Jump to content

karel_janecek

Members
  • Content Count

    12
  • Joined

  • Last visited

Everything posted by karel_janecek

  1. Greetings from the Czech republic, let me discuss a strange behavior of TSSLHttpCli component. I address certain URL using username+password authentication, HTTPS. If I enter URL plus credentials using SopaUI and pass the request then, the appropriate response is returned properly. If I do the same steps using ICS TSSLHttpCli component, an error message is returned from the server: HTTP Status 401 Unauthorized ------------------------------------ Type Status Report Message An Authentication object was not found in the SecurityContext Description The request has not been applied because it lacks valid authentication credentials for the target resource. ------------------------------------ Apache Tomcat/8.5.69 TSSLHttpCli component has TSslSecurityContext assigned, credentials are placed into Username and Password properties of TSSHttpCli component. I've been using the latest version of ICS, problem occurs with both versions of OpenSSL libraries. Could anyone tell me what is wrong? Thank you! Karel
  2. Hello Angus, I performed an OverByteIcsHttprestTst run and the result is one and the same as our app using version 869 provides, i.e. with authentication error. Our app on the same machine compiled with 867 version works well so I think problem will be somewhere else, not in our app. The log is attached. P.S: It's a state-driven municipality office and no-one allows me to install Wireshark or anything else there, I apologize. Thank you for any comment or help. Karel log.txt
  3. Thanks Angus, I have arranged trying out OverbyteIcsHttpRestTst sample app by one of our customers on Monday and I'll send you the logfile then. Karel
  4. I fully understand but unable to do it. Will a full logfile created using ICSLogger be useful for you for the investigation? Karel
  5. Hello Angus, thank you for your willingness. I'd be glad to provide you all requested information but they will be useless for you - mentioned HTTP/HTTPS instances are operating inside some of Czech municipality organisations so they are not exposed to the public Internet. It's completely out of my hand, I'm sorry. Karel
  6. Greetings, I apologize but I must go back to the topic above. It seems that something wrong is in the last version 8.69. As I informed, using HTTPS within TSSLHttpCli works properly. However, if I try to connect using the same component (with httpAuthNone set) via HTTP, this message is returned: <!doctype html><html lang="en"><head><title>HTTP Status 401 - Unauthorized</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>H TTP Status 401 - Unauthorized</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> An Authentication object was not found in the SecurityContext</p><p><b>Description</b> The request has not been applied because it lacks valid authentication credentials for the target resource.</p><hr class="line" /><h3>Apache Tomcat/8.5.79</h3></body></html> Important: If I compile my app without ANY change in code but with version 8.67, connection passes properly. Could you inspect whether there is any bug regarding this in 8.69 version? For the time being, I'll continue with 8.67 version, no problem. Thank you! Karel
  7. Greetings, thank you for providing this information, I did the compariosn I have just discovered the reason of the issue. When I set HCSSL1.Connection:='Keep-Alive', authorization started to work properly. It's been probably some change in authorization process towards new version of Tomcat, because contemporary version worked well even without setting this property. Francois and Angus, thank you for you efficient help and have a great weekend ahead. Karel
  8. Based on Francois's recommendation, I posted the concerned sample of code here. Karel HTTPCli.zip
  9. Hello, yes, I have version 8.69 installed. As Francois advised me to check ServAuth because of the suspicion of change the authenticvation method on new instance of TomCat, I tried to do this but an error message (List index of bounds(0)) appears (in procedure THttpCli.TriggerRequestDone2). I'm very grateful for your help, thank you! Karel
  10. Great, I have created the sample and just sent it to you. Thank you! Karel
  11. Thank you, I'm able to provide fully functional small example shortly but I'm not entitled to publish credentials for mentioned testing service. Would you be so kind and could you send me (my e-mail is yamaco@yamaco.cz) the e-mail address which I can use for sending example and credentials? Thank you. Karel
  12. Greetings, thank you for your response and advices. I caught the communication in both cases (SoapUI and my app powered by ICS) and here are the results: SoapUI: I see two consequent requests, first one returns authorization which is used in the second request's header then. My app: Only first request is sent and the process stops because of unauthorized. No second request. I enclosed the appropriate files that illustrate the content of particular requests and responses. Is the requested behavior a matter of settings certain properties of SSLSecurityContext? Thank you for any help. All the best, Karel Yamaco1response.txt Yamaco1request.txt Sopaui2response.txt Sopaui2request.txt Sopaui1response.txt Sopaui1request.txt
×