To block iplanet webserver version in http header

Please let me know how to block the iplanet version being displayed in http header.
I am using iplanet webserver 4.1 sp12

Please refer to http://docs.sun.com/source/817-0533-10/rn41sp12.html#39181
Hope this helps.

Similar Messages

Custom Inserted HTTP Header not showing up in Iplanet Logs

ALL:
I have some iPlanet Enterprise/6.0 web servers sitting behind a LoadBalancer. The LoadBalancer is setup in an 'one-armed mode', and takes a client HTTP request passes it onto the server, but during this process, changes the client source IP to that of local static IP that the LoadBalancer has. Due to our setup we cannot change this.
By changing the client source IP to a local address, we have lost any useful user session tracking that was done by source IP.
To get around this, I have the LoadBalancer inserting an HTTP header with the client real source IP. Reading the NSAPI Programmer's Guide (Table 7-1 "http://docs.sun.com/source/816-5686-10/07_magnu.htm"), there is an option "%Req->headers.headername%" that can be used with 'flex-int' to log any header value.
My output from snoop looks as follows:
HTTP: ----- HyperText Transfer Protocol -----
HTTP:
HTTP: GET /plugin.do HTTP/1.1
HTTP: OrigClientAddr:10.5.4.28
HTTP: Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-shockwave-flash, */*
HTTP: Accept-Language: en-us
HTTP: Accept-Encoding: gzip, deflate
HTTP: User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
HTTP:
I have set the value to "%Req->headers.OrigClientAddr%" and it still does not show up in the log file. Any clues?
Works fine in Apache with:
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{OrigClientAddr}i\" \"%{User-Agent}i\"" headerinsert
CustomLog logs/access_log headerinsert

Always nice to find resolution to one's own question.
Fix was to change the header value to all lower case.
From:
"%Req->headers.OrigClientAddr%"
To:
"%Req->headers.origclientaddr%"

IPlanet-WebServer-Enterprise/6.0SP6 for JDK1.6 upgrade issue

I want to upgrade iPlanet Web Server 6.0 with JDK/jre 6.0. currently iPlanet Web Server 6.0 is refferring to JDK1.5.0_17 in our lab. I see following error in logs.Any ideas which state is this upgrade is valid or a resolution for the below error would be great.
I tried increasing stack size(StackSize 7168000 in magnus.conf),increasing Sun os filedescriptors and stacksize,jvm.minHeapSize=8388608 and jvm.maxHeapSize=33554432( in jvm12.conf)
Thanks in advance
iPlanet-WebServer-Enterprise/6.0SP6 B06/23/2003 14:40
[18/Dec/2009:09:44:27] info ( 3351): Installing a new configuration
[18/Dec/2009:09:44:27] info ( 3351): [LS ls1] http://stg-bobowww02.attws.com, port 9090 ready to accept requests
[18/Dec/2009:09:44:27] info ( 3351): A new configuration was successfully installed
[18/Dec/2009:09:44:27] config ( 3351): Error occurred during initialization of VM
[18/Dec/2009:09:44:27] config ( 3351): java.lang.StackOverflowError
[18/Dec/2009:09:44:27] config ( 3351):
[18/Dec/2009:09:44:27] config ( 3351): at java.lang.String.hashCode(String.java:1482)
[18/Dec/2009:09:44:27] config ( 3351): at java.util.Hashtable.get(Hashtable.java:334)
[18/Dec/2009:09:44:27] config ( 3351): at java.util.Properties.getProperty(Properties.java:932)
[18/Dec/2009:09:44:27] config ( 3351): at java.lang.System.getProperty(System.java:653)
[18/Dec/2009:09:44:27] config ( 3351): at java.lang.Class$3.run(Class.java:2897)
[18/Dec/2009:09:44:27] config ( 3351): at java.security.AccessController.doPrivileged(Native Method)
[18/Dec/2009:09:44:27] config ( 3351): at java.lang.Class.checkInitted(Class.java:2881)

Thanks for the reply.
curretnly i see from logs we have servicepack 6 for iplanet6.0 in my box. If i upgrade with new servicepack can i use JDK1.6? because i don't see that kind of statement with even in any of the documents.The documents only talk upto 1.4.2
secondly upgrading to newer version,I think for this we need to take new licences and is there will be a cost factor for 7.0 upgrade.Because i see the free download is only for 60 day evaluation. For upgradation i need to talk to my management for getting approval i need to atleast show them we cannot do it with the existing 6.0 server with SP6.
I use the default value intially,and i was getting the StackOverFlow error.Some sites suggested in increasing the stacksize value for remedy to StackOverFlow error.So i increased it in an increments of 1MB. And thought this would be the peak value and stopped over there.

Iplanet webserver response is not compressed

Hi,
I have a Iplanet webserver sp6 on Sun solaris OS. The problem is that the response to the client is not in compressed form. I have conmpared the setting with another webserver which is working fine and I do not see any difference in the magnus.conf or obj.conf.
Appreciate if somebody could hlp
Regards,

I don't understand. iPlanet Web Server 6.0 SP6 never compresses responses. The first version of Web Server to implement HTTP compression was Sun ONE Web Server 6.1.

