NTLM and Http request

Similar Messages

• Switching between https and http requests

  Hi,
  Our application is built using ADF 10.1.3
  This application need to be integrated with an in house built single sign on system. ( SSO system is built in C# and .NET)
  This single sign on system only understand https request. Once user is validated against single sign on system, our application's authorization page is called in HTTPS mode. Once the user is authorized, he is forwarded to home page. While forwarding to home page, we want to convert the HTTPS request to HTTP.
  Currently once the user is authenticated, all requests are happening in HTTPS mode.
  We do not know how to make http request from existing https requested page.
  Any help is appreciated.
  Thanks
  Ranajit

  Hi,
  the way to do this is by redirecting the call from a PhaseListener or command button. The solution Avrom refers to is a PhaseListener that uses XML configuration file to determine whether or not the page you are navigating to requires https or http. The code that handles the protocol switch is printed below
    * Determines if the requested page requires SSL and if the current protocol
    * meets this need. If not the protocol is switched between http and https
    * @param viewId
    * @param pageRequiresSSL
    public void handleProtocolSwitch(String viewId, boolean pageRequiresSSL)
      ExternalContext exctx = FacesContext.getCurrentInstance().getExternalContext();
      boolean isSecureSSLChannel = ((HttpServletRequest)exctx.getRequest()).isSecure();
      // pages that require SSL and SSL is on, or pages that don't require
      // SSL but SSL is on and should be kept
      if (pageRequiresSSL && isSecureSSLChannel || !pageRequiresSSL && isSecureSSLChannel && isKeepSSLMode) {
      printDebugMessage("Page requires SSL = "+pageRequiresSSL+", channel is secure = "+isSecureSSLChannel+", is keep SSL = "+isKeepSSLMode);
      printDebugMessage("No protocol change required");
      // page requires SSL and SSL is not active. Switch to SSL.
      if (pageRequiresSSL && !isSecureSSLChannel) {
        printDebugMessage("Page requires SSL = "+pageRequiresSSL+", channel is secure = "+isSecureSSLChannel);
        printDebugMessage("Protocol change required to use https");
        switchToHttps(viewId);
      // switch to HTTP is page doesn't require SSL and channel isn't secure
      // and isKeepSSLMode is false
      if (!pageRequiresSSL && !isKeepSSLMode && isSecureSSLChannel) {
        printDebugMessage("Page requires SSL = "+pageRequiresSSL+", channel is secure = "+isSecureSSLChannel+", is keep SSL = "+isKeepSSLMode);
        printDebugMessage("Protocol change required to use http");
        switchToHttp(viewId);
      if (!pageRequiresSSL && !isSecureSSLChannel) {
        printDebugMessage("Page requires SSL = "+pageRequiresSSL+", channel is secure = "+isSecureSSLChannel);
        printDebugMessage("No protocol change required");
    * Switches from https to http using a redirect call
    * @param viewId
    private void switchToHttp(String viewId) {
        FacesContext facesContext = FacesContext.getCurrentInstance();
        ExternalContext exctx = facesContext.getExternalContext();
        ViewHandler vh = facesContext.getApplication().getViewHandler();
        String pageURI = vh.getActionURL(FacesContext.getCurrentInstance(), viewId);
        //redirect to http URL
        String remoteHost = getHostNameFromRequest();
        printDebugMessage("Switch to http on host "+ remoteHost);
        try {
            String port = httpPort.equalsIgnoreCase("80") ? "" : ":" + httpPort;
            String url = "http://" + remoteHost + port + pageURI;
            printDebugMessage("Redirecting to http URL "+ url); 
            //TODO check request Map
             this.printDebugMessage(" Content size of RequestMap before redirect "+exctx.getRequestMap().size());
            exctx.redirect(url);         
        } catch (IOException e) {
            printDebugMessage("Redirect to http port failed "+ e.getMessage());
    * switches to https using a redirect call
    * @param viewId
    private void switchToHttps(String viewId) {
        FacesContext facesContext = FacesContext.getCurrentInstance();
        ExternalContext exctx = facesContext.getExternalContext();
        ViewHandler vh = facesContext.getApplication().getViewHandler();
        String pageURI = vh.getActionURL(FacesContext.getCurrentInstance(), viewId);
        //redirect to https URL
        String remoteHost = getHostNameFromRequest();
        printDebugMessage("Switch to SLL/https on host "+ remoteHost);
        try {
            String port = httpsPort.equalsIgnoreCase("443") ? "" : ":" + httpsPort;
            String url = "https://" + remoteHost + port + pageURI;
            printDebugMessage("Redirecting to https URL "+ url);       
            //TODO check request Map
            this.printDebugMessage(" Content of RequestMap before redirect "+exctx.getRequestMap().size());
            exctx.redirect(url);         
        } catch (Exception e) {
            printDebugMessage("Redirect to http port failed "+ e.getMessage());
    * @return the hostname of the page request
    private String getHostNameFromRequest() {
        ExternalContext exctx = FacesContext.getCurrentInstance().getExternalContext();
        String requestUrlString = ((HttpServletRequest)exctx.getRequest()).getRequestURL().toString();
        URL requestUrl = null;
        try {
            requestUrl = new URL(requestUrlString);
        } catch (MalformedURLException e) {
            e.printStackTrace();
        String remoteHost = requestUrl.getHost();
        return remoteHost;
    }If your container doesn't support session sharing between http and https then the session is renewed. In OC4J you will have to configure this.
  Frank

