33]*256 + authorisationCode64[32]); // position du domain.
String codeATraiter = "";
for (int i=0; i < authorisationCode64.length; i++)
codeATraiter += (char) authorisationCode64;
String domain = codeATraiter.substring(offset, offset+lenght); // decoupage du du domain.
domain.replace("\0", "");
//le login
lenght = (authorisationCode64[39]*256 + authorisationCode64[38]); // longueur du domain
offset = (authorisationCode64[41]*256 + authorisationCode64[40]); // position du domain.
String username = codeATraiter.substring(offset, offset+lenght); // decoupage du du domain.
username = username.replaceAll("\0", "");
System.out.println(username);
isUserNameRecuperer = true;
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
%>
It's normal that the last status of my page is response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
in an other case that block any POST request.
Message was edited by:
BoBlepepeur -
Only HTTPS requests are working for SOAP Sender and HTTP not working
wHi Experts,
We have enabled our HTTPS port ( SSL ) in NWA -- >> Security -- >> SSL and Key stores. So understanding is HTTPS port is now enabled on top of HTTP. So PI should be able to cater requests at both ports.
Now, we have developed a synchronous SOAP to RFC scenario and downloaded WSDL file. This file has both links -
a. http:<host>:<port>
b. https:<host>:<port>
We intend to make a PI system where both ports can work. Now questions.
1. When we test web service exposed from PI using SOAPUI tool, only HTTPS works fine and gets the response back. If we try HTTP URL, an error is encountered - HTTTPS scheme is required.
2. Is this whole understanding that both ports ( HTTP, HTTPS ) should be able to operate simultaneously correct ? Or this is not at all possible ?
3. In SOAP Sender, we tried selecting all 3 options - 1. HTTP 2. HTTPS without client authentication 3. HTTPS with client authentication.
None of the options have any effect on testing, Each time, only HTTPS request works and HTTP doesn't.
Can anyone please provide some hints for troubleshooting ?
Thanks..
regards,
Rajagopal.The error "HTTPS scheme is required" is normally returned when the HTTP Security Level on the SOAP adapter is not set to "HTTP". I can see you have mentioned you have tried all these, maybe a cache refresh has gone wrong? Could try recreating the channel with just HTTP specified as security level and this should allow HTTP or HTTPS
I assume you are using a different port number for your HTTP and HTTPS requests from SOAP UI. Normally the HTTPS port is the same as the HTTP port number but the final zero changed to a 1 i.e. https://<host>:50001 instead of http://<host>:50000.
You should be able to confirm both HTTP and HTTPS work OK by loading some of the system webpages in a browser over HTTP and over HTTPS i.e. http://<host>:<port>/nwa and https://<host>:<port>/nwa
Chris -
I've the following header and http request.
POST http://deab/DexNETWebServices_4_0_0_4/LoginService.svc HTTP/1.1
MIME-Version: 1.0
Content-Type: multipart/related; type="application/xop+xml";start="<http://tempuri.org/0>";boundary="uuid:e4c19840-745d-45b2-90ca-12d71be4cfd9+id=1";start-info="application/soap+xml"
VsDebuggerCausalityData: uIDPo5F/qXRc4YJImqB6Ard30cQAAAAAAjIXinpIVUulXLJOsSG7yyv7Lf2yHgpHlIxvc6oeqaAACQAA
Host: deab
Content-Length: 1017
Expect: 100-continue
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
--uuid:e4c19840-745d-45b2-90ca-12d71be4cfd9+id=1
Content-ID: <http://tempuri.org/0>
Content-Transfer-Encoding: 8bit
Content-Type: application/xop+xml;charset=utf-8;type="application/soap+xml"
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing"><s:Header><a:Action s:mustUnderstand="1">http://tempuri.org/ILoginService/LoginByUserName</a:Action><a:MessageID>urn:uuid:cf410a05-23d4-4b92-a22c-329cbc19fbe7</a:MessageID><a:ReplyTo><a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address></a:ReplyTo><a:To s:mustUnderstand="1">http://deab/DexNETWebServices_4_0_0_4/LoginService.svc</a:To></s:Header><s:Body><LoginByUserName xmlns="http://tempuri.org/"><systemId>19e0ddb4-5fa5-41ee-b624-aea762865a6c</systemId><strName>FirmwareUpdateLogQueryWorker</strName><productId>0af39a3e-6549-485b-872f-b73413203998</productId><password>abc</password></LoginByUserName></s:Body></s:Envelope>
--uuid:e4c19840-745d-45b2-90ca-12d71be4cfd9+id=1--
I'm using the following code to set the header from PL/SQL.