Virtual Hosting in iPlanet WebServer 6.0

I have created a virtual server in the default installation of iPlanet WebServer 6.0 The Virtual Server Class is the DEFAULT class. For a Vortual object class i'll have a obj.conf rite????
But my obj.conf don't have any object for obj.conf
I have attached my obj.conf files below....
First is from /wsroot/https-instance/config
# Use only forward slashes in pathnames--backslashes can cause
# problems. See the documentation for more information.
<Object name=default>
NameTrans fn="NSServletNameTrans" name="servlet"
NameTrans fn="pfx2dir" from="/servlet" dir="d:/iplanetws/servers/docs/servlet" name="ServletByExt"
NameTrans fn=pfx2dir from=/mc-icons dir="d:/iplanetws/servers/ns-icons" name="es-internal"
NameTrans fn="pfx2dir" from="/manual" dir="d:/iplanetws/servers/manual/https" name="es-internal"
NameTrans fn=document-root root="$docroot"
PathCheck fn=nt-uri-clean
PathCheck fn="check-acl" acl="default"
PathCheck fn=find-pathinfo
PathCheck fn=find-index index-names="index.html,home.html"
ObjectType fn=type-by-extension
ObjectType fn=force-type type=text/plain
Service type="magnus-internal/jsp" fn="NSServletService"
Service method=(GET|HEAD) type=magnus-internal/imagemap fn=imagemap
Service method=(GET|HEAD) type=magnus-internal/directory fn=index-common
Service method=(GET|HEAD) type=*~magnus-internal/* fn=send-file
AddLog fn=flex-log name="access"
</Object>
<Object name=cgi>
ObjectType fn=force-type type=magnus-internal/cgi
Service fn=send-cgi
</Object>
<Object name="servlet">
ObjectType fn=force-type type=text/html
Service fn="NSServletService"
</Object>
<Object name="jsp092">
ObjectType fn="type-by-extension"
ObjectType fn="change-type" type="magnus-internal/jsp092" if-type="magnus-internal/jsp"
Service fn="NSServletService" type="magnus-internal/jsp092"
</Object>
<Object name="ServletByExt">
ObjectType fn=force-type type=magnus-internal/servlet
Service type="magnus-internal/servlet" fn="NSServletService"
</Object>
<Object name="es-internal">
PathCheck fn="check-acl" acl="es-internal"
</Object>
Next is in /wsroot/https-admserv/config
# Use only forward slashes in pathnames--backslashes can cause
# problems. See the documentation for more information.
<Object name="default">
NameTrans fn="admin-uri2path" root="d:/iplanetws/servers/https-admserv/config"
NameTrans fn="NSServletNameTrans" name="servlet"
NameTrans fn="pfx2dir" from="/servlet" dir="d:/iplanetws/servers/docs/servlet" name="ServletByExt"
PathCheck fn="admin-check-admpw" admpwfile="d:/iplanetws/servers/https-admserv/config/admpw" admdns="*.iplanet.com" admip="*" final=true
PathCheck fn=find-pathinfo
PathCheck fn="nt-uri-clean"
PathCheck fn="ntcgicheck" extension=".exe"
PathCheck fn=find-index index-names="index.html"
ObjectType fn="type-by-extension"
ObjectType fn="force-type" type="magnus-internal/cgi"
Service fn="send-cgi" type="magnus-internal/cgi"
Service fn="NSServletService" type="magnus-internal/jsp"
Service fn="imagemap" method="GET" type="magnus-internal/imagemap"
Service fn="send-file" method="GET"
Error fn="admin-error" reason="server error"
AddLog fn="flex-log" name="access"
</Object>
<Object name="servlet">
ObjectType fn=force-type type=text/html
Service fn="NSServletService"
</Object>
<Object name="jsp092">
ObjectType fn="type-by-extension"
ObjectType fn="change-type" type="magnus-internal/jsp092" if-type="magnus-internal/jsp"
Service fn="NSServletService" type="magnus-internal/jsp092"
</Object>
<Object name="ServletByExt">
ObjectType fn="force-type" type="magnus-internal/servlet"
Service type="magnus-internal/servlet" fn="NSServletService"
</Object>
<Object name="es-internal">
ObjectType fn="force-type"
</Object>
<Object name="jsp">
Service fn="NSServletService"
</Object>
Plzz. clarify in this regards..
Thanks and Regards
Ashok R

Hi,
In iWS6.0 it has been changed. About virtual configuration details,
it will under "server.xml" file, please look it out above file in config directory.
For more information, look it to
NSAPI Programmer’s Guide for iPlanet Web Server.(http://docs.iplanet.com).
Thanks,
Daks.