• Localhost and http request dilemma!

  Right I have 2 web app servers, one running on serverA from machine1 and one running on serverB from machine2.
  OK, what I want to be able to do is from machine1 open a browser to a webpage running on serverB/page1.jsp.
  From page1.jsp I want to make an http request to "localhost/page2.jsp" which is running on ServerA on machine1 and NOT on the same webserver as page1.jsp.
  Now because each machine sees itself as localhost, when I use "localhost/page2.jsp" instead of making a request to "serverA/page2.jsp", it is trying to make a request to ServerB.page2jsp.
  Now I cant just replace "localhost" with "ServerA" due to security restrictions of my web application. So far what I've tried is putting this javascript within page1.jsp:
      <%
              URL url = new URL("http://localhost:6080/page2.jsp");
              HttpURLConnection httpConnection = (HttpURLConnection) url.openConnection();
              httpConnection.setRequestMethod("GET");
              httpConnection.setDoOutput(true);
              httpConnection.connect();
              InputStream in = httpConnection.getInputStream();
              BufferedInputStream buffer = new BufferedInputStream(in);
              for (;;) {
                  int data = buffer.read();
                  // Check for EOF
                  if (data == -1) {
                      break;
                  } else {
                      out.print((char) data);
                  httpConnection.disconnect();
      %>Any thoughts or ideas are gladly appreciated, or if I'm goign about this all wrong let me know!

  BlueSmurf wrote:
  What security is being restricted with this design?You can only connect to the web server by using "localhost" and not using its real host name or ip address.
  So for example I want a web browser running on a windows machine to access page1.jsp from a linux machine running a web server and within page1 I want to make a http request to page2 running on a webserver on the windows machine and for example return the html from page2 into page1.
  So far I've tried the scriplet in the above code which makes a call to localhost, but it makes a call to the wrong localhost, rather than localhost being the machine im running the browser in, localhost is machine that the web page is running on. I've also thought about using iframes, any thoughts on this approach?

• Java and http request

  when I start a java applet behind a proxy server, a http request can be used by setting proxy variables http.proxyHost and http.proxyPort.
  but is there any way I can get these values from the browser setting(or the internect connection LAN settings on the user's PC)? for the simplest case lets assume we are using internet explorer.
  please let me know on how this can be done?
  thanks!

  To my knowledge, the default situation is that the proxy will be set by the browser.

• Behaviour of Service (MqActive and http-requests)

  Hello,
  I have a servlet which runs an mq-active listener and get input by http. Now my question: what is important about threads and concurrency ? - There could be the case, that the mq-active-listener gets an Message while there is an http-request. Should I start for each request of mq-active a new Thread?
  thanks for you answer,
  dak
  Message was edited by:
  dakger

  Hi David, 
  Thanks for correctly guessing our longer term plans.  It's good to know this won't be a problem in the future.
  However, that doesn't answer my original question, which is a bit more pressing than waiting until we have migrated.  If it can't be done, it can't be done, and we'll just bear that in mind when responding to failover events.  But I would prefer
  a definitive "no, it can't" rather than a speculative "no".  
  Regards, 
  Simon

• NTLM and POST Request

  Dear folks
  I have done NTLM authentication successfully and got the logged in username, but my POST request quits working after NTLM authentication.
  I have logged the HTTP headers using RequestDumperValve, it shows that even though the user is authenticated the browser sends authorization header on every POST request and its content-length is zero.
  Im not able to understand the problem.
  This problem is already discussed in many groups but all replied JCIFS, but i don't want to use it.
  My configuration Apache 1.3,Tomcat 4.0,Mod_JK
  Why the POST Request is not working?
  Any help will be appreciated.
  Regards
  Ganesh

