Running via https and/or http ?

Similar Messages

• Running Forms Https (forms 10g with A/S and webcache)

  I'm trying to implement Credit Card processing for applications in our agency. The environment is in the subject. There will be two types of applications that need to process credit cards:
  1. Users coming in through our external website running java applications.
  2. Internal users running Oracle Forms (against another App Svr deployment)
  I'll be using a payment gateway accessible via a web service to authorize the card. I can talk to this via a java w/s client proxy w/o a problem. Here's the problem though:
  I've been told that when forms are running https, ALL forms running on the application server, regardless of application will now be running https. I'd like the Credit Card entry Oracle Form to be running https, but don't see how this affects all the other forms in our environment (hundreds of them). Can't one screen (http) call a CC screen (this one only running https), and they can enter the card into that? From the reading I've done this should be possible.
  I'm not the Application Server admin. This is what I've been told, and I cannot configure the environment. I've been told that Forms will now have to call a JSP CC entry screen that I write and that screen would now invoke the web service. Of course, my concern is that the oracle form and the jsp screen are now asynchronous, and one won't be able to tell when the other is done (unless I poll on the form, or go the route of PJCs and javascript - I've seen an article for this already --- HOWEVER, this was shot down as well.)
  My question boils down to:
  1. Can I run all my other forms http, and then this CC screen https (via a web.show_document), and then it can hit the web service directly via a java imported client proxy rather than me writing extra methods, and another screen/conf page that's specific to forms users?
  [I need to run forms https since the default 40-bit encryption is not enough.]
  Here are my related questions/threads to this one:
  Forms Client Side Encryption and invoking external Secure Service via URL
  Forms Client Side Encryption and invoking external Secure Service via URL
  encrypting creditcard for "in-transit"
  encrypting creditcard for "in-transit"
  loadjava sunrsasign.jar
  loadjava sunrsasign.jar
  As always, help is very much appreciated, and a very big thannks for any answers/suggestions.
  Eric

  Eric,
  You may want to ask your question in the App Server forum.

• OSB call to remote Web Service via https proxy and https CONNECT problem

  Hi
  I have a service that calls a web service on another server as a web service. This call is via https and the certificate validation raises no errors.
  I now want this call to go via a squid httpd proxy on port 3128 on some machine. So I would like to use HTTP CONNECT (RFC 2817) proxying,. But when I set up this as a proxy, I am getting "Certificate chain" error messages. The certifcate chains is no different now from when I called without the http proxy, so what am I doing wrong? Does OSB support HTTP CONNECT?
  -Johan

  The exeption we are getting is BEA-380000
  General runtime error: [Security:090477]Certificate chain received from XXX - 123.123.123.123 --> test.salesforce.com was not trusted causing SSL handshake failure.
  This is of course not relevant if the callout were using CONNECT. In the CONNECT scenario, OSB would not care about XXX's certificate.

• Disk Utility, restore image via HTTP, and error 22 (invalid argument)

  I'm trying to restore a properly-created and prepared (i.e. volume checksum applied) Apple Software Restore disk image to a volume on a target computer. The source image is hosted on a Web server and accessible via HTTP.
  The image restoration process appears to succeed for the most part, but at the end, I get an error 22 (invalid argument). This may be after the image restoration has finished, and when the resulting volume is being mounted. (I wonder if the problem is automount-related?)
  The same image, so far, restores to the same volume successfully when restored locally, mounting the drive in target disk mode on the host Mac.
  I am curious if anyone else has seen this same behavior and found a solution. Or is everyone else having the same kinds of problems with HTTP-based restores?
  MacBook Pro   Mac OS X (10.4.9)   15-inch, Core 2 Duo 2.16 GHz, 2 GB RAM

  Visit http://www.bombich.com/. See if you find any related info on that site. If not email Mike Bombich about the problem. If anyone knows the answer I would think he should.

• How to block youtube and facebook via HTTPs in CX on ASA-X ?

  How to block youtube and facebook via HTTPs in CX on ASA-X ?
  now i use decrypt feature on CX module but can not block https traffic. Could you help me.