Single-Sign-On (SSO) configuration on JAVA Stack through HTTP Header method

Hello SDN community,
in the context of a Proof of Concept, we are testing the integration of Microsoft Sharepoint Portal with SAP Backend (addin) systems.
As the architecture impose use an external scenario (access from the internet), we couldn't use the Kerberos (SPNego) solution and thus we chosed the http header solution which in short uses an intermediary web server (in this case the IIS of the MOSS solution) which will act as authority.
I miss information on how the workflow works for this http header authentication method. Through the visual administrator of the addin JAVA stack, it is possible to configure each application with a customized authentication (a choice of security modules). But this all that I know.
My task is to configure SSO. From a sharepoint portal, the user should be able to access Web Dynpros and BSPs. I imagine that the very first call to a webdynpro or bsp (or maybe when we log on the sharepoint portal), the request to the WDP or BSP will first be forwareded by the intermediary server to the JAVA stack (or is it the SAP dispatcher that has to be configured).
Is there an application to be built on the java stack to deal with the authentication, modify http header?
What will the Java stack return? a sap long ticket? a token?
How will the redirect work (to by example a BSP which is in the ABAP stack)?
SAP preconise to secure with SSL the link between the intermediary web server and the JAVA stack, is IP restriction also a solution?
A lot of questions about how this SSO http header should work,
I would be very greatful for any help, or info,
Kind regards,
Tanguy Mezzano

Hi Tanguy,
to tell you the truth I'm really unsure about what you are trying to achieve. When I started posting to your thread I thought all you wanted was trying to access your J2EE engine via Browser and authenticate against the engine using HTTP Header Variables. Nevermind:
Here are some answers to your question:
in fact I did succeed, the problem was that even after domain-relaxation done by the J2EE, I had to change the domain of th SAP cookie to the bbbb.domain.com to be understood (I would have thought that all hosts in/under domain .domain would have accepted such a cookie but it seems that no...).
The server does not care about the domain because Cookies in an HTTP Request do not contain any domain information. The domain is just important when the Cookie is set by the server so your Client (Browser) will know in which cases the Cookie may be sent or not. So if your domain is xxx.yyy.domain.com and your cookie is issued to .domain.com then your Browser will definitely sent it to all hosts under .domain.com (This includes xxx.yyy.domain.com etc.)
My current scenario is: in a first request get a SAP Logon Ticket from the Java Stack, then change its domain and then directly call the backend with it.
You can do that but there is no Client involved in this scenario. So this is useful if you just want to test the functionality (e.g. authentication to J2EE using Header Variables (This works finally!!!) and then use the fetched Logon Ticket to test SSO against any trusted Backend!!)
So everything's is in a Java Client application without using any redirection.
If I understand you, you're solution is from the Browser call a servlet (which is deployed on the Java Stack and has no authentication schema) by passing to it our http header.
No, you should initially authenticate somewhere! I thought that maybe you had some resource you access before accessing the Java Stack. This could be any application (e.g. deployed on a Tomcat or JBOSS or other server or if you like even SAP J2EE). After authenticating there you are aware of the username and could use it to procceed (e.g. Authenticate against the J2EE using the same user and HTTP Header authentication for that particular user!)
That servlet will transfer the http header (with the HttpClient app) in order to get from the Java Stack a SAP Logon ticket, and then to redirect to the resource and by sending back the cookie in client browser. Am I correct?
This was just a suggestion because I realized that there was no Client ever involved in any of your testing (looked strange to me!). I was just thinking that it would be easier for you to just get the Cookie into your Browser so your Browser would do the rest for you (in your case finally send the Logon Ticket Cookie to your Backend to test SSO using Logon Tickets!).
The AuthenticatorServlet somehow serves as a Proxy to your client because your client is not able to set the Header Variable. That's why I initially suggested to use a Proxy (e.g. Apache) for that purpose. The problem is just that if you use a Proxy you will have to tell it somehow which username it should set in the Header Variable (e.g. using a URL Parameter or using a personalized client certificate and fetch the username (e.g. cn=<username> from the certificate!)
This way of doing would simplify the calls for sso for each new application needing authentication, instead of having all code each time in it...
I'm stuck again! Do you want to authenticate an End User or do you want to authenticate an application that needs to call any resources in your Backend that requires authentication?
So my problem now, is how to call the servlet from the client browser:
I'm trying to call my servlet from the browser but I don't succeed. I am able to understand how to reach a jsp from the Java Stack, but not to reach a servlet. I don't find the path to my servlet:
<FORM method="POST" action="SSORedirect2" >
A JSP is a servlet too. There is just no JAVA Class involved!
You do not need any POST Request to invoke a Servlet.
I see that my servlet is deployed, but I don't how what path to give to my form to invoke the servlet, here follows my web.xml
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE web-app (View Source for full doctype...)>
- <web-app>
<display-name>WEB APP</display-name>
<description>WEB APP description</description>
- <servlet>
<servlet-name>SSOredirect2</servlet-name>
<servlet-class>com.atosorigin.examples.AuthenticatorServlet</servlet-class>
</servlet>
- <servlet>
<servlet-name>SSORedirect2.jsp</servlet-name>
<jsp-file>/SSORedirect2.jsp</jsp-file>
</servlet>
- <security-constraint>
<display-name>SecurityConstraint</display-name>
- <web-resource-collection>
<web-resource-name>WebResource</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
- <auth-constraint>
<role-name>DefaultSecurityRole</role-name>
</auth-constraint>
</security-constraint>
- <security-role>
<role-name>DefaultSecurityRole</role-name>
</security-role>
</web-app>
If you have an AuthenticatorServlet Class all you need is to add the Servlet Mapping in your web.xml file
e.g.
<servlet>
<description>
</description>
<display-name>AuthenticatorServlet</display-name>
<servlet-name>AuthenticatorServlet</servlet-name>
<servlet-class>com.atosorigin.examples.AuthenticatorServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>AuthenticatorServlet</servlet-name>
<url-pattern>/AuthenticatorServlet</url-pattern>
</servlet-mapping>
You can directly call the Servlet in your Browser by calling the URL provided in the url-pattern of your Servlet mapping ( in this case /AuthenticatorServlet). The engine will invoke the Class "com.atosorigin.examples.AuthenticatorServlet" in the background and do whatever you defined there!
I have also to pass my http header and the redirectUrl in the GET request.
If you like! I just suggested this for testing purposes. As I stated before you need a way to tell your proxy (or in your case AuthenticatorServlet) which user should be set when calling the Engine in order to authenticate using HTTP Header. You could use the URL Paramater to define the user you actually want to use when you set the Header Variable.
I just introduced the redirectURL because you were talking about redirects all the time. So if you finally want to call the Backend you could define the Backend URL in the redirectURL Parameter and the Servlet will make sure that you are redirected to this location after the whole process!
Thx for your input very helpful,
But again 0 points
Cheers

