WebDispatcher - http - https

Similar Messages

• Weblogic 10.3: web service client enable HTTP/HTTPS connection reuse?

  hi all,
  i am writing an client app to call a web service, through a client proxy generated by jdeveloper/weblogic.
  My question is:
  for the weblogic web service client proxy, is it possible to enable HTTP/HTTPS connection reuse/pooling?
  i see there is many connection created when calling the web service (by command netstat)?
  thank you.
  lsp

  anybody can help?
  thanks

• Mixed HTTP/HTTPS in one Struts-Application?

  Hello!
  I need to mix SSL (HTTPS)-Connection for Login and a few admin-pages and "normal" HTTP-Connections for most of my pages in my Struts-bases Webapplication.
  How can i handle this issue?
  Where can i get a detailled description of configuration an OC4J or Tomcat and Struts?
  regards
  Harald.

  Hello Frank!
  I tested sslstruts-example on standalone - tomcat and standalone - oc4j with ssl and it worked using http- and https-port defined in tomcat or oc4j.
  My problem is, that my environment is a tomcat with apache webserver (mod_jk) or ias (apache with oc4j mod_oc4j).
  What Port-Numbers do you usein struts-config.xml in this scenario (HTTP/HTTPS-Port from Apache Webserver)?
  regards
  Harald.

• Executing ABAP Report- No memory for processing HTTP, HTTPS or SMTP query

  Hello experts,
  I am getting same error while running ABAP Report- /OSP/TRIGGER_LEAVE_SCHEDULER
  Error-
  No memory for processing HTTP, HTTPS or SMTP query .
  Please help.
  Regards,
  Shashank

  Hello
  This should solve it
  1562539 - No memory for processing HTTP, HTTPS, or SMTP queries.
  Thanks
  Alagappan

• Unable to connect to the Exchange server using HTTP/HTTPS protocol.

  hi,
  i try to connect microsoft exchange server, but it give me
  error
  Unable to connect to the Exchange server using HTTP/HTTPS
  protocol.
  my code is pasted below............
  <!--- connection parameters --->
  <cfparam name="user1" default="uHRH">
  <cfparam name="user2" default="uHRH">
  <cfparam name="password" default="uHRH">
  <cfparam name="exchangeServerIP" default="192.168.0.1">
  <cftry>
  <!--- Open a connection to the exchange server by
  specifying the required user credentials --->
  <cfexchangeConnection
  action="open"
  username ="#user1#"
  password="#password#"
  server="#exchangeServerIP#"
  <!--- protocol = "http"--->
  connection="conn1">
  <cfoutput>Connection to exchange server
  "#exchangeServerIP#" established</cfoutput>
  <!--- Close connection to exchange server --->
  <CFExchangeConnection
  action="close"
  connection="conn1">
  <cfoutput>Connection to exchange server
  "#exchangeServerIP#" terminated</cfoutput>
  <!--- Error Information --->
  <cfcatch type="any">
  <cfoutput>#cfcatch.message#</cfoutput>
  </cfcatch>
  </cftry>
  if any one know how to solve this error?

  Hi,
  The "<cfexchangeConnection>" tag supports both "HTTP"
  and "HTTPS" connection.. So Please make sure the username has the
  "Outlook Web Access".
  Also try removing the <!--- protocol = "http"--->
  comment which you placed inside the "<cfexchangeConnection>"
  tag.

• Load balancing Http/https requests of SRM

  Hi all,
  we are on SRM 5.0 with CI and one DI , we don't have any web dispatcher for routing http/https requests.
  Currently CI is flooded with all requests and DI is sitting idle no routing  is  going on.... and users are experiencing Time out expceptions ...
  we  have configured SMLG  and services in SICF have group assigned...
  we have BI portal where users log in and  access all SRM web applications like shopping cart, invoice....
  Please suggest how to handle the load balancing of http/https requests with message server...
  Thanks,
  Subhash.G

  Thanks

• How the balance works for http/https in CSS?

