Retrieving customer data with cfhttp - I/O Exception: peer not authenticated - coldfusion

I have set up a private app with read access to customer details and customer groups.
My ColdFusion:
<cfhttp
url="https://[api-key]:[password]#rhein-essentials.myshopify.com/admin/customers.json"
method="get" result="httpResp" timeout="120">
<cfhttpparam type="header" name="Content-Type" value="application/json" />
</cfhttp>
<cfdump var="#httpResp#" />
Where [api-key] and [password] were copied from the data that was generated when I created the private app. The response object:
struct
Charset [empty string]
ErrorDetail I/O Exception: peer not authenticated
Filecontent Connection Failure
Header [empty string]
Mimetype Unable to determine MIME type of file.
Responseheader struct[empty]
Statuscode Connection Failure. Status code unavailable.
Text YES
As you can see, it comes back with the error "Connection Failure". The detailed error adds, "I/O Exception: peer not authenticated". At first I was inclined to think this was a problem with my ColdFusion code. But I then tried taking the same url and plugging it directly into my browser. When I'm logged into the Shopify site, the url redirects to https://rhein-essentials.myshopify.com/admin/customers.json and displays the data properly. When I'm logged out, though, the url redirects to https://rhein-essentials.myshopify.com/admin/auth/login. Isn't the point of using the api key and password so that I have access to the data remotely, without needing to be logged in?
What am I doing wrong, and how can I retrieve data from the store at all without being logged in, if not through ColdFusion?

As #RRK pointed out,
Most likely this is a TLS1.2 issue which is a known issue with CF9. Can you try adding this -Dhttps.protocols=TLSv1.2 to the JVM setting in CF administrator?
It would seem that it was indeed a CF9 issue, because after upgrading it to CF 2016 Patch 6, along with Java 8 x64 V 172, it retrieved the data fine.

Related

CF-2016 mappings doesn't find file from the specified location

I have migrated from ColdFusion 8 to Coldfusion 2016 and specified the path under CF Admin console. See picture. One of my file (login.cfm) is under /common directory outside webroot.
When I hit application url, first it finds index.cfm and then validate.cfm in which I am calling login.cfm using cfmodule. PLs check the lines of code here from validate.cfm.
<cftry>
<cfmodule template="/common/security/login.cfm"
login="#form.login#"
password="#form.password#"
returnvar="login_result">
<cfcatch>
<cf_error_logreg error="An error occurred checking for active PO in validate.cfm. Please report this error to #request.app.admin_email# immediately.">
<cfabort>
</cfcatch>
</cftry>
So it doesn't run the cfmodule and throws out of cftry block everytime when it finds some page from /common directory and shows the error message what is specified in cfcatch block. Which means it's not accessing the mappings which I have set in CF Admin console. Any idea?
I am using IIS as a web server.
Issue resolved. The mappings we did was right, but Application was failing to set the cookies. ColdFusion was unable to add the cookie we specified to the response. This is probably because we have used it to set one of the ColdFusion Session Cookies or Authentication cookie. I have fixed that.
To fix this, I logged in to Coldfusion Admin> Memory Variables and unchecked 'Disable updating Coldfusion internal cookies using Coldfusion tags/functions.'
Save settings and restarted the website. It worked.

COM.Allaire.ColdFusion.HTTPFailure

I'm working on a web app that is ran nightly to retrieve a large XML file from another server. We're using ColdFusion MX7. We run a CFHTTP GET with username, pass, and url. Then we write the field with a cffileaction write to our temp location. So that it can be parsed and sorted into a database. There are a few CFHTTP calls on the page cut one of them is failing. In the CFCatch I have the system email me the catch type and the message and I'm getting this.
COM.Allaire.ColdFusion.HTTPFailure
Connection Failure: Status code unavailable
This the call an write action as is (the credentials are right):
<cfhttp method="GET"
username="#uname#"
password="#pw#"
url="#url#"
resolveurl="yes"
throwonerror="yes">
</cfhttp>
<cffile action="write" file="#getdirectoryfrompath(GetCurrentTemplatePath())#\XML_FileName.xml" output="#cfhttp.fileContent#">
Is anyone familiar with his error?
As it turns out we were getting the Cert from the other groups 'test' server and then trying to using to get things from their production server. So Peter was right! If you run into this problem check out these links:
CFHTTP Over SSL
http://www.houseoffusion.com/groups/cf-talk/thread.cfm/threadid:48687