  Hi,
  Double-check your CX configuration with this guide:
  http://tools.cisco.com/squish/fCA6D
  And make sure you are redirecting HTTPS traffic to the CX
  Luis Silva
  "If you need PDI (Planning, Design, Implement) assistance feel free to reach us"
  http://www.cisco.com/web/partners/tools/pdihd.html

• Cisco Network Assistant and add to comunity problem via HTTPS

  hello,
  i have big network of cisco switches and all is in my cisco network assistant in comunity connected via HTTPS. if i add new switch to network (all for HTTPS access is configured good: domain name, ip http secure-server, authenticate locale ...) and if i can add this switch to comunity (right click on icon and ADD TO COMUNITY), CNA say "Unable to Connect", because it can connect to switch via HTTP (i have disable it on switch), not via HTTPS. i have never version of CNA ... where is problem? why it not connect to switch via HTTPS? hmmm? thank you ... Peter

  "The HTTP server interface must be enabled to display the network assistant. " Source.
  You can put an access-list on the http server if you are concerned about security exposure.

• Try expose svn via http, but Location directive does not work.

  Hello everyone,
  I used svn exposed via http in OSX 10.6 and 10.7 using collabnet.
  Now I take OSX server 10.8 and installed svn inside XCode.
  SVN is correctly installed, apache respond to default site.
  I copied the modules dav_svn_module and authz_svn_module compiled on my machine with same svn version of XCode [version 1.6.18 (r1303927)] .
  I created a file into /etc/apache2/other called svn.conf that contain follow code:
  LoadModule dav_svn_module libexec/apache2/mod_dav_svn.so
  LoadModule authz_svn_module libexec/apache2/mod_authz_svn.so
  <Location /repo>
    DAV svn
    SVNPath '/Volumes/VMware HD/svn/repository'
  </Location>
  Checking if module are loaded with sudo apachectl -t -D DUMP_MODULES i obtain:
  Loaded Modules:
  dav_svn_module (shared)
  authz_svn_module (shared)
  Syntax OK
  So file svn.conf is loaded and the module too.
  When I try to check via browser with http://localhost/repo I obtain in /var/log/apache2/error_log the following error:
  [Wed Feb 13 12:41:12 2013] [error] [client 192.168.1.114] File does not exist: /Library/Server/Web/Data/Sites/Default/repo
  Is Location directive failing?!
  How can I expose the right repository location instead of default site?

  Oeren,
  I stumbled across this little tidbit buried in the BI Publisher forum: Dynamic Images in rtf
  Glad you are up and running!
  Joshua

• Office Web Apps - Preview not appearing when acccessing via HTTPS

  I have installed Sharepoint 2013 and Office Web Apps, set the wopibinding, and set the wopizone to be https-external. Everything seems to work fine if accessing the web app using HTTP (can open, edit, preview office web app (WAC) documents)... but if
  I access via HTTPS then I run into a mixed content error when trying to preview the WAC documents... I can open them and edit them without issue using office web apps inside the browser though just not preview.
  If I select "New document" it also takes a while to load and displays a blank pop up window... assume it must be related
  Error message:
  XMLHttpRequest cannot load http://xxxx.org.nz/Docs/_layouts/15/inplview.aspx?List={6E…65723B96E}&ViewCount=1&IsXslView=TRUE&IsCSR=TRUE&IsRibbon=TRUE&Cmd=EcbView.
  No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://xxxxxx' is therefore not allowed access.
  [blocked] The page at 'https://xxxxx.org.nz/xx.aspx' was loaded over HTTPS, but ran insecure content from 'http://xxxxxx/Docs/_layouts/15/WopiFrame.aspx?sourced…%20big%20wide%20inter%20web%2Edocx&action=interactivepreview&wdSmallView=1':
  this content should also be loaded over HTTPS.