  I want to understand how the balance works for http/https in the CSS.
  As per doc,
  - http/1.0=single URL per TCP connection
  - http/1.1=persistent connection.
  Q1. my understanding is http is stateless connection so needs TCP session for each URL. how the http/1.1 works with persistent. keep the same TCP session for a multiple URL request?
  Q2. https is using single URL and continue processing until terminate the https instead of open another URL in the middle of transaction. in this case, I think the client can stick into same service based on the assumption the CSS support persistent. if then, no advanced sticky(ex, srcip) required?
  Q3. looks below both are analogy. what's difference between them?
  - balance srcip(same src IP to the same service)
  - advanced-balance sticky-srcip
  Q4. what's balance decision mechanism for "balance roundrobin" to distribute evenly? ex, in case of multiple URL request coming from same client. evenly distribute URLs?
  Regards,

  Hello,
  first let me clarify 1 point.
  HTTP/HTTPS are standards that are defined in RFC.
  For HTTP/1.1 you can check the following RFC
  http://www.faqs.org/rfcs/rfc2616.html
  Therefore, the behavior of HTTP 1.1 is not defined by the CSS.
  Q1- HTTP/1.1 simply keeps 1 TCP connection to send a received mutiplie HTTP request/response.
  HTTP/1.0 will open 1 TCP connection for every HTTP request.
  Q2- HTTPS is just HTTP over SSL.
  So basically the same rule as above applies.
  HTTP/1.1 can use 1 SSL connection for many HTTP request/response while HTTP/1.0 will use 1 SSL connection for each HTTP request.
  Therefore, if you have customer using HTTP/1.0 you need some form of stickyness to guarantee that every connections will go to the same server.
  Even if only using HTTP/1.1 you may need stickyness.
  A user could disconnect and reconnect and require to be loadbalanced to the same server as before.
  Q3- There is a big different between balance srcip and sticky-srcip.
  The balance srcip simply hash the source ip address to find the destination server.
  The problem of this method is that the loadbalancing is not guarantee to be evenly distributed between the servers.
  With sticky-srcip, you use a normal balance method like round-robin, and then you create a sticky entry in a sticky table.
  Next time this user comes back we first check the sticky entry to find the destination server.
  The advantage is that it guarantess your users will be evenly distributed among the server.
  Q4- roundrobin is applied to connection - not url [by default].
  So if you have 2 users and they both open 1 connection, the CSS will send 1 connection to 2 different servers.
  So each server has 1 connection.
  If one user sens 10 URL and the other 1 sends only 1, one server will have 10 url to process while the other only one.
  That's if you are using HTTP/1.1 and use persistent mode on the CSS.
  You can break persistency and split the url.
  I run out of space and time to explain you everything.
  I suggest you go read the RFC or a book on HTTP.
  Also read the CSS configuration guide.
  There is much more you need to know if you want to take full advantage of the CSS like cookie, ssl offloading, L7 rules vs L3/4 rules, ...
  Regards,
  Gilles.

• Websites -HTTP/HTTPS/FTPS, no DMZ

  Hello everyone,
  I'm having some trouble and need your assistance.
  We have thirty five HTTP/HTTPS/FTPS web sites to setup in the ASA 5520 ASDM firewall, we need to know if its possible to have them all setup 
  without using a DMZ, we have two or three sub-nets with HTTP/HTTPS/FTPS servers. We get the first website setup on the ASA ASDM GUI  working great, when we begin to add multiple sites is when all stop working, even the original first site stops working.
  I have all networks talking to each other as inside to inside or all using the same security-level 100 a requirement we have all internal networks allow traffic between networks. We would like to allow outside users/customers to have access 
  to our HTTP/HTTPS/FTPS websites without having to setup two or more DM Z's.
  What I'm using to setup each website as a template
  object network SMS-WebServer-HTTP
  host 10.10.2.10 inside IP address
  nat (VLAN102,outside) static 98.101.206.252 service tcp 80 80 outside address
  object network SMS-WebServer-HTTPS
  host 10.10.2.10 inside IP address
  nat (VLAN102,outside) static 98.101.206.252 service tcp 443 443 outside address
  access-list OutsideToVLAN102 permit tcp any host 10.10.2.10 eq 80
  access-list OutsideToVLAN102 permit tcp any host 10.10.2.10 eq 443
  I'm not sure what's required to get all HTTP/HTTPS/FTPS sites working through the firewall without using the DMZ and using the ASDM for setup.
  Thank you all