l_http_req := UTL_HTTP.begin_request ('http://deab/DexNETWebServices_4_0_0_4/LoginService.svc', 'POST', 'HTTP/1.1');
UTL_HTTP.set_header (
l_http_req,
'Content-Type',
'multipart/related; type="application/xop+xml";start="<http://tempuri.org/0>";boundary="uuid:e4c19840-745d-45b2-90ca-12d71be4cfd9+id=1";start-info="application/soap+xml"');
UTL_HTTP.set_header (l_http_req, 'Content-Length', LENGTH (l_request));
But UTL_HTTP.get_response returns the error 400 Bad Request. How do I set MIME-Version and VsDebuggerCausalityData from the header?
Thank you for your help on this.Here is the complete code that returns the 400 Bad Request error. Thanks for your help.
DECLARE
l_request CLOB;
l_http_req UTL_HTTP.req;
l_http_resp UTL_HTTP.resp;
v_buffer VARCHAR2 (32767);
p_status_code NUMBER (9);
p_error_message VARCHAR2 (32767);
p_response CLOB;
BEGIN
l_request :=
'--uuid:e4c19840-745d-45b2-90ca-12d71be4cfd9+id=1
Content-ID: <http://tempuri.org/0>
Content-Transfer-Encoding: 8bit
Content-Type: application/xop+xml;charset=utf-8;type="application/soap+xml"
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing"><s:Header><a:Action s:mustUnderstand="1">http://tempuri.org/ILoginService/LoginByUserName</a:Action><a:MessageID>urn:uuid:cf410a05-23d4-4b92-a22c-329cbc19fbe7</a:MessageID><a:ReplyTo><a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address></a:ReplyTo><a:To s:mustUnderstand="1">http://deab/DexNETWebServices_4_0_0_4/LoginService.svc</a:To></s:Header><s:Body><LoginByUserName xmlns="http://tempuri.org/"><systemId>'
|| '19e0ddb4-5fa5-41ee-b624-aea762865a6c'
|| '</systemId><strName>'
|| 'FirmwareUpdateLogQueryWorker'
|| '</strName><productId>'
|| '0af39a3e-6549-485b-872f-b73413203998'
|| '</productId><password>'
|| 'abc'
|| '</password></LoginByUserName></s:Body></s:Envelope>
--uuid:e4c19840-745d-45b2-90ca-12d71be4cfd9+id=1--';
DBMS_OUTPUT.put_line ('request ' || l_request);
l_http_req :=
UTL_HTTP.begin_request (
'http://deab/DexNETWebServices_4_0_0_4/LoginService.svc',
'POST',
'HTTP/1.1');
UTL_HTTP.set_header (
l_http_req,
'Content-Type',
'multipart/related; type="application/xop+xml";start="<http://tempuri.org/0>";boundary="uuid:e4c19840-745d-45b2-90ca-12d71be4cfd9+id=1";start-info="application/soap+xml"');
UTL_HTTP.set_header (l_http_req, 'Content-Length', LENGTH (l_request));
UTL_HTTP.set_header (l_http_req, 'MIME-Version', '1.0');
UTL_HTTP.set_header (
l_http_req,
'VsDebuggerCausalityData',
'uIDPo5F/qXRc4YJImqB6Ard30cQAAAAAAjIXinpIVUulXLJOsSG7yyv7Lf2yHgpHlIxvc6oeqaAACQAA');
UTL_HTTP.write_text (l_http_req, l_request);
DBMS_LOB.createtemporary (p_response, FALSE);
l_http_resp := UTL_HTTP.get_response (l_http_req);
BEGIN
LOOP
UTL_HTTP.read_text (l_http_resp, v_buffer, 32767);
DBMS_OUTPUT.put_line (v_buffer);
DBMS_LOB.writeappend (p_response, LENGTH (v_buffer), v_buffer);
END LOOP;
EXCEPTION
WHEN UTL_HTTP.end_of_body
THEN
NULL;
END;
UTL_HTTP.end_response (l_http_resp);
p_status_code := l_http_resp.status_code;
p_error_message := l_http_resp.reason_phrase;
p_response := REPLACE (p_response, '<', '<');
p_response := REPLACE (p_response, '>', '>');
DBMS_OUTPUT.put_line (
'Status: ' || p_status_code || '-' || p_error_message || ': ' || p_response);
END; -
Load Balance Reverse Poxy using ACE and HTTP Header Sticky
Dear all,
I have a reverse proxy that makes HTTP and HTTPS requests to an ACE.