  Yep, I am french so sorry for my english. I have maybe a solution, i have got the same problem with POST request after NTLM auth, they don't work with my ajax application.
  I have search search and search, and i have write that :
  You must place that in first place in your html file, before any tag ( so before <html> tag ).
  I hope that this can help anyone...
  <%
  boolean isUserNameRecuperer = false;
  boolean isAutorisationSend = (request.getHeader("Authorization") != null);
  if (!isAutorisationSend)
            response.setHeader("WWW-Authenticate", "NTLM");
            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
       else
            String authorisationCode = request.getHeader("Authorization");
            boolean isNTLMAutorisation = authorisationCode.substring(0, 4).equals("NTLM");
            if (isNTLMAutorisation)
                 authorisationCode = authorisationCode.substring(5);
                 BASE64Decoder base_64decoder = new BASE64Decoder();
                 byte[] authorisationCode64 = base_64decoder.decodeBuffer(authorisationCode);
                 System.out.println("NTLM Flag " +authorisationCode64[8]);
                 if( authorisationCode64[8] == 1 )
                      if (authorisationCode64[13] == 178)
                           System.out.println("NTLM Flag Error");
                           //stop
                      String retAuth = "NTLMSSP"+Character.toString((char)0)+Character.toString((char)2)+Character.toString((char)0)+Character.toString((char)0)+Character.toString((char)0)+Character.toString((char)0)+Character.toString((char)0)+Character.toString((char)0);
                      retAuth += Character.toString((char)0)+Character.toString((char)40)+Character.toString((char)0)+Character.toString((char)0)+Character.toString((char)0)+Character.toString((char)001)+Character.toString((char)130)+Character.toString((char)000)+Character.toString((char)000);
                      retAuth += Character.toString((char)0)+Character.toString((char)2)+Character.toString((char)2)+Character.toString((char)2)+Character.toString((char)0)+Character.toString((char)000)+Character.toString((char)000)+Character.toString((char)000)+Character.toString((char)000);
                      retAuth += Character.toString((char)0)+Character.toString((char)0)+Character.toString((char)0)+Character.toString((char)0)+Character.toString((char)0)+Character.toString((char)000)+Character.toString((char)000);
                      BASE64Encoder base_64encoder = new BASE64Encoder();
                      String retAuth64 = base_64encoder.encode(retAuth.getBytes());
                      retAuth64.trim();
                      response.setHeader("WWW-Authenticate", "NTLM "+ retAuth64);
                      response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
                      return;
                 else if (authorisationCode64[8] == 3)
                      //le domaine
                      int lenght = (authorisationCode64[31]*256 + authorisationCode64[30]); // longueur du domain
                      int offset= (authorisationCode64[33]*256 + authorisationCode64[32]); // position du domain.     
                      String codeATraiter = "";
                      for (int i=0; i < authorisationCode64.length; i++)
                           codeATraiter += (char) authorisationCode64;
                      String domain = codeATraiter.substring(offset, offset+lenght); // decoupage du du domain.
                      domain.replace("\0", "");
                      //le login
                      lenght = (authorisationCode64[39]*256 + authorisationCode64[38]); // longueur du domain
                      offset = (authorisationCode64[41]*256 + authorisationCode64[40]); // position du domain.     
                      String username = codeATraiter.substring(offset, offset+lenght); // decoupage du du domain.
                      username = username.replaceAll("\0", "");
                      System.out.println(username);
                      isUserNameRecuperer = true;
                      response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
  %>
  It's normal that the last status of my page is response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
  in an other case that block any POST request.
  Message was edited by:
  BoBlepepeur

• Only HTTPS requests are working for SOAP Sender and HTTP not working

  wHi Experts,
  We have enabled our HTTPS port ( SSL ) in NWA -- >> Security -- >> SSL and Key stores. So understanding is HTTPS port is now enabled on top of HTTP. So PI should be able to cater requests at both ports.
  Now, we have developed a synchronous SOAP to RFC scenario and downloaded WSDL file. This file has both links -
  a. http:<host>:<port>
  b. https:<host>:<port>
  We intend to make a PI system where both ports can work. Now questions.
  1. When we test web service exposed from PI using SOAPUI tool, only HTTPS works fine and gets the response back. If we try HTTP URL, an error is encountered - HTTTPS scheme is required.
  2. Is this whole understanding that both ports  ( HTTP, HTTPS ) should be able to operate simultaneously correct ? Or this is not at all possible ?
  3. In SOAP Sender, we tried selecting all 3 options - 1. HTTP 2. HTTPS without client authentication 3. HTTPS with client authentication.
     None of the options have any effect on testing, Each time, only HTTPS request works and HTTP doesn't.
  Can anyone please provide some hints for troubleshooting ?
  Thanks..
  regards,
  Rajagopal.