SSRS web services 401 if you pass "Authorization" http header

We use both SSRS 2008 R2 and 2012. When i access a report using url access (direct ssrs server hit) and add a "Authorization: Bearer xyzelkalklsjsdfalsjdf" http header, i get a 401 from somewhere in the request pipeline. I have a custom httpmodule
registered at the top of the chain which does some OAuth related security checks. But when this header is included, the request never reaches the httpmodule. If i change the header slightly ex: "YAuthorization: ljlxzcvc..", then the request reaches
the httpmodule and everything works. So obviously SSRS is looking for a particular header named "Authorization" and does something with it. Point to note: we have implemented a custom forms authentication module and we are doing some rich authorization
using the extensible ssrs api.
Now my questions are:
1. What is happening here? Who is acting on my request before my HttpModule registered on top in ssrs\reporting service\web.config gets it?
2. How do i ensure my httpmodule executes before whatever component is terminating my request with a 401

Sorry if this sounds like I am new to this but I am.
So, the extended version is the format that would be used if you were not utilizing the files that the wsdl2java function creates?
And this is done to when you want more flexibiility for the user to call your service?
So, you would push to have the stub files used when you want to control how the web service is used?
thanks for the feedback.

How can I connect to Oracle database from Iplanet webserver running on a Linux box and a database running on a Solaris box?

Hi - I'm new to this group and wonders whether you guys can help me.
I'm trying to connect to my Oracle9i database via a Java servlet but
got the following error message in the web browser:
Internal error: exception thrown from the servlet service function
(uri=/servlet/HelloWWW6): java.lang.NullPointerException, Stack:
java.lang.NullPointerException
at oracle.jdbc.oci8.OCIDBAccess.check_error(OCIDBAccess.java:1743)
at oracle.jdbc.oci8.OCIEnv.getEnvHandle(OCIEnv.java:69)
at oracle.jdbc.oci8.OCIDBAccess.logon(OCIDBAccess.java:452)
at oracle.jdbc.driver.OracleConnection.(OracleConnection.java:287)
at oracle.jdbc.driver.OracleDriver.getConnectionInstance
(OracleDriver.java:442)
at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:321)
at java.sql.DriverManager.getConnection(DriverManager.java:512)
at java.sql.DriverManager.getConnection(DriverManager.java:172)
at HelloWWW6.doGet(HelloWWW6.java:40)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
com.iplanet.server.http.servlet.NSServletRunner.invokeServletService
(NSServletRunner.java:897)
at com.iplanet.server.http.servlet.NSServletRunner.Service
(NSServletRunner.java:464)
My class path is:
Java VM
classpath: /u01/iplanet/servers/plugins/servlets/examples/legacy/beans
.10/SDKBeans10.jar:/usr/local/javamail-1.2/mail.jar:/usr/local/jaf-
1.0.1/activation.jar:/u02/app/oracle/product/9i/lib:/u02/app/oracle/pr
oduct/9i/jdbc/lib:/u02/app/oracle/product/9i/jdbc/lib/classes12.zip:/u
02/app/oracle/product/9i/jdbc/lib/nls_charset12.zip:/u01/iplanet/serve
rs/bin/https/jar/NSServletLayer.jar:/u01/iplanet/servers/bin/https/jar
/NSJavaUtil.jar:/u01/iplanet/servers/bin/https/jar/NSJavaMiscUtil.jar:
/u01/iplanet/servers/bin/https/jar/servlet.jar:/u01/iplanet/servers/bi
n/https/jar/servlet-2.3-filters-
api.jar:/u01/iplanet/servers/bin/https/jar/jsp092.jar:/u01/iplanet/ser
vers/bin/https/jar/jaxp.jar:/u01/iplanet/servers/bin/https/jar/crimson
.jar:/u01/iplanet/servers/bin/https/jar/xalan.jar:/u01/iplanet/servers
/bin/https/jar/jspengine.jar:
My LD_LIBRARY_PATH is:
/u02/app/oracle/product/9i/lib:/u02/app/oracle/product/9i/jdbc/lib:/u0
2/app/oracle/product/9i/jdbc/lib/classes12.zip:/u02/app/oracle/product
/9i/jdbc/lib/nls_charset12.zip
Can anyone help? This is currently driving me nuts. I was able to
connect when I changed it to an application.
I am using the Iplanet Webserver 6.0 on a Linux 7.2 platform. Like I
said, sqlplus works fine, standard java application works fine but
when I change it to a servlet (which means it now goes through the
webserver, I get this error message)
Does anyone know what the source code is trying to do at
OCIDBAccess.java:1743 ?
Thanks guys!