For implement persistence I want to configure HTTP HEADER Stickyness using the X-Forwarder-For information but I don't know:
How to implement it ( I'l apreciate a little example about it).
Which values I need for OFFSET and LENGHT fields.
Can you help me please?
Thanks a lot!!Hi Cesar.
Thanks a lot for your answer but I think you misunderstand the question or I'm not explaninig very well
I don't need to insert anything.
The serverfarm X will be accesed by a reverse proxy. This reverse proxy already inserts the X-Forearder-From header, so the request from the reverse proxy comes with this header to the serverfarm X.
The problem is that now, the serverfarm X sticky the client based on source IP. This is a wrong behavior becasue all the request comes form the same source (Reverse proxy) and all the load forwards to the same real IP address.
This is because I want to change the sticky from source IP to HTTP header and looks for the X-Forwarder-For filed.
Hop it will clarify the question! -
Hi,
I built a web service client using WWSAPI. The connection works via SSL (without HTTP proxy) and it works with SSL and proxy with basic authentication as well. When I try to connect using a proxy with NTLM authentication, then I get the errorCode
0x803d0016, HTTP status "407 (0x197)", "Proxy Authentication Required".
In WireShark I see only one HTTP request to connect to the proxy with NTLM Message Type: NTLMSSP_NEGOTIATE. The HTTP Response returns Status 407 and the connection ist closed. Comparing this to Internet Explorer - the Connection is not closed and
a second request with NTLMSSP_AUTH is sent.
Why doesn't it make the complete NTLM handshake? Why wasn't sent the NTLMSSP_AUTH directly?
I oriented in the HttpCalculatorWithKerberosOverSslClientExample.
Using WS_HTTP_HEADER_AUTH_SECURITY_BINDING,
WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_SCHEME was set to WS_HTTP_HEADER_AUTH_SCHEME_NTLM, WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_TARGET to WS_HTTP_HEADER_AUTH_TARGET_PROXY. I tried WS_DEFAULT_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE but also WS_STRING_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE.
Any idea?
ThanksHi,
I built a web service client using WWSAPI. The connection works via SSL (without HTTP proxy) and it works with SSL and proxy with basic authentication as well. When I try to connect using a proxy with NTLM authentication, then I get the errorCode
0x803d0016, HTTP status "407 (0x197)", "Proxy Authentication Required".
In WireShark I see only one HTTP request to connect to the proxy with NTLM Message Type: NTLMSSP_NEGOTIATE. The HTTP Response returns Status 407 and the connection ist closed. Comparing this to Internet Explorer - the Connection is not closed and
a second request with NTLMSSP_AUTH is sent.
Why doesn't it make the complete NTLM handshake? Why wasn't sent the NTLMSSP_AUTH directly?
I oriented in the HttpCalculatorWithKerberosOverSslClientExample.
Using WS_HTTP_HEADER_AUTH_SECURITY_BINDING,
WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_SCHEME was set to WS_HTTP_HEADER_AUTH_SCHEME_NTLM, WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_TARGET to WS_HTTP_HEADER_AUTH_TARGET_PROXY. I tried WS_DEFAULT_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE but also WS_STRING_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE.