  The error "HTTPS scheme is required" is normally returned when the HTTP Security Level on the SOAP adapter is not set to "HTTP". I can see you have mentioned you have tried all these, maybe a cache refresh has gone wrong? Could try recreating the channel with just HTTP specified as security level and this should allow HTTP or HTTPS
  I assume you are using a different port number for  your HTTP and HTTPS requests from SOAP UI. Normally the HTTPS port is the same as the HTTP port number but the final zero changed to a 1 i.e. https://<host>:50001 instead of http://<host>:50000.
  You should be able to confirm both HTTP and HTTPS work OK by loading some of the system webpages in a browser over HTTP and over HTTPS i.e. http://<host>:<port>/nwa and https://<host>:<port>/nwa
  Chris

• HTTP request using PL/SQL

  I've the following header and http request.
  POST http://deab/DexNETWebServices_4_0_0_4/LoginService.svc HTTP/1.1
  MIME-Version: 1.0
  Content-Type: multipart/related; type="application/xop+xml";start="<http://tempuri.org/0>";boundary="uuid:e4c19840-745d-45b2-90ca-12d71be4cfd9+id=1";start-info="application/soap+xml"
  VsDebuggerCausalityData: uIDPo5F/qXRc4YJImqB6Ard30cQAAAAAAjIXinpIVUulXLJOsSG7yyv7Lf2yHgpHlIxvc6oeqaAACQAA
  Host: deab
  Content-Length: 1017
  Expect: 100-continue
  Accept-Encoding: gzip, deflate
  Connection: Keep-Alive
  --uuid:e4c19840-745d-45b2-90ca-12d71be4cfd9+id=1
  Content-ID: <http://tempuri.org/0>
  Content-Transfer-Encoding: 8bit
  Content-Type: application/xop+xml;charset=utf-8;type="application/soap+xml"
  <s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing"><s:Header><a:Action s:mustUnderstand="1">http://tempuri.org/ILoginService/LoginByUserName</a:Action><a:MessageID>urn:uuid:cf410a05-23d4-4b92-a22c-329cbc19fbe7</a:MessageID><a:ReplyTo><a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address></a:ReplyTo><a:To s:mustUnderstand="1">http://deab/DexNETWebServices_4_0_0_4/LoginService.svc</a:To></s:Header><s:Body><LoginByUserName xmlns="http://tempuri.org/"><systemId>19e0ddb4-5fa5-41ee-b624-aea762865a6c</systemId><strName>FirmwareUpdateLogQueryWorker</strName><productId>0af39a3e-6549-485b-872f-b73413203998</productId><password>abc</password></LoginByUserName></s:Body></s:Envelope>
  --uuid:e4c19840-745d-45b2-90ca-12d71be4cfd9+id=1--
  I'm using the following code to set the header from PL/SQL.
  l_http_req := UTL_HTTP.begin_request ('http://deab/DexNETWebServices_4_0_0_4/LoginService.svc', 'POST', 'HTTP/1.1');
  UTL_HTTP.set_header (
           l_http_req,
           'Content-Type',
           'multipart/related; type="application/xop+xml";start="<http://tempuri.org/0>";boundary="uuid:e4c19840-745d-45b2-90ca-12d71be4cfd9+id=1";start-info="application/soap+xml"');
  UTL_HTTP.set_header (l_http_req, 'Content-Length', LENGTH (l_request));
  But UTL_HTTP.get_response returns the error 400 Bad Request. How do I set MIME-Version and VsDebuggerCausalityData from the header?
  Thank you for your help on this.