Tony, could you please explain me better the procedure that you wrote?
What are the boxes? My situation is similar:
| ServerSocket (1) |
| (192.168.1.100, 5555) |
|
|
|
|
| Proxy |
| Someone wants to connect to the ServerSocket (1) |
That is not true. You CAN do it but you need a box
outside the firewall with proper IP address to help
you. I am not sure if Sergio still wants the answer
today after more than a year from the original post (I
did not see the post until today when I try to search
for something else). Anyway, if such a box is
available (I call it 2nd box), you could first
establish a socket between the two boxes by HTTP
tunneling (I assume it is a http proxy). You have to
initiate the socket from the 1st box. Then start
another server socket on the 2nd box, forwarding the
traffic it gets from outside back to the 1st box using
the established channel. That is it.
Tony

OSB Http Transport Custom Authenticatiion (X509 in Http header)

Hello!
I'm trying to solve this case. We have F5 Load balancer that terminates SSL Connections From client to the OSB. When terminating the SSL, the LB adds the clients certificate into headers of the Http request going to OSB.
OSb proxy service is configured to use custom authentication with token type X509 (only choice in the OSB console).
What happens when I send the request to OSB, is that I get http code 401 (unauthorized) this error on server log:
####<Sep 27, 2011 3:08:05 PM EEST> <Error> <WliSbTransports> <appserver02> <MANSERV02> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1317125285598> <BEA-381327> <Transport-level custom token identity assertion failed
java.lang.ClassCastException: java.lang.String cannot be cast to [Ljava.security.cert.X509Certificate;
The HTTP header sent to OSB is in the messages below.
It has also been wihotu the BEGIN CERTIFICATE and END CERTIFICATE lines with same results.
Can somebody help me in:
a) Should the certificate be sent in what form from LB to OSB.
b) How should the OSB/WLS be configured for this to work?
OSB version is 10.3.1.
Request to the server is:
POST /prjTemplateService/ProxyServices/psvcHelloWolrdWSSSLInterface HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: text/xml;charset=UTF-8
SOAPAction: "urn:#HelloWorldOperation"
User-Agent: Jakarta Commons-HttpClient/3.1
Host: <ip_here>
Content-Length: 459
SSLClientCertStatus: ok
SSLClientCertb64: -----BEGIN CERTIFICATE-----
MIICHDCCAYUCBE2sABcwDQYJKoZIhvcNAQEEBQAwVTELMAkGA1UEBhMCRkkxCzAJ
BgNVBAgTAkZJMQ4wDAYDVQQHEwVFc3BvbzEMMAoGA1UEChMDRVpaMQswCQYDVQQL
EwJUQzEOMAwGA1UEAxMFSnVzc2kwHhcNMTEwNDE4MDkxMDQ3WhcNMTEwNzI3MDkx
MDQ3WjBVMQswCQYDVQQGEwJGSTELMAkGA1UECBMCRkkxDjAMBgNVBAcTBUVzcG9v
MQwwCgYDVQQKEwNFWloxCzAJBgNVBAsTAlRDMQ4wDAYDVQQDEwVKdXNzaTCBnzAN
BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvEPjEn3tvG3YuXlsLZnE7ZOKUJIF0Foy
c1hp+k7dyGUoHu3Phva7eVOO1cmHaGkFHkg+EnnK3+/Y58EMQAEwPOfQTj0/vSSk
cEx2X/2p2W7ACldJlYMxx2ZdFa1qaKTXtoieLy23/kJI+ZTfIoB+nmZiPRE9Hq8p
LTPlcMWVFnkCAwEAATANBgkqhkiG9w0BAQQFAAOBgQC3EZMQieOy4PFh+95R6W7/
3xaaRm/BzmEU/Wf9JweEwrnttdSmRKsxx9vSkADnD0J7jGO+koym5CWvJHbox4Sk
QMRPFaTOBRD4hzZeJMidds1LSzUm/QE9PXzjS/HLSjBBs5DmZfdR+uXPSFqTROkd
87R5veuPX5KeKQHs8iesTw==
-----END CERTIFICATE-----
SSLClientCertSN: 4d:ac:00:17
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:urn="urn:Hello:client">
<soapenv:Body>
<urn:HelloWorldRequest>
<urn:FirstName>Jolly</urn:FirstName>
<urn:Surname>Roger</urn:Surname>
</urn:HelloWorldRequest>
</soapenv:Body>
</soapenv:Envelope>
Response from OSB:
HTTP/1.1 401 Unauthorized
Connection: close
Date: Fri, 30 Sep 2011 08:32:33 GMT
Content-Length: 1518
Content-Type: text/html
X-Powered-By: Servlet/2.5 JSP/2.1
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Draft//EN">
<HTML>
<HEAD>
<TITLE>Error 401--Unauthorized</TITLE>
<META NAME="GENERATOR" CONTENT="WebLogic Server">
</HEAD>
<BODY bgcolor="white">
<FONT FACE=Helvetica><BR CLEAR=all>
<TABLE border=0 cellspacing=5><TR><TD><BR CLEAR=all>
<FONT FACE="Helvetica" COLOR="black" SIZE="3"><H2>Error 401--Unauthorized</H2>
</FONT></TD></TR>
</TABLE>
<TABLE border=0 width=100% cellpadding=10><TR><TD VALIGN=top WIDTH=100% BGCOLOR=white><FONT FACE="Courier New"><FONT FACE="Helvetica" SIZE="3"><H3>From RFC 2068 <i>Hypertext Transfer Protocol -- HTTP/1.1</i>:</H3>
</FONT><FONT FACE="Helvetica" SIZE="3"><H4>10.4.2 401 Unauthorized</H4>
</FONT><P><FONT FACE="Courier New">The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.46) containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field (section 14.8). If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity MAY include relevant diagnostic information. HTTP access authentication is explained in section 11.</FONT></P>
</FONT></TD></TR>
</TABLE>
</BODY>
</HTML>