  Hi,
  Will need some clarification on what you are actually wanting/attempting to do and what the current situation with regards to the network is.
  First thing that I want to ask is what do you mean setting up the servers without a DMZ? Do you mean that you want to use your existing internal networks address space when configuring the servers and then simply configure NAT for the servers on the firewall INSTEAD OF configuring a separate Subnet/Vlan on the firewall where all the servers would be hosted?
  I guess technically there is nothing stopping you from setting up the servers in whatever subnet/Vlan you have already on your network. Usually though servers that are used to host resources to external users through the public network are positioned on a DMZ network which permits little to no connectivity from the servers towards the LAN networks.
  I would also be interested in exactly what commands are entered to the ASA when the connectivity to the servers stops working. I would imagine that there is some error in the configurations if they effect already working setups. You might also be overwriting the working configuration depending what you are actually inserting to the ASA. You should be able to get the CLI format configurations even if you were using only ASDM if you go to Tools -> Preferences -> choose the preview of commands
  I would also like to ask you what your situation with regards to available public IP addresses is? Are you able to dedicate each server a public IP address (though there seems to be many)? Especially in the cases of web servers you might run into a problem if you dont have a public IP address for each server since you can not forward the same port for the same public IP address to multiple internal hosts. So when you have used the HTTP and HTTPS ports for the public IP address you mention then you will already require another public IP address to forward the same ports to another server. Or you will have to use different public facing ports which is not very convinient for the actual web users if he/she has to use a port number in the URL.
  I guess there are ways to host multiple sites on a single server which means you would not need so many public IP address and special NAT configurations on the firewall but that is a thing I am not equipped to give advice to anyone :)
  So in short, we would need to know
  How many public IP addresses do you have available to use for these servers or are you going to host multiple sites on fewer number of servers?
  Are you going to have the server running on actual LAN subnets or would you be willing to atleast create a single DMZ to host the servers?
  What are the commands that you have entered that prevents the existing configurations from working? Is there any IP overlap in the configurations and does the ASA give any error messages?
  - Jouni

• Response time https/http using CSM+SSL versus CSM

  Im using C6K and CSM for load balancing and an SSL module for https termination. That means clients can access the serverfarm through https/http and compare response time values.
  What should be the expected delay generated from SSL(https) compared to cleartext(http) ?
  My customers are complaining about to much delay...
  Thanks in advance for your answer.
  Volker

  it's difficult to answer.
  There will be an initial delay required to establish the ssl session, then for each packet there will be additional delay to encrypt/decrypt the packet.
  It also depends on load.
  An CSM can handle lot of traffic but not an SSLM.
  So, if you see something wrong in a sniffer trace like packet drops, retransmits, huge delays per packet [like 300ms], then we need to investigate what is going on.
  Otherwise, this would be normal.
  Regards,
  Gilles.

• Switching Http/Https in ADF

  Hi
  my need is like i have one page in my application in HTTPS and all other pages are in HTTP.
  how can i switch the control from Http/Https. i m developing application in ADF11g.
  Regards
  Kiran Sankpal