  Here is the complete code that returns the 400 Bad Request error. Thanks for your help.
  DECLARE
     l_request         CLOB;
     l_http_req        UTL_HTTP.req;
     l_http_resp       UTL_HTTP.resp;
     v_buffer          VARCHAR2 (32767);
     p_status_code     NUMBER (9);
     p_error_message   VARCHAR2 (32767);
     p_response        CLOB;
  BEGIN
     l_request :=
           '--uuid:e4c19840-745d-45b2-90ca-12d71be4cfd9+id=1
  Content-ID: <http://tempuri.org/0>
  Content-Transfer-Encoding: 8bit
  Content-Type: application/xop+xml;charset=utf-8;type="application/soap+xml"
  <s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing"><s:Header><a:Action s:mustUnderstand="1">http://tempuri.org/ILoginService/LoginByUserName</a:Action><a:MessageID>urn:uuid:cf410a05-23d4-4b92-a22c-329cbc19fbe7</a:MessageID><a:ReplyTo><a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address></a:ReplyTo><a:To s:mustUnderstand="1">http://deab/DexNETWebServices_4_0_0_4/LoginService.svc</a:To></s:Header><s:Body><LoginByUserName xmlns="http://tempuri.org/"><systemId>'
        || '19e0ddb4-5fa5-41ee-b624-aea762865a6c'
        || '</systemId><strName>'
        || 'FirmwareUpdateLogQueryWorker'
        || '</strName><productId>'
        || '0af39a3e-6549-485b-872f-b73413203998'
        || '</productId><password>'
        || 'abc'
        || '</password></LoginByUserName></s:Body></s:Envelope>
  --uuid:e4c19840-745d-45b2-90ca-12d71be4cfd9+id=1--';
     DBMS_OUTPUT.put_line ('request ' || l_request);
     l_http_req :=
        UTL_HTTP.begin_request (
           'http://deab/DexNETWebServices_4_0_0_4/LoginService.svc',
           'POST',
           'HTTP/1.1');
     UTL_HTTP.set_header (
        l_http_req,
        'Content-Type',
        'multipart/related; type="application/xop+xml";start="<http://tempuri.org/0>";boundary="uuid:e4c19840-745d-45b2-90ca-12d71be4cfd9+id=1";start-info="application/soap+xml"');
     UTL_HTTP.set_header (l_http_req, 'Content-Length', LENGTH (l_request));
     UTL_HTTP.set_header (l_http_req, 'MIME-Version', '1.0');
     UTL_HTTP.set_header (
        l_http_req,
        'VsDebuggerCausalityData',
        'uIDPo5F/qXRc4YJImqB6Ard30cQAAAAAAjIXinpIVUulXLJOsSG7yyv7Lf2yHgpHlIxvc6oeqaAACQAA');
     UTL_HTTP.write_text (l_http_req, l_request);
     DBMS_LOB.createtemporary (p_response, FALSE);
     l_http_resp := UTL_HTTP.get_response (l_http_req);
     BEGIN
        LOOP
           UTL_HTTP.read_text (l_http_resp, v_buffer, 32767);
           DBMS_OUTPUT.put_line (v_buffer);
           DBMS_LOB.writeappend (p_response, LENGTH (v_buffer), v_buffer);
        END LOOP;
     EXCEPTION
        WHEN UTL_HTTP.end_of_body
        THEN
           NULL;
     END;
     UTL_HTTP.end_response (l_http_resp);
     p_status_code := l_http_resp.status_code;
     p_error_message := l_http_resp.reason_phrase;
     p_response := REPLACE (p_response, '&lt;', '<');
     p_response := REPLACE (p_response, '&gt;', '>');
     DBMS_OUTPUT.put_line (
        'Status: ' || p_status_code || '-' || p_error_message || ': ' || p_response);
  END;

• Load Balance Reverse Poxy using ACE and HTTP Header Sticky

  Dear all,
  I have a reverse proxy that makes HTTP and HTTPS requests to an ACE.
  For implement persistence I want to configure HTTP HEADER Stickyness using the X-Forwarder-For information but I don't know:
  How to implement it ( I'l apreciate a little example about it).
  Which values I need for OFFSET and LENGHT fields.
  Can you help me please?
  Thanks a lot!!

  Hi Cesar.
  Thanks a lot for your answer but I think you misunderstand the question or I'm not explaninig very well
  I don't need to insert anything.
  The serverfarm X will be accesed by a reverse proxy. This reverse proxy already inserts the X-Forearder-From header, so the request from the reverse proxy comes with this header to the serverfarm X.
  The problem is that now, the serverfarm X sticky the client based on source IP. This is a wrong behavior becasue all the request comes form the same source (Reverse proxy) and all the load forwards to the same real IP address.
  This is because I want to change the sticky from source IP to HTTP header and looks for the X-Forwarder-For filed.
  Hop it will clarify the question!