>
by using Client Cert authentication I have to set HTTPS required to true.
>
Yes.
>
When I try to invoke this service with http request, it redirects to https service.
This actually just trashes the entire idea of terminating SSL in the load balancer.
>
Not necessarily. Although direct HTTP request to WebLogic is redirected to HTTPS enabled port, you can still use this settings with WebLogic plugin. I'm not aware of your deployment, but I use Apache plugin for WebLogic, terminate SSL on Apache and I'm still able to send requests authenticated by certificate from client through HTTPS.
I don't know about F5, but I guess there should be similar feature as well.
http://download.oracle.com/docs/cd/E12840_01/wls/docs103/cluster/load_balancing.html

ESB requires "SOAPAction" to be set in HTTP header?

I'm trying to insert an ESB flow between an existing web service and client. The service and client were previously built with Apache Axis.
By generating an appropriate WSDL (doc/wrapped rather than Axis' default RPC style) for the existing service, I'm able to connect the ESB to the service.
The problem is that the existing client (built using Axis) sets the SOAPAction in the HTTP header to empty (SOAPAction: ""), and the ESB appears to require this to be set to the desired operation. If this is a hard requirement, then I can't directly connect the existing client to the ESB flow.
So, the question is whether it's possible to have the ESB relax the requirement for the SOAPAction header. And if so, how?
If I can't get the ESB to accept SOAP requests with an empty SOAPAction, then I'll have to create a custom adapter or insert an additional proxy layer (yuk). Anyone else have any suggestions?

This is all done automatically by FB.
Just to try something out I just now made a simple app with a label only and tried to upload to Google... FAILED!!!!
"Market requires versionCode to be set to a positive 32-bit integer in AndroidManifest.xml"
LOL, FB can't even create this. :-/
<?xml version="1.0" encoding="utf-8" standalone="no"?>
<application xmlns="http://ns.adobe.com/air/application/3.1">

Message was edited by: KesherMedia.Com

How to delete server information in http header?

Hello,
how could i delete the server information in the http-header?
HTTP/1.1 500 Internal Server Error
connection: close
server: SAP J2EE Engine/7.00 <--- this here
date: Tue, 11 Nov 2008 08:27:08 GMT
pragma: no-cache
content-type: text/html;charset=ISO-8859-1
content-length: 2046
set-cookie: saplb_*=(icdus445_PA3_03)39216850; Version=1; Path=/
Best regards,
Dennis

Hi,
the solution is to set the value for UseServerHeader to false.
This can be done from the VisualAdmin for the HTTP service of all servers + dispatcher.
Thanks for the support
Christian Birkle

Problem setting Unicode (utf-8) in http header using tomcat

Hi:
I am trying to set a file name in utf-8 to http header using the following code:
response.setContentType("text/html; charset=utf-8");
response.setHeader("Content-disposition", "attachment; filename=解決.zip");
// I actually has file name in utf-8 here to set to the header, and I know that the name is correctly
// and I also looked into the response object MimeHeaders object and saw the head is correctly there
then write the content of zip file using ServletOutputStream.
The problem I have is that the file name is not displayed correctly when prompted to save or open in the pop up window next. I found out using Fiddler that the request header is wrong:
Content-disposition: attachment; filename=�zn��.zip
I am using Tomcat 5.0.28. Any idea how to get this working?
Thanks in advance!