  Hi  ,
  Before you configure SharePoint 2013 to use Office Web Apps Server via HTTPS, make sure that you have set up Office Web Apps Server by following the steps in Deploy
  a single-server Office Web Apps Server farm that uses HTTPS or Deploy a multi-server, load-balanced Office Web Apps Server farm
  that uses HTTPS.
  Best Regards,
  Eric
  Eric Tao
  TechNet Community Support

• File Upload Performance using IE from Windows to Unix via HTTPS

  Hi,
  Is there any performance issue uploading a file
  using IE from Windows client to UNIX server via HTTPS?
  Before that, we were using HTTP protocol and everything run smooth
  Once we change to HTTPS, we might hit the "HTTP 500 Internal server error"
  Even though this does not happen all the time but still, it affect the overall performance of our system
  We'd tested other browsers such as Netscape, Firefox, Opera and we don't hit any problem with them
  Is there any way to improve the performance?
  Is there any site i can refer to? cause i need some explaination on how this could be happen
  Thanks

  Is there any performance issue uploading a file
  using IE from Windows client to UNIX server via
  HTTPS?With HTTPS, the contents of the files are encrypted while uploading. This might hit the performance in some cases.

• Connecting To Zend AMF Backend Via HTTPS

  Environment:
  - Flash Builder 4
  - Flex 4 Beta 2
  - Zend AMF (the one that gets automatically downloaded in Flash Builder 4)
  Issue:
  Using Flash Builder's "Connect To PHP" wizard, I can connect to my Zend AMF backend via HTTP but not HTTPS (and yes, my domain does have a valid SSL certificate from a trusted CA - it is not self signed).  Upon selecting the PHP class (using a SFTP mount to my web host) via the wizard, Flash Builder dies when "introspecting the service" and it throws this error:
  Make sure that Zend Framework is installed correctly and  the parameter "amf.production" is not set to true in the amf_config.ini file  located in the project output folder.
  Warning:  require_once(Zend/Loader/Autoloader.php) [function.require-once]: failed to open stream:  No such file or directory in /home <blah>
  If I change my PHP backend's URL from https://<domain> to http://<domain> then it works but I obviously need to use SSL for this application.

  I upgraded to Zend Framework 1.10, which didn't help.  I also just installed Flash Builder 4 Premium (which was just released today) and that didn't help my situation either although I believe the problem is how I'm attempting to get my Flex client to communicate to my hosted web server.
  All the examples I've seen demonstrate how to connect a flex client and PHP backend (via Zend AMF) to LOCALHOST.  I need to develop my Flex client on my laptop and hook into my PHP backend running on a hosted web server (not localhost).
  Here are my server properties:
  - Application server type = PHP
  - Server location:
       - web root = Y:  (this maps to my Y: drive on windows which is a SFTP mount to my web host)
       - root URL = https://cl21.<web_host>.com/~<username>
  - Output folder = Y:\<app>-debug
  I can get this to work if I use my dedicated domain name www.<my_domain>.com but I haven't yet purchased a dedicated IP and SSL certificate so I'm attempting to use my web host's shared SSL certificate (which is valid).  The problem seems to be related to the setting "root URL".  Can you not point the flex client to anything other than a root URL?  Most server-side development happens on a shared dev server (e.g. sandbox.company_name.com/developer1, sandbox.company_name.com/developer2, etc.)

• Retrieve online file as CSV via HTTPS using PL/SQL procedure

  Hi all,
  Situation:
  Server A (not ORACLE)_: accesed via URL, generates dynamically a CSV file and returns to the requestor.
  Server B (ORACLE)_: which runs the PL/SQL script. It is the requestor. Read the CSV and store it within ORACLE.
  (1) I want to connect from Server B (ORACLE) to an external URL via HTTPS which generates dynamically the CSV file. Subdomain.domain it is the Server A which contains this CSV file.
  https://dubdomain.domain/csv_generator.php?query=q1
  (2) This file is downloaded to the Server B (ORACLE). A PL/SQL script executed in this machine do the task.
  (3) After that, I load this CSV to an ORACLE table which a common CSV PL/SQL parser.
  Doubts:
  Is it possible to retrieve an online file (a CSV) dynamically created and hosted in a third party server (Not ORACLE) via HTTPS using a PL/SQL procedure executed in a ORACLE server? If the answer is yes, what technology could I use? Any ideas?
  Thanks in advance,
  Yago

  An CSV example in {message:id=10158148}.
  For https, two actions are needed in addition.
  Firstly, the certificate of the https web server needs to be loaded in an Oracle Wallet on your database server. The wallet will have a specific directory location on the server, and will be protected by a password.
  Secondly, the PL/SQL procedure making web call, needs to open the wallet (using <i>UTL_HTTP.set_wallet</i>) using the location and password. Example of that in {message:id=10820182}.