• WWSAPI - Cannot connect to web service via SSL and HTTP proxy authentication with NTLM, errorCode 0x803d0016, HTTP status 407

  Hi,
  I built a web service client using WWSAPI. The connection works via SSL (without HTTP proxy) and it works with SSL and proxy with basic authentication as well. When I try to connect using a proxy with NTLM authentication, then I get the errorCode
  0x803d0016, HTTP status "407 (0x197)", "Proxy Authentication Required".
  In WireShark I see only one HTTP request to connect to the proxy with NTLM Message Type: NTLMSSP_NEGOTIATE. The HTTP Response returns Status 407 and the connection ist closed. Comparing this to Internet Explorer - the Connection is not closed and
  a second request with NTLMSSP_AUTH is sent.
  Why doesn't it make the complete NTLM handshake? Why wasn't sent the NTLMSSP_AUTH directly?
  I oriented in the HttpCalculatorWithKerberosOverSslClientExample.
  Using WS_HTTP_HEADER_AUTH_SECURITY_BINDING,
  WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_SCHEME was set to WS_HTTP_HEADER_AUTH_SCHEME_NTLM, WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_TARGET to WS_HTTP_HEADER_AUTH_TARGET_PROXY. I tried WS_DEFAULT_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE but also WS_STRING_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE.
  Any idea?
  Thanks

  Hi,
  I built a web service client using WWSAPI. The connection works via SSL (without HTTP proxy) and it works with SSL and proxy with basic authentication as well. When I try to connect using a proxy with NTLM authentication, then I get the errorCode
  0x803d0016, HTTP status "407 (0x197)", "Proxy Authentication Required".
  In WireShark I see only one HTTP request to connect to the proxy with NTLM Message Type: NTLMSSP_NEGOTIATE. The HTTP Response returns Status 407 and the connection ist closed. Comparing this to Internet Explorer - the Connection is not closed and
  a second request with NTLMSSP_AUTH is sent.
  Why doesn't it make the complete NTLM handshake? Why wasn't sent the NTLMSSP_AUTH directly?
  I oriented in the HttpCalculatorWithKerberosOverSslClientExample.
  Using WS_HTTP_HEADER_AUTH_SECURITY_BINDING,
  WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_SCHEME was set to WS_HTTP_HEADER_AUTH_SCHEME_NTLM, WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_TARGET to WS_HTTP_HEADER_AUTH_TARGET_PROXY. I tried WS_DEFAULT_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE but also WS_STRING_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE.
  Any idea?
  Thanks

• OfficialFile.asmx The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Negotiate,NTLM'. ERROR

  We are getting an error on the authentication piece when trying to submit a file to the OfficialFile.asmx web service to submit a document to the Drop-Off Library. Here is the code snippet -
  public string FileUpload(HttpPostedFile FileInput, RecordsRepositoryProperty[] properties)
  string strFileUrl = string.Empty;
  RecordsRepositorySoapClient repository = new RecordsRepositorySoapClient();
  BinaryReader b = new BinaryReader(FileInput.InputStream);
  byte[] binData = b.ReadBytes(FileInput.ContentLength);
  repository.ClientCredentials.Windows.ClientCredential = new System.Net.NetworkCredential(iUserID, iUserPassword, iUserDomain);
  repository.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
  repository.SubmitFile(binData, properties, null, FileInput.FileName, HttpContext.Current.User.Identity.Name);
  strFileUrl = repository.GetFinalRoutingDestinationFolderUrl(properties, null, FileInput.FileName).Url;
  return strFileUrl;
  Although we are setting the network credential in the client call we still get the error
  - The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Negotiate,NTLM'.
  Ideas?
  Thanks in advance.

  Hi,
  Based on the error message, the issue is related to the authentication type.
  I suggest you can specify the credential type like the below:
  CredentialCache credentialCache = new CredentialCache();
  NetworkCredential credentials = new NetworkCredential(UserName, PassWord, sDomain);
  credentialCache.Add(new Uri(recordCenterUrl), "NTLM", credentials);
  Here is a detailed code demo for your reference:
  http://blogs.msdn.com/b/mcsnoiwb/archive/2011/06/06/sending-files-to-a-record-center-using-the-sp2010-webservice-officialfile-asmx.aspx
  Best Regards
  Forum Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Jerry Guo
  TechNet Community Support

• Application Web Service Control Manager detected AWEBSVC is not responding to HTTP requests. The http status code and text is 400, Bad Request.