Any idea?
Thanks -
We are getting an error on the authentication piece when trying to submit a file to the OfficialFile.asmx web service to submit a document to the Drop-Off Library. Here is the code snippet -
public string FileUpload(HttpPostedFile FileInput, RecordsRepositoryProperty[] properties)
string strFileUrl = string.Empty;
RecordsRepositorySoapClient repository = new RecordsRepositorySoapClient();
BinaryReader b = new BinaryReader(FileInput.InputStream);
byte[] binData = b.ReadBytes(FileInput.ContentLength);
repository.ClientCredentials.Windows.ClientCredential = new System.Net.NetworkCredential(iUserID, iUserPassword, iUserDomain);
repository.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
repository.SubmitFile(binData, properties, null, FileInput.FileName, HttpContext.Current.User.Identity.Name);
strFileUrl = repository.GetFinalRoutingDestinationFolderUrl(properties, null, FileInput.FileName).Url;
return strFileUrl;
Although we are setting the network credential in the client call we still get the error
- The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Negotiate,NTLM'.
Ideas?
Thanks in advance.Hi,
Based on the error message, the issue is related to the authentication type.
I suggest you can specify the credential type like the below:
CredentialCache credentialCache = new CredentialCache();
NetworkCredential credentials = new NetworkCredential(UserName, PassWord, sDomain);
credentialCache.Add(new Uri(recordCenterUrl), "NTLM", credentials);
Here is a detailed code demo for your reference:
http://blogs.msdn.com/b/mcsnoiwb/archive/2011/06/06/sending-files-to-a-record-center-using-the-sp2010-webservice-officialfile-asmx.aspx
Best Regards
Forum Support
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected]
Jerry Guo
TechNet Community Support -
Hi All,
I am seeing the following error for SMS_AWEBSVC_CONTROL_MANAGER component with Message ID: 8100
Application Web Service Control Manager detected AWEBSVC is not responding to HTTP requests. The http status code and text is 400, Bad Request.
awebsctl.log file has below errors:
Call to HttpSendRequestSync failed for port 80 with status code 400, text: Bad Request
SMS_AWEBSVC_CONTROL_MANAGER 12/22/2014 3:37:55 PM
13920 (0x3660)
AWEBSVCs http check returned hr=0, bFailed=1
SMS_AWEBSVC_CONTROL_MANAGER 12/22/2014 3:37:55 PM
13920 (0x3660)
AWEBSVC's previous status was 1 (0 = Online, 1 = Failed, 4 = Undefined)
SMS_AWEBSVC_CONTROL_MANAGER 12/22/2014 3:37:55 PM
13920 (0x3660)
Health check request failed, status code is 400, 'Bad Request'.
SMS_AWEBSVC_CONTROL_MANAGER 12/22/2014 3:37:55 PM
13920 (0x3660)
Management point and Application Catalog Website Point are installed on the same Server where I am seeing the error for Application Catalog Web Service Point role. Management Point and Application Catalog Website Point are functioning properly. Application
Catalog Website is working.
Thanks & Regards, KedarHi Jason,
Application Catalog Web Service Point and Application Catalog Website Point; both are installed as per below configuration on same Server:
IIS Website: Default Web Site
Port Number: 80
with default value for Web Application Name configured.
For SMS_AWEBSVC_CONTROL_MANAGER component, I am getting below error in Component Status:
Application Web Service Control Manager detected AWEBSVC is not responding to HTTP requests. The http status code and text is 400, Bad Request.
Possible cause: Internet Information Services (IIS) isn't configured to listen on the ports over which AWEBSVC is configured to communicate.
Solution: Verify that the designated Web Site is configured to use the same ports which AWEBSVC is configured to use.
Possible cause: The designated Web Site is disabled in IIS.
Solution: Verify that the designated Web Site is enabled, and functioning properly.
For more information, refer to Microsoft Knowledge Base.
