I am using Apex to perform a Web Service Callout.
The web service requires these HTTP headers in the following format.
passport.username
passport.password
passport.token
Is there a good way to do the equivalent of the following? This code wouldn't work but should make clear what I am trying to accomplish.
c.inputHttpHeaders_x = new Map<String, String>();
c.passport = new Map<String, String>();
c.passport.put('username', '123');
c.passport.put('password', '456');
c.passport.put('token', '789');
c.inputHttpHeaders_x.put('passport',c.passport);
Thanks in advance!
Related
I basically want to add the ASP.NET_SessionId cookie to my HTTP request header when calling a SOAP web service through ColdFusion.
The web service is registered in the OnApplicationStart function of the Application.cfc component in ColdFusion.
<cfscript>
objSoapHeader = XmlParse("<wsse:Security mustUnderstand=""true"" xmlns:wsse=""http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd""><wsse:UsernameToken><wsse:Username>MY_USERNAME</wsse:Username><wsse:Password>MY_PASSWORD</wsse:Password></wsse:UsernameToken></wsse:Security>");
Application.UserWebService = CreateObject("webservice","MY_URL/UserService.asmx?WSDL");
addSOAPRequestHeader(Application.UserWebService,"","",objSoapHeader,true);
</cfscript>
My web service is called as such:
<cfset Result = "#Application.UserWebService.SomeFunction("1", "DATA")#">
In order for the .Net server (where the web services are located) to remember my session state, I must pass the ASP.NET_SessionId cookie in the HTTP request header, but have no idea if this is even possible in ColdFusion.
I've researched for several hours but nothing has come of it as of yet, so has anyone successfully managed to pull this off?
Short Answer:
For CF9 / Axis1 try enabling sessions on the web service object.
ws = createObject("webservice", "http://localhost/MyWebService.asmx?wsdl");
ws.setMaintainSession( true );
For CF10+ / Axis2, see longer answer below:
(Disclaimer: Using cfhttp might be simpler, but I was curious and did some digging ..)
From what I have read, since CF10+ uses Axis2 for web services it should be possible to use the underlying methods to maintain session state through HTTP cookies.
How to set Cookies in ColdFusion SOAP requests - (circa 2006) - Written for a much older version of CF/Axis, so some of it is outdated, but it still provides a good overview of the general concept.
Maintain session in Axis2
Java axis web service client setMaintainSession on multiple services (cookies?)
Axis2 Manage Session Cookie Manually
Using the the links above, I put together a quick POC using a basic web service and was able to extract the cookie header from the web service client response:
// make initial request
ws = createObject("webservice", "http://localhost/MyWebService.asmx?wsdl");
ws.firstMethod();
// For maintainability, use constants instead of hard coded strings
wsdlConstants = createObject("java", "org.apache.axis2.wsdl.WSDLConstants");
// Extract headers
operation = ws._getServiceClient().getLastOperationContext();
context = operation.getMessageContext( wsdlConstants.MESSAGE_LABEL_IN_VALUE );
headers = context.getProperty( context.TRANSPORT_HEADERS );
Then set the cookie and instruct the web service client to send it with subsequent requests:
if ( structKeyExists(headers, "Set-Cookie") ) {
// include http cookies with request
httpConstants = createObject("java", "org.apache.axis2.transport.http.HTTPConstants");
options = ws._getServiceClient().getOptions();
options.setManageSession( true );
options.setProperty( httpConstants.COOKIE_STRING, headers["Set-Cookie"] );
}
// ... more requests
ws.secondMethod();
ws.thirdMethod();
NB: Side note, I noticed you are storing the instance in the shared Application scope. Just keep in mind web service instances are probably NOT thread safe.
Inside your CFHPPT tags, set the cookie with CFHTTPPARAM
I've researched the web extensively before posting this questions here, couldn't find anything usefull for me, so here it goes. Sorry in advance for the wall of text.
I have a classic ASP website that needs to call a web service method (not wcf, but an asmx page) on a asp.net website (4.0)
The way I consume the web service is as follows:
I have a webserviceclass.asp that helps me consume web services in classic asp.
code of webserviceclass.asp -> https://docs.google.com/file/d/0B1Wr1Kw74xy3ZkducEtiTWNtWDA/edit?usp=sharing
Then calling the class to consume the method.