  Hi,
  ou will need to setup a phase listener that checks the pages you request. If the viewId is the one you want to execute in https, you perform a redirect. I did something similar for JSF 1.0.1 (JDeveloper 10.1.3). Here's the code to switch the protocol
  public void handleProtocolSwitch(String viewId, boolean pageRequiresSSL)
      ExternalContext exctx = FacesContext.getCurrentInstance().getExternalContext();
      boolean isSecureSSLChannel = ((HttpServletRequest)exctx.getRequest()).isSecure();
      // pages that require SSL and SSL is on, or pages that don't require
      // SSL but SSL is on and should be kept
      if (pageRequiresSSL && isSecureSSLChannel || !pageRequiresSSL && isSecureSSLChannel && isKeepSSLMode) {
      printDebugMessage("Page requires SSL = "+pageRequiresSSL+", channel is secure = "+isSecureSSLChannel+", is keep SSL = "+isKeepSSLMode);
      printDebugMessage("No protocol change required");
      // page requires SSL and SSL is not active. Switch to SSL.
      if (pageRequiresSSL && !isSecureSSLChannel) {
        printDebugMessage("Page requires SSL = "+pageRequiresSSL+", channel is secure = "+isSecureSSLChannel);
        printDebugMessage("Protocol change required to use https");
        switchToHttps(viewId);
      // switch to HTTP is page doesn't require SSL and channel isn't secure
      // and isKeepSSLMode is false
      if (!pageRequiresSSL && !isKeepSSLMode && isSecureSSLChannel) {
        printDebugMessage("Page requires SSL = "+pageRequiresSSL+", channel is secure = "+isSecureSSLChannel+", is keep SSL = "+isKeepSSLMode);
        printDebugMessage("Protocol change required to use http");
        switchToHttp(viewId);
      if (!pageRequiresSSL && !isSecureSSLChannel) {
        printDebugMessage("Page requires SSL = "+pageRequiresSSL+", channel is secure = "+isSecureSSLChannel);
        printDebugMessage("No protocol change required");
    * Switches from https to http using a redirect call
    * @param viewId
    private void switchToHttp(String viewId) {
        FacesContext facesContext = FacesContext.getCurrentInstance();
        ExternalContext exctx = facesContext.getExternalContext();
        ViewHandler vh = facesContext.getApplication().getViewHandler();
        String pageURI = vh.getActionURL(FacesContext.getCurrentInstance(), viewId);
        //redirect to http URL
        String remoteHost = getHostNameFromRequest();
        printDebugMessage("Switch to http on host "+ remoteHost);
        try {
            String port = httpPort.equalsIgnoreCase("80") ? "" : ":" + httpPort;
            String url = "http://" + remoteHost + port + pageURI;
            printDebugMessage("Redirecting to http URL "+ url); 
            //TODO check request Map
             this.printDebugMessage(" Content size of RequestMap before redirect "+exctx.getRequestMap().size());
            exctx.redirect(url);         
        } catch (IOException e) {
            printDebugMessage("Redirect to http port failed "+ e.getMessage());
    * switches to https using a redirect call
    * @param viewId
    private void switchToHttps(String viewId) {
        FacesContext facesContext = FacesContext.getCurrentInstance();
        ExternalContext exctx = facesContext.getExternalContext();
        ViewHandler vh = facesContext.getApplication().getViewHandler();
        String pageURI = vh.getActionURL(FacesContext.getCurrentInstance(), viewId);
        //redirect to https URL
        String remoteHost = getHostNameFromRequest();
        printDebugMessage("Switch to SLL/https on host "+ remoteHost);
        try {
            String port = httpsPort.equalsIgnoreCase("443") ? "" : ":" + httpsPort;
            String url = "https://" + remoteHost + port + pageURI;
            printDebugMessage("Redirecting to https URL "+ url);       
            //TODO check request Map
            this.printDebugMessage(" Content of RequestMap before redirect "+exctx.getRequestMap().size());
            exctx.redirect(url);         
        } catch (Exception e) {
            printDebugMessage("Redirect to http port failed "+ e.getMessage());
    }Note that you need to make sure the session is kept when switching protocols, which usually is a setting on the Java EE container
  Frank

• Http - http redirection using header-field rule

  Hi,
  Is it possible to configure an http -> http redirection using header-field rules if the CSS is NOT performing the SSL encryption/decryption ?
  We can get the redirect working not using the header-field rule but not with it configured.
  cheers,
  Mike