• Problem accessing VIP via HTTP from service servers

  I thought I had a pretty simple config on my CSS11501- but have run into an issue I'm having trouble resolving.
  I have two unix webservers (IPs are .99 and .100) on ports e1 and e2, and my uplink for the CSS is on port e8.
  The CSS has a VIP address (.105) that load balances HTTP requests to .99 and .100.
  From .99 and .100 I can ping the VIP address - and from outside the CSS - almost everything works great for the site I'm hosting on .105.
  I do have two web pages however that attempt to make calls directly to the VIP address - I noticed I can't load those pages.
  Nor can I just browse the website on the VIP address from either of the servers. The webservers can browse their own pages via IP, and each other's pages via IP.
  Just not pages on the VIP.
  I think it may be a case of the servers thinking that IP spoofing is occurring - or maybe I missed something simple in the config.
  Here's what I see in a 'show flows' when I try and browse the VIp address (.105) from the .100 server.
  Src Address SPort Dst Address DPort NAT Dst Address Prt InPort OutPort
  65.207.212.100 53758 65.207.212.105 80 65.207.212.100 TCP e2 e2
  65.207.212.100 80 65.207.212.100 53758 65.207.212.100 TCP e2 e2
  Since it appears that the CSS NATs the request to the same IP the server is using, will the reply from the server ever make it back to the CSS?
  Or does it think that it shouldn't need to reply - becauuse it is that IP?
  Should I be able to browse the VIP site from the webservers.
  Below is the full CSS config if someone can help me figure this out.
  Thanks in advnace for any and all help.
  Paul
  CSS11501# show run
  !Generated on 08/30/2005 12:08:11
  !Active version: sg0750004
  configure
  !*************************** GLOBAL ***************************
  no restrict web-mgmt
  acl enable
  logging subsystem acl level debug-7
  ip route 0.0.0.0 0.0.0.0 65.207.212.1 1
  !************************** CIRCUIT **************************
  circuit VLAN1
  ip address 65.207.212.104 255.255.255.0
  !************************** SERVICE **************************
  service www2
  keepalive type tcp
  keepalive port 80
  ip address 65.207.212.99
  active
  service www3
  keepalive type tcp
  keepalive port 80
  ip address 65.207.212.100
  active
  !*************************** OWNER ***************************
  owner WWW
  content rule1
  vip address 65.207.212.105
  add service www2
  add service www3
  port 80
  protocol tcp
  advanced-balance sticky-srcip-dstport
  active
  !**************************** ACL ****************************
  acl 1
  clause 10 permit any any destination any
  apply circuit-(VLAN1)

  Paul,
  simple config and well-know basic mistake :-)
  If a server tries to access the vip, the css will forward the request to the same server or the other one.
  Both ways, the response from the server will go directly to the client-server, bypassing the CSS.
  For this to work, you need to do client nat so the server making the HTTP connection appears to be coming from the CSS.
  Create a group like this
  group servernat
  vip addr 65.207.212.105
  active
  and add the following to your acl
  clause 5 permit any 65.207.212.99 destination content www/rule1 sourcegroup servernet
  Do a similar clause for the 2nd server.
  re-apply the acl.
  Everything should work now.
  Gilles.
  Thanks for rating.

• Issue with calling restful services via HTTP in an Orchestration

  The company I work for is using RESTful services for our I/O. We are processing EDI files using Biztalk, and are calling the REST services via HTTP from a c# code called within the orchestration. At lower volumes, the service performs fine, but at higher
  transaction volumes, the HTTP calls never return. Is there a resource that needs to be tuned somewhere on the biztalk node to allow higher volumes of HTTP calls? Its not the REST service side - it has no problems handling loads generated by non biztalk nodes.
  For further clarification, the EDI message is a multi batched, so there are many simultaneous orchestrations running at once.  I have started to look at ways to throttle how many instances can run at once, but I still suspect some resource in the HTTP
  sequence that we dont have enough of.
  Ideas?