Connect to web service error Connection Failure: Status code unavailable:

We are making a cfhttp call to connect to an https web service.
We are getting the this error:
Connection Failure: Status code unavailable
I searched Google but have found no solutions.
From the production server I am able to hit the web service URL.
I am a .Net developer and I am not sure of this technology.
Any pointers will be helpful.
Here is the line of code we are using to make the connection:
<cfhttp url="#arguments.TheIP#" method="post" throwonerror="true" timeout="45">
<cfhttpparam type="header" name="SOAPACTION" value="#arguments.TheHeader#">
<cfhttpparam type="XML" value="#arguments.TheXML#">
</cfhttp>
I have faced / solved this a few times, the snippet below hopefully will work for you. I highly recommend learning about it in stead of simply trying it.
I place this in my Application.cfc, but you could put it right in your script right before the cfhttp call as well.
<!--- fix for HTTPS connection failures --->
<cfif NOT isDefined("Application.sslfix")>
<cfset objSecurity = createObject("java", "java.security.Security") />
<cfset objSecurity.removeProvider("JsafeJCE") />
<cfset Application.sslfix = true />
</cfif>enter code here
Hum... First thing that appears odd is your IP argument as mentioned by barnyr. The response you are getting makes me think you are getting NO response at all (the request is completely ignored, not just erring). So some setting is causing them to ignore your request.
As of CF9 I use cfscript to do this kind of thing via HTTP when I can't use regular webservice java object proxy stubs.
Here is a working SOAP call via http() (because of .net to cf inability to communicate complex object hash maps via regular soap I resorted to this, among other things).
This is a cf to .net service call so it might be relevant for you as they are using just the built in tools to gen their SOAP service which was not perfectly Axis 1 SOAP happy-go-lucky.
In particular I had to play with some of the extra settings and headers to get it just so and specifically add the soap action into a header (which is usually derived from the SOAP body envelope).
Additionally, I am using oasis security which I had to stuff inside the envelope/body.
Here is the code (inside a cfc) that you might try updated as you need:
//////////////////////////////////////////////////////////////////////////
// BUILD HTTP REQUEST
//////////////////////////////////////////////////////////////////////////
Local['SoapAction'] = "XYZ.Commercial.Mapping.ServiceContracts/IService/#Arguments.szMethodName#"; // THIS IS CASE SENSITIVE
var oH = new Http();
oH.setMethod('post');
oH.setCharset('utf-8');
oH.setUserAgent('Axis/1.2.1');
oH.setTimeout(30);
oH.setURL(Arguments.szURL);
// INCLUDING THE SOAPACTION AS A HEADER IS SPECIFIC TO XYZ - USUALLY THE OPERATION IS DECIPHERED FROM THE ENVELOPE BODY TAGS - XYS REQUIRES THIS PATHING TO MATCH FOR THE SOAP ACTION HEADER VALUE
oH.addParam(type="HEADER", name="SOAPAction", value='#Local.SoapAction#');
oH.addParam(type="HEADER", name="Content-Type", value='text/xml');
oH.addParam(type="body", value=Arguments.szBody);
///////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
// EXECUTE HTTP
Local['rsHttpSend']= oH.send();
// SET RESULTS
Local.nStatusCode = val(Local.rsHttpSend.getPrefix().StatusCode);
Local.szResponse = Local.rsHttpSend.getPrefix().FileContent;
Local.szHeader = Local.rsHttpSend.getPrefix().Header;
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////
This approach was coupled with using SoapUI to verify the final soap body post was valid. So if you can do that too, you should be able to use this vector.
Let me know if you get any farther.
Here are a list of things to check:
The variable for the URL is TheIP. Make sure this actually a properly
formatted URL, not just a URL.
Check that the target server's certificate is installed in the JVM's
trust store. in Windows and I think .Net, the system's own
certificate store is used, so if your browser can get to the URL
you're ok. In Java there is a file which contains a list of Trusted
Certs. Instructions on importing those certs are in the CF docs for
CFHTTP.
Check the ColdFusion logs for evidence of failure.
c:\coldfusion9\logs\exception.log is probably a good place to start.
Make sure your cfhttp link is correct. I face this issue and it totally based on incorrect cfhttp link.