  Hi All,
  I am seeing the following error for SMS_AWEBSVC_CONTROL_MANAGER component with Message ID: 8100
  Application Web Service Control Manager detected AWEBSVC is not responding to HTTP requests.  The http status code and text is 400, Bad Request.
  awebsctl.log file has below errors:
  Call to HttpSendRequestSync failed for port 80 with status code 400, text: Bad Request
  SMS_AWEBSVC_CONTROL_MANAGER 12/22/2014 3:37:55 PM
  13920 (0x3660)
  AWEBSVCs http check returned hr=0, bFailed=1
  SMS_AWEBSVC_CONTROL_MANAGER 12/22/2014 3:37:55 PM
  13920 (0x3660)
  AWEBSVC's previous status was 1 (0 = Online, 1 = Failed, 4 = Undefined)
  SMS_AWEBSVC_CONTROL_MANAGER 12/22/2014 3:37:55 PM
  13920 (0x3660)
  Health check request failed, status code is 400, 'Bad Request'.
  SMS_AWEBSVC_CONTROL_MANAGER 12/22/2014 3:37:55 PM
  13920 (0x3660)
  Management point and Application Catalog Website Point are installed on the same Server where I am seeing the error for Application Catalog Web Service Point role. Management Point and Application Catalog Website Point are functioning properly. Application
  Catalog Website is working.
  Thanks & Regards, Kedar

  Hi Jason,
  Application Catalog Web Service Point and Application Catalog Website Point; both are installed as per below configuration on same Server:
  IIS Website: Default Web Site
  Port Number: 80
  with default value for Web Application Name configured.
  For SMS_AWEBSVC_CONTROL_MANAGER component, I am getting below error in Component Status:
  Application Web Service Control Manager detected AWEBSVC is not responding to HTTP requests.  The http status code and text is 400, Bad Request.
  Possible cause: Internet Information Services (IIS) isn't configured to listen on the ports over which AWEBSVC is configured to communicate. 
  Solution: Verify that the designated Web Site is configured to use the same ports which AWEBSVC is configured to use.
  Possible cause: The designated Web Site is disabled in IIS. 
  Solution: Verify that the designated Web Site is enabled, and functioning properly.
  For more information, refer to Microsoft Knowledge Base.
  And awebsctl.log has the below error lines:
  Call to HttpSendRequestSync failed for port 80 with status code 400, text: Bad Request
  SMS_AWEBSVC_CONTROL_MANAGER
  12/23/2014 11:04:36 AM 16388 (0x4004)
  AWEBSVCs http check returned hr=0, bFailed=1
  SMS_AWEBSVC_CONTROL_MANAGER
  12/23/2014 11:04:36 AM 16388 (0x4004)
  AWEBSVC's previous status was 1 (0 = Online, 1 = Failed, 4 = Undefined)
  SMS_AWEBSVC_CONTROL_MANAGER
  12/23/2014 11:04:36 AM 16388 (0x4004)
  Health check request failed, status code is 400, 'Bad Request'.
  SMS_AWEBSVC_CONTROL_MANAGER
  12/23/2014 11:04:36 AM 16388 (0x4004)
  STATMSG: ID=8100
  What should I check from IIS side?
  Application Catalog Website is functioning properly.
  Thanks & regards,
  Kedar
  Thanks & Regards, Kedar

• HTTP/1.1 and MINE --- request

  The following is an example of a HTTP Request, can anyone tell me if it is all right? if I use HTTP/1.1, what are the restriction I have to face if I use MINE 1.0? for example, any feature or function I have to omit.
  POST /RecipientServer/mailbox HTTP/1.1
  Date: Tue, 20 Dec 2000 08:12:31 GMT
  Connection: Keep-Alive
  Host: www.xxx.com
  Content-Language: en, fr
  Content-Type: multipart/form-data; boundary=EBTpart;
  Content-Length: 3222
  --EBTpart
  Content-Disposition: form-data; name=�sender�
  12345678
  --EBTpart
  Content-Disposition: form-data; name=�user_id�
  aUser
  --EBTpart
  Content-Disposition: form-data; name=�user_password�
  aPassword
  --EBTpart
  Content-Disposition: form-data; name=�request_type�
  Upload
  --EBTpart
  Content-Disposition: form-data; name=�ebt_document�; filename=�transaction.xml�
  Content-Type: application/octet-stream
  MIME-Version: 1.0
  Content-Type: multipart/encrypted; boundary=�=--�;
  protocol="application/pgp-encrypted"
  --=--
  Content-Type: pgp-encrypted
  Version: 1
  --=--
  Content-Type: application/octet-stream
  -----BEGIN PGP MESSAGE-----
  Version: 2.6.2
  hIwDY32hYGCE8MkBA/wOu7d45aUxF4Q0RKJprD3v5Z9K1YcRJ2fve87lMlDlx4OjeW4GDdBfLbJE7VUpp13N19GL8e/AqbyyjHH4aS0YoTk10QQ9nnRvjY8nZL3MPXSZg9VGQxFeGqzykzmykU6A26MSMexR4ApeeON6xzZWfo+0yOqAq6lb46wsvldZ96YA AABH78hyX7YX4uT1tNCWEIIBoqqvCeIMpp7UQ2IzBrXg6GtukS8NxbukLeamqVW31yt21DYOjuLzcMNe/JNsD9vDVCvOOG3OCi8=
  =zzaA
  -----END PGP MESSAGE-----
  can anyone tell me where I can find any samples of http request or response?
  thank you for your help.