  Gilles,
  The header-field rule works to redirect the http traffic to a specific service, but we also want the header-field rule config under the port 443 content rule.
  Can the CSS see the header or is it encrypted ?
  service 10.10.10.1-443
  ip address 10.10.10.1
  protocol tcp
  port 443
  keepalive maxfailure 2
  keepalive retryperiod 45
  keepalive frequency 45
  keepalive type script testscript "10.10.10.1 4000 3179 archepns"
  active
  service 10.10.10.2-443
  ip address 10.10.10.2
  protocol tcp
  port 443
  keepalive maxfailure 2
  keepalive retryperiod 45
  keepalive frequency 45
  keepalive type script testscript "10.10.10.2 4000 3179 archepns"
  active
  service archepns_redirect
  keepalive type none
  type redirect
  no prepend-http
  ip address 1.1.1.1
  domain https://www-knowledge-epe.company.com
  active
  header-field-group archepns_url
  header-field Request-Line request-line contain "/archepns"
  header-field-group archepns_url2
  header-field Request-Line request-line contain "/archepns"
  content archepns-redirect-sso
  vip address 20.20.20.1
  protocol tcp
  port 80
  url "/*"
  header-field-rule archepns_url weight 0
  add service archepns-redirect
  active
  content archepns-443
  vip address 20.20.20.1
  port 443
  url "/*"
  header-field-rule archepns_url weight 0
  add service 10.10.10.1-443
  active
  content archepns-redirect-sso
  vip address 20.20.20.1
  protocol tcp
  port 80
  url "/*"
  header-field-rule archepns_url2 weight 0
  add service archepns-redirect
  active
  content archepns-443
  vip address 20.20.20.1
  port 443
  url "/*"
  header-field-rule archepns_url2 weight 0
  add service 10.10.10.2-443
  active

• Initial privilege level for http/https login on Aironet

  When browsing to 1131 & 1242 via https, the password prompted for is level 1:
  "level_1_or_view_access"
  I would like this initial access to prompt for level 15 password or, at worst, level 2. Is there any way to change the level of initial access via http/https?
  Thanks in Advance

  To clarify, I wish to disallow web login for users with level 1 privileges.

• Rights Management problem (http / https)

  How do I fix the error: "You are attempting to connect to an adobe livecycle rights management server using an insecure protocol."
  Is there a way to leave the server as http and change the policies to not ask for https protocol?
  I've tried changing the BASE URL to http://localhost:8443 but cannot find any documentation to help me further.

  Is the client using Netscape Navigator or IE? There used to be a problem
  with Netscape not sending the cookies established for a domain like:
  something.com:7001/xxxxx
  if a redirect sends the user to
  something.com:7002/zzzzz
  Because of the port change in the URL, it treats these as different domains
  and doesn't send previous cookie containing session ID.
  Works fine if you use default ports for http/https and do NOT put them in
  the URL.
  Not sure if this is at all related to your problem.
  -Greg
  Check out my WebLogic 6.1 Workbook for O'Reilly EJB Third Edition
  www.oreilly.com/catalog/entjbeans3 or www.titan-books.com
  "Peter Morelli" <[email protected]> wrote in message
  news:3bf478a9$[email protected]..
  >
  We have an apache 1.3.20 with the weblogic ssl plugin front ending two5.1sp10
  weblogic servers.
  The plug-in load balances between the two servers, but when a userestablishes
  a session, all requests are served by the wl instance that established thesession.
  So far, the correct, sticky behavior.
  The problem occurs when a user establishes a session with non-SSL http,then switches
  to SSL HTTPS, or vice versa. It looks like a new session is established,and in
  some cases, the requests are now served by the other server.
  Is there any way to maintain sessions across HTTP and HTTPS?
  Thanks.
  --pete