And awebsctl.log has the below error lines:
Call to HttpSendRequestSync failed for port 80 with status code 400, text: Bad Request
SMS_AWEBSVC_CONTROL_MANAGER
12/23/2014 11:04:36 AM 16388 (0x4004)
AWEBSVCs http check returned hr=0, bFailed=1
SMS_AWEBSVC_CONTROL_MANAGER
12/23/2014 11:04:36 AM 16388 (0x4004)
AWEBSVC's previous status was 1 (0 = Online, 1 = Failed, 4 = Undefined)
SMS_AWEBSVC_CONTROL_MANAGER
12/23/2014 11:04:36 AM 16388 (0x4004)
Health check request failed, status code is 400, 'Bad Request'.
SMS_AWEBSVC_CONTROL_MANAGER
12/23/2014 11:04:36 AM 16388 (0x4004)
STATMSG: ID=8100
What should I check from IIS side?
Application Catalog Website is functioning properly.
Thanks & regards,
Kedar
Thanks & Regards, Kedar -
HTTP/1.1 and MINE --- request
The following is an example of a HTTP Request, can anyone tell me if it is all right? if I use HTTP/1.1, what are the restriction I have to face if I use MINE 1.0? for example, any feature or function I have to omit.
POST /RecipientServer/mailbox HTTP/1.1
Date: Tue, 20 Dec 2000 08:12:31 GMT
Connection: Keep-Alive
Host: www.xxx.com
Content-Language: en, fr
Content-Type: multipart/form-data; boundary=EBTpart;
Content-Length: 3222
--EBTpart
Content-Disposition: form-data; name=�sender�
12345678
--EBTpart
Content-Disposition: form-data; name=�user_id�
aUser
--EBTpart
Content-Disposition: form-data; name=�user_password�
aPassword
--EBTpart
Content-Disposition: form-data; name=�request_type�
Upload
--EBTpart
Content-Disposition: form-data; name=�ebt_document�; filename=�transaction.xml�
Content-Type: application/octet-stream
MIME-Version: 1.0
Content-Type: multipart/encrypted; boundary=�=--�;
protocol="application/pgp-encrypted"
--=--
Content-Type: pgp-encrypted
Version: 1
--=--
Content-Type: application/octet-stream
-----BEGIN PGP MESSAGE-----
Version: 2.6.2
hIwDY32hYGCE8MkBA/wOu7d45aUxF4Q0RKJprD3v5Z9K1YcRJ2fve87lMlDlx4OjeW4GDdBfLbJE7VUpp13N19GL8e/AqbyyjHH4aS0YoTk10QQ9nnRvjY8nZL3MPXSZg9VGQxFeGqzykzmykU6A26MSMexR4ApeeON6xzZWfo+0yOqAq6lb46wsvldZ96YA AABH78hyX7YX4uT1tNCWEIIBoqqvCeIMpp7UQ2IzBrXg6GtukS8NxbukLeamqVW31yt21DYOjuLzcMNe/JNsD9vDVCvOOG3OCi8=
=zzaA
-----END PGP MESSAGE-----
can anyone tell me where I can find any samples of http request or response?
thank you for your help.Check out HTTPClient. It's a set of classes that can be used to create POST requests (including file uploads) and has builtin support for many MIME types. It's available at http://www.innovation.ch/java/HTTPClient/
-
Dear Experts,,
We have MDM and PI in our landscape. We are using MDM Adapter for the integration between the two.
When we try to run the T Code SXMB_IFR, we are getting HTTP request failed error. i.e., “Error Code: 503 -- Service Unavailable”. And also the RWB communication channel is not working because of this error and we are unable to refresh the cache too because of this error.
We have checked from MDM side, and messages are flowing from ready folder but not coming into PI. We had monitored the messages using
SXMB_MONI.
We have restarted the Java Server but it’s taking too much time to restart around 12 to 15 hours & we checked after that but still facing the same issue.
Could you please help me to figure out this issue.
Thank you for your support in advance.