Upload video to Brightcove through HTML form with Coldfusion

I want to upload a video from an HTML form directly to Brightcove. We run Coldfusion 9 on our servers.
I can find instructions on uploading the video to my local server like this:
<cffile action="upload" nameconflict="makeunique" filefield="form.video_file" destination="#upload_path#" result="uploaded_file">
... and instructions on uploading a video from my local server to Brightcove like this:
<cfhttp url="#variables.apiBaseUrl#" method="post" timeout="#variables.timeout#" result="resultVar" multipart="true">
<cfhttpparam type="formfield" name="json" VALUE = "#arguments.jsonArgs#">
<cfhttpparam type="file" name="#getFileFromPath(arguments.filename)#" file="#arguments.filename#"/>
</cfhttp>
But not from the HTML form directly to Brightcove.
Is this possible?
Thanks!
Nick
There are examples of how to upload directly from the browser to Brightcove in their JavaScript Media API Examples.
But, as the documentation notes, what you want to accomplish is not recommended for a few reasons:
Some browsers such as IE9 will prompt you to download the response rather than show it in the form because the browser doesn't know what to do with the mime type.
It's not good practice to expose an API token on the form, as noted in the examples' source code.
Client-side Media API calls are not recommended as a UGC upload solution because of the lack of security.
If you're finding that the process for uploading to your server then to Brightcove is taking too long, you'll probably want to build a queue system.
The user waits on the browser to upload to your server.
Your server stores the file somewhere temporarily and adds a task to a database table storing queued tasks.
The user sees that the video is "pending" while it's still enqueued.
A scheduled task periodically checks the queue table and uploads the tasks one at a time. Once a task is done, it updates the video to be "ready."
The user sees that the video is ready.

Coldfusion uses wrong (cached?) variables at random

We have a dedicated server running CentOS and Coldfusion 8.
All cfmail email is routed through Google with cfmail and smtp.
Every now and then, when cfmail is used, the 'FROM' field uses an address from a totally different website.
For instance:
Use form on Site A
Get an email: "Subject: On Site A From: siteb#siteb.com"
Where the from is a completely different variable in another set of code on another part of the server- there is no reason it should see this.
On the other side, sometimes sending an email to sitea#sitea.com has email wind up in Site B inbox, a completely different Google account.
What causes this to happen? Some kind of memory/cache issue? Or is there a funky DNS record causing issue?
Example:
Application.cfm (starts with some UDF includes, and then):
<cfinvoke component="#request.componentPath#.variables" method="getGlobal" />
Variables.cfc (a lot of variables defined within, but here is the cfmail vars):
<cffunction name="getGlobal" access="public" output="false" returntype="void">
<cfscript>
request.siteEmail = "email#mysite.com";
request.siteMailServer = "smtp.gmail.com";
request.siteMailUsername = "root#mysite.com";
request.siteMailPassword = "[redacted]";
</cfscript>
</cffunction>
It sounds like it's possible it could be a var scoping issue, but we can't know for sure until you share some code...
Looks like you're running multiple sites? there's a setting in the CF caching page in admin to do with caching web server paths:
From http://help.adobe.com/en_US/ColdFusion/9.0/Admin/WSc3ff6d0ea77859461172e0811cbf3638e6-7ffc.html :
Disabling the cacheRealPath attribute To ensure that ColdFusion always returns pages from the correct server, disable Cache Web Server Paths in the Caching page of the ColdFusion Administrator. (When you use the multiserver configuration, set the cacheRealPath attribute to false for the ProxyService in the jrun_root/servers/servername/SERVER-INF/jrun.xml file.)
Might not be it, but it's at least quick to try out.