Dim strWebServiceResult
Dim ws
Set ws = new webservice
ws.url = "http://www.myurl.com/mywebservice.asmx"
ws.method = "HelloWorld"
ws.parameters.Add "Parameter1", "Test1"
ws.parameters.Add "Parameter2", "Test2"
ws.Execute
strWebServiceResult = ws.response
This works perfectly if www.myurl.com is not encrypted, strWebServiceResult holds the XML returned by mywebservice.asmx, however I really need the data traveling between the users and www.myurl.com to be encrypted (mywebservice.asmx has parameters for login and password to authenticate on the webservice) so I bought an SSL cert and assigned it to www.myurl.com website becoming https://www.myurl.com
So when I set the URL in the class to: ws.url = "https://www.myurl.com/mywebservice.asmx"
and that is the only thing that changes, the method doesn't get called anymore. I have log on pageinit and pageload of the mywebservice.aspx and it doesn't even get called.
Sorry about the long text, and I hope someone can help me. I have no experience with jquery or json and I'd rather not go that way to solve this problem, but if that's the only way, I can try if there's enough info out there to help me out but I'd rather try to fix my current code if that possible. I just don't understand why it works with http but not with https
Many thanks in advance
In this SO question ("Can't use HTTPS with ServerXMLHTTP object"), this issue was addressed.
For a starter, you should be using "MSXML2.ServerXMLHTTP" instead of "Microsoft.XMLHTTP" on the server side. This is discussed here, f.i.: differences between Msxml2.ServerXMLHTTP and WinHttp.WinHttpRequest?
In a standalone (selfhosted) application, I would like to have an httpserver that on a single base adress can either serve simple web pages (without any serverside dynamics/scripting, it just returns the content request files) or serve RESTful webservices:
when http://localhost:8070/{filePath} is requested, it should return the content of the file (html, javascript, css, images), just like a normal simple webserver
everything behind http://localhost:8070/api/ should just act as a normal RRESTful Web API
My current approach uses ASP.NET Web API to server both the html pages and the REST APIs:
var config = new HttpSelfHostConfiguration("http://localhost:8070/");
config.Formatters.Add(new WebFormatter());
config.Routes.MapHttpRoute(
name: "Default Web",
routeTemplate: "{fileName}",
defaults: new { controller = "web", fileName = RouteParameter.Optional });
config.Routes.MapHttpRoute(
name: "Default API",
routeTemplate: "api/{controller}/{id}",
defaults: new { id = RouteParameter.Optional });
The WebController is the controller that serves the web pages with this naive code:
public class WebController : ApiController
{
public HttpResponseMessage Get(string fileName = null)
{
/// ...
var filePath = Path.Combine(wwwRoot, fileName);
if (File.Exists(filePath))
{
if (HasCssExtension(filePath))
{
return this.Request.CreateResponse(
HttpStatusCode.OK,
GetFileContent(filePath),
"text/css");
}
if (HasJavaScriptExtension(filePath))
{
return this.Request.CreateResponse(
HttpStatusCode.OK,
GetFileContent(filePath),
"application/javascript");
}
return this.Request.CreateResponse(
HttpStatusCode.OK,
GetFileContent(filePath),
"text/html");
}
return this.Request.CreateResponse(
HttpStatusCode.NotFound,
this.GetFileContnet(Path.Combine(wwwRoot, "404.html")),
"text/html");
}
}
And again, for everything behind /api, controllers for normal REST APIs are used.
My question now is: Am I on the right track? I kind of feel that I am rebuilding a webserver here, reinventing the wheel. And I guess that there are probably a lot of http request web browsers could make that I do not handle correctly here.
But what other option do I have if I want to self host and at the same time server REST web APIs and web pages over the same base address?
Looks like you are trying to recreate asp.net FileHandler for self host. There is a better solution though. Using Katana(an OWIN host) as the hosting layer for web API. OWIN supports hosting multiple OWIN frameworks in the same app. In your case, you can host both web API and a file handler in the same OWIN app.
Filip has a good blog post on this to get you started here. You can use configuration code like this,
public void Configuration(IAppBuilder appBuilder)
{
// configure your web api.
var config = new HttpConfiguration();
config.Routes.MapHttpRoute("default-api", "api/{controller}");
appBuilder.UseWebApi(config);
// configure your static file handler.
appBuilder.UseStaticFiles();
}
IMO there is nothing wrong with what you are doing. I use self-host for delivering files, html docs as well as being a regular API. At the core, self-host is using HTTP.SYS just as IIS is.
As RaghuRam mentioned there are Owin hosts that have some optimizations for serving static files, but WCF selfhost is quite capable of getting decent perf for serving files.
See this link which uses a more straigftforward approach
Setting app a separate Web API project and ASP.NET app
RouteTable.Routes.IgnoreRoute(".js");
RouteTable.Routes.IgnoreRoute(".html");
We are developing a barcode application to run on our mobile computers running Windows Mobile 5.0 Pocket PC and it needs to get it's data from our Oracle database.
Apex is already set up but how can I create a secure Web Service using Apex's native Authentication? How to set "HTTPS only"?
Update
I can call the ...?wsdl link in the browser now, looks fine. It's also registered in the project as a WebReferance.