Thanks and Regards,
Priti.Hi Priti,
You can check the suggestion of Jyothi Anagani
Because of J2EE application com.sap.aii.af.ms.app not active
The problem is that not all J2EE services can be started by the J2EE. i.e Start the Visual Administrator and select Server->Services->Deploy in the tree on the left. On the right-hand side, choose the Runtime tab page. You see a tree in the right window with all applications if you select the APPLICATION radio button. Check if they are running, otherwise choose Start. Usually the J2EE engine starts all services automatically.
Runtime Workbench "503 Service Unavailable" Error After JSPM SP Update
Regards,
Nabendu. -
ACE 4710 and mangled HTTP requests
After replacing a Cisco CSS/SSL Accelorator and PIX firewall with an ACE 4710 to do load balancing and SSL encryption behind an ASA firewall we started seeing mangled HTTP requests in the Apache access logs for the servers in the server farm. Here is one example:
XX.XX.XXX.XXX - - [21/Oct/2012:01:42:12 -0500] "heckoutFlag=true&verifyPassword=false&newsletter=false&emailaddress=&email2=&pass1=&pass2=&username=POST /register/LServlet HTTP/1.1" 501 3322 "https://www.ourwebsite.com/register/CServlet" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"
Rather than appearing just after the timestamp, the "POST /register/LServlet" is tacked on to header information that shouldn't even appear in the log. Also the first letter in that header information is always missing (heckoutFlag instead of checkoutFlag in this example).
The mangled request always shows up as a 501 HTTP error and shows up late in the Apache access logs (timestamp is out of chronogical order) and always appears with several duplicate POSTs:
XX.XX.XXX.XXX - - [21/Oct/2012:01:42:23 -0500] "POST /register/LServlet HTTP/1.1" 200 8537 "https://www.ourwebsite/register/CServlet" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"
XX.XX.XXX.XXX - - [21/Oct/2012:01:44:12 -0500] "POST /register/LServlet HTTP/1.1" 200 8537 "https://www.ourwebsite/register/CServlet" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"
XX.XX.XX.XXX - - [21/Oct/2012:01:42:12 -0500] "heckoutFlag=true&verifyPassword=false&newsletter=false&emailaddress=&email2=&pass1=&pass2=&username=POST /register/LServlet HTTP/1.1" 501 3322 "https://www.ourwebsite.com/register/CServlet" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"
XX.XX.XXX.XXX - - [21/Oct/2012:01:44:12 -0500] "POST /register/LServlet HTTP/1.1" 200 8537 "https://www.ourwebsite/register/CServlet" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"
This is occurring for several different URLs and not just the one above and for multiple web browsers.
The ACE load balances to servers running Tomcat 7 with Apache HTTP server v. 2.2.14.
A recent ACE software upgrade to A5(2.1) has not fixed the problem.
Has anyone seen this before?
Thanks for any insight you can provide.
-KariHi Kari,
Do you have a sample of the configuration which you got with the CSS?
What is the current configuration which you got on the ACE?
Can you shows this output: # show stats http?
Jorge
Maybe you are looking for
-
Problem while calling servlet from java bean
I am trying to call a servlet from java bean in cep. My java bean: package com.bea.wlevs.example.algotrading; import com.bea.wlevs.ede.api.StreamSink; import com.bea.wlevs.example.algotrading.event.MarketEvent; import javax.xml.bind.JAXBContext; impo
-
No blending options in layers.
I recently upped my opinion of Illustrator and was really impressed with how I could change the appearance in the layers panel. Now unable to find it. Using a mac and CS5.5 when selecting drop down button it is not there any more. Layer options only
-
Trying to monitor my security camera on my dvr,-all mobile apps work fine but can't seem to get mac / SMS to connect with all the same settings,any other software for Mac for dvr monitoring,-running OSX Lion 10.7.5 ? Thanks Joe P.
-
HT4623 Should I update my iphone4 to iOS 7?Are there any problems in this?
Should I update my iphone4 to iOS 7?Are there any problems in this.
-
MessageException when trying to access method 'read'
Hi I am new to BlazeDS and have hit a problem trying to invoke a method on my service implemented in Java. I get a flex.messaging.MessageException complaining that a method 'read' is not avilable. The immediate problem is for me is that there is inde