You are setting the charset for the content to be UTF-8. (That is why the method is called setContentType.) But HTTP headers are not part of the content and so that has no effect on the header.
The original specification for HTTP only allowed US-ASCII characters in headers. It is possible that more recent versions have features that allow for non-ASCII header data, but I don't know if that is the case or how you would use those features if they exist.

ACE: wrong IP in HTTP header HEALTHCHECK packet

Hi,
I encounter a strange problem with ACE when the blade performs a HTTP healthcheck towards a RSERVER.
Sometimes, ACE insert in the HTTP header a strange IP address, others then the IP address of the rserver, for which it performs a healthcheck.
Anyone encountered the same problem?
Thx, Wim

Hi Gillis,
I reported this issue to our integrator. I think they will open a cisco case right now.
We are able to reproduce this problem. So, that might not be the problem to troubleshoot at this moment.
For your information, we had version A1.6 running until last week. Now, we upgraded to A2, but the healthcheck issue is still present.
I assume you 'll informed via the support case?

BC Ecommerce SOAP Error: Server did not recognize the value of HTTP Header SOAPAction

I am trying to add a product to an ecommerce site with this soap action: Product_UpdateInsert
I have followed this very brief instruction: https://jollyrogers.worldsecuresystems.com/catalystwebservice/catalystecommercewebservice. asmx?op=Product_UpdateInsert
I have a html page in a secure area with a jQuery ajax soap script.
I get the this error when I run the script:
<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><soap:Fault><faultcode>soap:Client</faultcode><faultstring>Server did not recognize the value of HTTP Header SOAPAction: https://jollyrogers.worldsecuresystems.com/CatalystDeveloperService/CatalystEcommerceWebse rvice/Product_UpdateInsert.</faultstring><detail /></soap:Fault></soap:Body></soap:Envelope>
I have also tried to add a header with the Soap action with the beforeSend in the ajax call.
This must have been solved before I suppose?
Here is my script:
<!DOCTYPE html>
<html lang="en">
<head>
<title>Test SOAP Request</title>
    <script type="text/javascript" src="//code.jquery.com/jquery-1.10.2.min.js"></script>
    <script type="text/javascript" src="//cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.3.1/jquery.cookie.min.js"></script>
    <script type="text/javascript" src="//cdnjs.cloudflare.com/ajax/libs/underscore.js/1.5.1/underscore-min.js"></script>
    <script type="text/javascript" src="//cdnjs.cloudflare.com/ajax/libs/backbone.js/1.0.0/backbone-min.js"></script>
    <script type="text/javascript" src="//cdn.worldsecuresystems.com/bcapi/bcapi-0.0.1.min.js"></script>
</head>
<body>
<script>
var wsUrl = "https://jollyrogers.worldsecuresystems.com/catalystwebservice/catalystecommercewebservice. asmx";
var soapRequest =
'<?xml version="1.0" encoding="utf-8"?> \
<soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> \
<soap12:Body> \
    <Product_UpdateInsert xmlns="https://jollyrogers.worldsecuresystems.com/CatalystDeveloperService/CatalystEcommerceWebse rvice"> \
      <username>myEmailAdress</username> \
      <password>mySecretPassw</password> \
      <siteId>1894001</siteId> \
      <productList> \
        <Products> \
          <productCode>ZJAWEyuuyN</productCode> \
          <productName>My test product</productName> \
          <description>Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.</description> \
          <smallImage>/images/product1/small.jpg</smallImage> \
          <largeImage>/images/product1/large.jpg</largeImage> \
         <cataloguesArray> \
             <string>/Store/</string> \
          </cataloguesArray> \
          <pricesSaleArray> \
            <string>US/19.95,3/17.96,7/16.96</string> \
          </pricesSaleArray> \
          <pricesRetailArray> \
            <string>US/20,5/19,8/20</string> \
          </pricesRetailArray> \
          <pricesWholesaleArray> \
            <string>US/20,5/19,8/20</string> \
          </pricesWholesaleArray> \
          <wholesaleTaxCodeArray> \
            <string>US/0.00</string> \
          </wholesaleTaxCodeArray> \
          <taxCodeArray> \
            <string>GB/VAT</string> \
          </taxCodeArray> \
          <groupProducts> \
            <string>580H0036BL</string> \
            <string>ACAI60</string> \
            <string>ABC-123</string> \
          </groupProducts> \
          <groupProductsDescriptions> \
            <string>Lorem ipsum dolor sit amet</string> \
            <string>consectetur adipisicing elit</string> \
          </groupProductsDescriptions> \
          <supplierEntityId>1234</supplierEntityId> \
          <supplierCommission>0</supplierCommission> \
          <weight>30</weight> \
          <tags>NEW!</tags> \
          <unitType>string</unitType> \
          <minUnits>0</minUnits> \
          <maxUnits>2</maxUnits> \
          <inStock>43</inStock> \
          <onOrder>3</onOrder> \
          <reOrder>2</reOrder> \
          <inventoryControl>true</inventoryControl> \
          <canPreOrder>true</canPreOrder> \
          <custom1>Text in custom field 1</custom1> \
          <custom2>Text in custom field 2</custom2> \
          <custom3>Text in custom field 3</custom3> \
          <custom4>Text in custom field 4</custom4> \
          <popletImages>/images/image1.jpg;/images/image2.jpg;</popletImages> \
          <enabled>true</enabled> \
          <deleted>false</deleted> \
          <captureDetails>true</captureDetails> \
          <downloadLimitCount>20</downloadLimitCount> \
          <limitDownloadsToIP>0</limitDownloadsToIP> \
          <isOnSale>true</isOnSale> \
          <hideIfNoStock>true</hideIfNoStock> \
          <productAttributes>Size*|5|Y:L||UK/2|US/20,S||UK/1|US/10</productAttributes> \
          <isGiftVoucher>false</isGiftVoucher> \
          <enableDropShipping>true</enableDropShipping> \
          <productWeight>0</productWeight> \
          <productWidth>0</productWidth> \
          <productHeight>0</productHeight> \
          <productDepth>0</productDepth> \
          <excludeFromSearch>false</excludeFromSearch> \
          <productTitle>My product title</productTitle> \
          <cycletypeId>3</cycletypeId> \
          <cycletypeCount>-1</cycletypeCount> \
          <slug>my-product</slug> \
          <hasVariations>true</hasVariations> \
          <variations> \
            <ProductVariation xsi:nil="true" /> \
            <ProductVariation xsi:nil="true" /> \
          </variations> \
        </Products> \
      </productList> \
    </Product_UpdateInsert> \
</soap12:Body> \
</soap12:Envelope>';
$.ajax({
     type: "POST",
     beforeSend: function(xhr){xhr.setRequestHeader('SOAPAction', 'https://jollyrogers.worldsecuresystems.com/CatalystDeveloperService/CatalystEcommerceWebse rvice/Product_UpdateInsert');},
     url: wsUrl,
     contentType: "text/xml",
     dataType: "xml",
     data: soapRequest,
     success: processSuccess,
     error: processError
function processSuccess(data, status, req)
   if (status == "success")
   alert("Success!");
function processError(data, status, req)
   alert("Failed!");
   alert(req.responseText + " " + status);
</script>
</body>
</html>