But when I run the following code:
CONTAR_USUARIOSService service = new CONTAR_USUARIOSService();
System.Net.NetworkCredential pocket = new System.Net.NetworkCredential("pocket", "000");
service.Credentials = pocket;
double resultado = service.CONTAR_USUARIOS();
I get this error:
System.Net.WebException was unhandled
Message="WebException"
StackTrace:
at System.Web.Services.Protocols.SoapHttpClientProtocol.doInvoke(String methodName, Object[] parameters, WebClientAsyncResult asyncResult)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Supernorte.Recebimento.ContarUsuariosWebReference.CONTAR_USUARIOSService.CONTAR_USUARIOS()
at Supernorte.Recebimento.Login..ctor()
at Supernorte.Recebimento.MainForm.mostrarLogin()
at Supernorte.Recebimento.MainForm..ctor()
at Supernorte.Recebimento.Program.Main()
I get an "Unauthorized" error.
If you get your Oracle inputs and outputs routed through your web service (which I am still personally struggling with), you might be able to access your information that way.
Add the web reference.
It will ask for the URL where your Web Service has been uploaded. I'm guessing this can be a website you own off site, but I use our internal server.
You can see I have a default web page where I load up the available services that I've stuck out there. 1Mainframe.svc` was going to be my "Big Service", but then I realized that I needed to do a lot more than make that once call, so I created the next one, "Erp Service".
Anyway, after I select the ErpService.svc, I'm given this, where I changed the default Web Reference Name to ErpService1. I've personally found that if I need to edit or modify the service, the XML config files get all messed up, so I just delete Service1 and add Service2.
I add a new class called ErpClass1.cs
Add a reference to my Web Service using the namespace for my project, and start coding!
using System;
using System.Linq;
using System.Collections.Generic;
using System.Text;
using AcpMobile5.ErpService1;
namespace AcpMobile5 {
class ErpClass1 {
private ErpService m_erpService;
public ErpClass1() {
m_erpService = new ErpService();
}
public void Query(string woNumber) {
m_erpService.Query(woNumber);
}
public string PartNumber() {
return m_erpService.CoilPartNo();
}
}
}
Obviously, this does not solve everything for you. The Web Service that you use to access your Oracle database still needs to be written, and that's no simple task.
However, I hope it helps point you along the right direction.
This is all done using Visual Studio 2008 for Mobile 5.0.
So, I didn't use Apex as I intended. Instead I enabled Oracle XML DB Native Web Services.
After some hard times with authentication [mostly caused by typing the wrong password ): ] I got this code working:
MyWebService service = new MyWebService();
service.Credentials = new MyWebService("MY_ORACLE_USER", "*******");
double result = service.MY_LOGIN_FUNCTION(this.userName);
I use an IOC container which provides me with IService.
In the case where IService is a WCF service it is provided by a channel factory
When IService lives on the same machine it is able to access the same cookies and so no problem however once a WCF Service is called it needs to be sent those cookies.
I've spent a lot of time trying to find a way to send cookies using a channel factory and the only way I could find that works is the following
var cookie = _authenticationClient.GetHttpCookie();
HttpRequestMessageProperty httpRequestProperty = new HttpRequestMessageProperty();
httpRequestProperty.Headers.Add(HttpRequestHeader.Cookie, cookie.Name + "=" + cookie.Value);
using(var scope = new OperationContextScope((IClientChannel)_service))
{
OperationContext.Current.OutgoingMessageProperties[HttpRequestMessageProperty.Name] = httpRequestProperty;
var result = _service.Add(details);
if (result.Result == RPGResult.Success)
{
return RedirectToAction("Index", "Home", result.Id);
}
}
The problem with me using that method is that I have to know that I'm calling a WCF Service which is not always the case. I've tried writing a wrapper for the ChannelFactory that opens a new operationcontextscope when it creates a new service and various other solutions but nothing has worked.
Anyone have any experience with sending cookies over WCF Services?
I found a solution involving using SilverLight, unfortunately I'm not using silverlight, the solution is here: http://greenicicleblog.com/2009/10/27/using-the-silverlight-httpclient-in-wcf-and-still-passing-cookies/
Unfortunately standard .net doesn't contain the IHttpCookieContainerManager interface
Ideally I would be able to use something similar,i.e. I would be able to tell the channelfactory to pass a cookie whenever it opened.
If anyone has a better way to pass a token that is used for authentication that would be appreciated too.
I have a solution where I create a proxy class of IService and then every time a method on IService is called it invokes the proxy created by the channel factory but the call itself is wrapped in an operationcontextscope just like the one I have in my question.
I used the proxy factory from this link http://www.codeproject.com/KB/cs/dynamicproxy.aspx