  Check out HTTPClient. It's a set of classes that can be used to create POST requests (including file uploads) and has builtin support for many MIME types. It's available at http://www.innovation.ch/java/HTTPClient/

• HTTP request failed. Error code: "503". Service Unavailable in RWB and Cache Refresh

  Dear Experts,,
  We have MDM and PI in our landscape. We are using MDM Adapter for the integration between the two.
  When we try to run the T Code SXMB_IFR, we are getting HTTP request failed error. i.e., “Error Code: 503 -- Service Unavailable”. And also the RWB communication channel is not working because of this error and we are unable to refresh the cache too because of this error.
  We have checked from MDM side, and messages are flowing from ready folder but not coming into PI. We had monitored the messages using
  SXMB_MONI.
  We have restarted the Java Server but it’s taking too much time to restart around 12 to 15 hours & we checked after that but still facing the same issue.
  Could you please help me to figure out this issue.
  Thank you for your support in advance.
  Thanks and Regards,
  Priti.

  Hi Priti,
  You can check the suggestion of Jyothi Anagani
  Because of J2EE application com.sap.aii.af.ms.app not active
           The problem is that not all J2EE services can be started by the J2EE. i.e Start the Visual Administrator and select Server->Services->Deploy in the tree on the left. On the right-hand side, choose the Runtime tab page. You see a tree in the right window with all applications if you select the APPLICATION radio button. Check if they are running, otherwise choose Start. Usually the J2EE engine starts all services automatically.
  Runtime Workbench "503 Service Unavailable" Error After JSPM SP Update
  Regards,
  Nabendu.

• ACE 4710 and mangled HTTP requests

  After replacing a Cisco CSS/SSL  Accelorator and PIX firewall with an ACE 4710 to do load balancing and  SSL encryption behind an ASA firewall we started seeing mangled HTTP  requests in the Apache access logs for the servers in the server farm.  Here is one example:
  XX.XX.XXX.XXX  - - [21/Oct/2012:01:42:12 -0500]  "heckoutFlag=true&verifyPassword=false&newsletter=false&emailaddress=&email2=&pass1=&pass2=&username=POST /register/LServlet HTTP/1.1" 501 3322 "https://www.ourwebsite.com/register/CServlet" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"
  Rather  than appearing just after the timestamp, the "POST /register/LServlet"  is tacked on to header information that shouldn't even appear in the  log. Also the first letter in that header information is always missing  (heckoutFlag instead of checkoutFlag in this example). 
  The  mangled request always shows up as a 501 HTTP error and shows up late  in the Apache access logs (timestamp is out of chronogical order) and  always appears with several duplicate POSTs:
  XX.XX.XXX.XXX - - [21/Oct/2012:01:42:23 -0500] "POST /register/LServlet HTTP/1.1" 200 8537 "https://www.ourwebsite/register/CServlet" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"
  XX.XX.XXX.XXX - - [21/Oct/2012:01:44:12 -0500] "POST /register/LServlet HTTP/1.1" 200 8537 "https://www.ourwebsite/register/CServlet" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"
  XX.XX.XX.XXX  - - [21/Oct/2012:01:42:12 -0500]   "heckoutFlag=true&verifyPassword=false&newsletter=false&emailaddress=&email2=&pass1=&pass2=&username=POST /register/LServlet HTTP/1.1" 501 3322 "https://www.ourwebsite.com/register/CServlet"  "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"
  XX.XX.XXX.XXX - - [21/Oct/2012:01:44:12 -0500] "POST /register/LServlet HTTP/1.1" 200 8537 "https://www.ourwebsite/register/CServlet" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"
  This is occurring for several different URLs and not just the one above and for multiple web browsers.
  The ACE load balances to servers running Tomcat 7 with Apache HTTP server v. 2.2.14.
  A recent ACE software upgrade to A5(2.1) has not fixed the problem.
  Has anyone seen this before?
  Thanks for any insight you can provide.
  -Kari

  Hi Kari,
  Do you have a sample of the configuration which you got with the CSS?
  What is the current configuration which you got on the ACE?
  Can you shows this output: # show stats http?
  Jorge