  I think you were not  enough free threads in the ThreadPool to complete the operation.
  So you can work out with Max connection setting in your BTSNTSvc file first
  <system.net>
  <connectionManagement>
  <add address="http://name.of.server.here" maxconnection="1oo" />
  </connectionManagement>
  </system.net>
  and try increasing number of threads allocated to the specific send Host instance and your Orchestration instance  ,you can try twinkling Response timeout in minutes as well  on host instance
  Thanks
  Abhishek

• Invoking scheduled/bursted reports via HTTP... documentation?

  Hi all - I am looking for documentation regarding the HTTP "API" for BI Publisher Scheduler. There is an HTTP interface for which I can find no documentation. For instance by POSTing a URL such as http://<site>:<port>/xmlpserver/servlet/scheduler?ujobname=DirectDeliveryReport.xdo&d_printerd_p_gname0=direct&show_conf_page=true&d_method0=d_printer0&job_locale=en_US&save_output=off
  ...you can "schedule" a job for immediate execution and output to a printer.
  This is the method of execution for Oracle SIM 13 and is vaguely described in the SIM 13 Implementation Guide but not apparently in the BIP docs. I am wondering:
  a) what is the API for this web interface? What are the parameters?
  b) can this interface be used for bursting reports? If so it would seem to be a much easier way to schedule burst reports when an external scheduling system is required. More straightforward, like a shell script for Oracle Reports, rather than having to write a Java app to call BIP twice, first to get the XML data, second to burst/deliver that data.

  Hi Tim -
  By 'run now' mode via HTTP, are you referring to a direct call to the XDO or a one-time run via the scheduler servlet? I am not looking to set up a repeating schedule via HTTP, simply to kick off a one-time job with an output destination of email or printer. I cannot find any documentation for the one-time scheduled execution through the scheduler via HTTP. I have searched all the 10.1.3.3.3 docs, the blog, and the message boards for some of those parameters being defined in the SIM URL and there's no mention of them.
  SIM may use some internal logic to construct the URL, but by looking at the SIM, Apache, and BIP log I can see what it's doing. It's a series of GETs and POSTs via HTTP. Using this same logic, I have constructed some PL/SQL (http_utl package) to call BIP in the same fashion from a trigger and it works fine. The HTTP interface that SIM is using certainly seems to be fully-fledged; it seems to have parameters that would allow you to define the output format and destination. I just want to know what they are =)
  All I'm trying to do is automate some of the SIM printing by making it trigger-based rather than GUI-based. If the client wants to, say, autoemail instead of autoprint, I would have no idea how to change the URL params to do this. Secondly, if such a URL could specify that bursting, per the XDO, take place, we can use this HTTP method to invoke BIP from an external scheduler which will be easier for us than using web services.
  Thanks in advance,
  -eric

• [Fwd: JMS publishing via http-tunneling]

  "Jeffrey S. Hair" wrote:
  Does anyone know of way to speed up WL JMS publishing via http-tunneling?
  We have a server that is publishing messages to JMS rather frequently (1/200 millisecs). We then
  have several applications and applets subscribed for this topic. The applications work great and get
  all of the messages quite fast (using t3 protocol).
  However, the applet, running on the other side of a firewall, and connected to the server over a 28k
  modem, receives the updates rather slowly since the messages need tunneled through http. In fact, so
  many updates are being published that the applet continually falls behind. If we stopped the updates
  or slowed down the updates, the applet would eventually catch up and reflect the latest message.
  The sessions in the applet were created using AUTO_ACKNOWLEDGE. I've since changed them to use
  CLIENT_ACKNOWLEDGE and allow for 15 seconds of messages to be processed before acknowledging. This
  improved the speed but the applet still falls behind to some degree. When the publishing slows down,
  the applet now at least catches up.
  As a side note, does anyone know of a way to view the contents of the JMS queue?
  Thanx,
  jsh
  Jeffrey S. Hair
  Sr. System Architect, FNX Limited[email.eml]

  Which web server are you using?
  Both iWS6.0 SP2 or iWS Fast-track 4.1 works with iMQ.
  But earler versions of iWS6.0 do not and we have no
  control of that.