This line is a target namespace so it should not be changed: <Product_Retrieve xmlns="http://tempuri.org/CatalystDeveloperService/CatalystEcommerceWebservice"> It is very easy to think that it's a placeholder and that it should be replaced with your own url, which it should not and which will fail.
This works now:
<!DOCTYPE html>
<html lang="en">
    <head>
        <title>Test 7 SOAP Request</title>
        <script type="text/javascript" src="//code.jquery.com/jquery-1.10.2.min.js"></script>
    </head>
    <body>
        <script>
            var SoapMessage = '<?xml version="1.0" encoding="utf-8"?> \
<soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> \
<soap12:Body> \
<Product_Retrieve xmlns="http://tempuri.org/CatalystDeveloperService/CatalystEcommerceWebservice"> \
<username>Your Email</username> \
<password>Your password</password> \
<siteId>1894001</siteId> \
<productCode>HHKDKXS5MB</productCode> \
            </Product_Retrieve> \
            </soap12:Body> \
            </soap12:Envelope>';
            var url = "https://jollyrogers.worldsecuresystems.com/catalystwebservice/catalystecommercewebservice. asmx";
            $.support.cors = true;
            $.ajax({
                type: "POST",
                url: url,
                data: SoapMessage,
                dataType: "xml",
                processData: true,
                contentType: "text/xml; charset=\"utf-8\"",
                success: function (msg) {
                    alert("suc: " + msg);
                error: function (msg) {
                    alert("Failed: " + msg);
        </script>
    </body>
</html>

Make process manger send additional http header when querying WSDL ?

Hello,
is there a possibility to send an additional, custom http header when
process manager reads WSDL from a webserver.
Backgrund info: all our WSDLs are hosted on a special webserver which
needs this field. Changing to another kind of repository is not an option.
It would be nice if we could add some parameter to the appserver or domain
configuration to add this field as a default for each request.
Note that we don´t need the http field if we call partnerLinks. It´s only required for
WSDL-query (= the URLs given in bpel.xml / </partnerLinkBinding> )
Thanks in advance
Bernd

Hi,
It is a memory or buffer related problem. Contact your BASIS.
Looks like there is a shortage of space. Analyse the dump in ST22 and look for its proposals.
OSS note 965351 might be applicable (if you are on 640/ unix).
regards,
NR

To block iplanet webserver version in http header

Similar Messages

Maybe you are looking for