• JMS over HTTP, HTTP tunneling, imqhttp, Glassfish, Open MQ

  Hi,
  I want to run JMS over HTTP, because of firewalls.
  My environment:
  - Windows 7 64 bits
  - Java EE 6 SDK (Glassfish 3, installer java_ee_sdk-6u4-jdk7-windows-x64.exe)
  Following instructions (Oracle GlassFish Server Message Queue Administration Guide, HTTP/HTTPS Support), I have done as follows:
  1.- modified default.properties (in my case file D:\usr\Glassfish3\mq\lib\props\broker\default.properties) by adding "httpjms" to imq.service.activelist, so I have:
  # List of active services, started at startup
  imq.service.activelist=jms,admin,httpjms
  2.- modified server.policy file (in my case D:\usr\Glassfish3\glassfish\domains\domain1\config\server.policy) by adding at the end:
  grant codeBase "file:${com.sun.aas.installRoot}/glassfish/domains/domain1/applications/imqhttp/-" {
  permission java.net.SocketPermission "*",
  "connect,accept,resolve";
  3.- I then, using the Glassfish Admin Console (listening on port 4848), deployed the application packaged in the imqhttp.war WAR file (this WAR file taken from D:\usr\Glassfish3\mq\lib), using "imqhttp" as Context Root name.
  4.- I then invoke URL http://127.0.0.1:8080/imqhttp/tunnel and get the following return:
  HTTP tunneling servlet ready.
  Servlet Start Time : Wed Jul 04 19:28:01 CEST 2012
  Accepting TCP connections from brokers on port : 7675
  Total available brokers = 1
  Broker List :
  ANTEC:imqbroker
  Importantly: I had to reboot everything, including Windows to get the broker listed in the broker list.
  ...uh !!???!! ...it just shows that posting to discussion groups and sharing is great... yesterday, I could not get this working, I had nothing in my Broker list, and a bunch of exceptions when trying to publish a message... I swear I re-started Glassfish many times... now it's working all right, and the only thing I've done meantime is to reboot the PC...
  In any case, I keep the post, it might be of help to someone.
  Later
  Varus

  To have the new setting of broker property imq.service.activelist take effect, if EMBEDDED (default) jms-service is used, the GlassFish server needs to be restarted; otherwise, the broker process needs to be restarted. If the JMS service (EMBEDDED mode) in the GlassFish server has not been started (due to GlassFish JMS lazy init - default), run 'asadmin jms-ping' will start the embedded broker in GlassFish server.

• Attaching a URL which does not start with HTTP / HTTPS in SAP TM

  Dear Experts,
  I am trying to insert a new URL to a Attachments table in FWO / FRB application.
  My URL neither start with HTTP  nor HTTPS (Ex: Z3://searchsmartstart...). while I am trying to insert such URL, I am getting an error message 'URL not valid.Check if the URL contains the protocol (HTTP/HTTPS). Message ID - /SCMTMS/UI_MESSAGES and message number 088.
  After some analysis, I have understood that WebDynpro ABAP framework does not accept such URL.
  Could you please guide, is there any other way of doing it? The URL which I am trying to access is of SMART CLIENT.
  Thanks in advance for your reply.
  Thanks,
  Bharath.K

  Hi Bharath,
  Yes, you can achieve the same via URL redirection. Please follow the below steps.
  1.Create a service in SICF e.g. sap/bc/redirect_z3 in your SAP TM system and follow following steps.
  2. Create a class with interface IF_HTTP_EXTENSION e.g. ZCL_REDIRECT_URL
  3. Maintain  class created in step 2 into the Handler List of the service created in step 1.
  4. In class ZCL_REDIRECT_URL Method IF_HTTP_EXTENSION~HANDLE_REQUEST write below code
                      Data: lv_target type string.
                         lv_target = 'Z3://searchsmartstart.......'
                        server->response->redirect( url = lv_target ).
  5. You can also read the parameter from the source URL with below program code
  CALL METHOD server->request->get_form_data
      EXPORTING
        name = 'PAR1'
      CHANGING
        data = lv_par1.
  6. Now attach the URL of your service created in step 1(Which will be http/https URL) to Attachments table in FWO / FRB application with parameter you want.
  Now once you click this URL , Mehtod IF_HTTP_EXTENSION~HANDLE_REQUEST in Handler list class will execute here you can read the parameter as mentioned above and form a target URL and redirect to you intended target .
  Thanks, Pravin

• Remote-deploy WebLogic with http/https?

  Hi,
  I want to do remote-deploy on WebLogic from command-line, and using the java-class weblogic.Deployer.
  After some experimentation locally, I can only get it to work by using the t3 protocol, like:
       java weblogic.Deployer -adminurl t3://localhost:7001/console ...
  If I say, instead:
       java weblogic.Deployer -adminurl http://localhost:7001/console ...
  I get Exception "Destination unreachable" so it seems the client cannot even detect the server.
  Is there a way to configure WebLogic, so it will accept http/https-connections for remote-control?

  http://download.oracle.com/docs/cd/E21764_01/web.1111/e13702/wldeployer.htm#i1010724
  From the documentation:
  "In order to use an adminurl with the HTTP protocol, you must enable the HTTP tunneling option in the Administration Console."