[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Using HTTPAPI with SQL SERVER 2005 endpoints

To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: RE: Using HTTPAPI with SQL SERVER 2005 endpoints
From: jeff hetrick <hetrick@xxxxxxxxxxx>
Date: Mon, 19 Mar 2007 08:18:21 -0700
Importance: Normal
List-help: <mailto:ftpapi-request@lists.scottklement.com?subject=help>
List-id: HTTPAPI and FTPAPI Projects <ftpapi.lists.scottklement.com>
List-post: <mailto:ftpapi@lists.scottklement.com>
List-subscribe: <http://www.scottklement.com/mailman/listinfo/ftpapi>, <mailto:ftpapi-request@lists.scottklement.com?subject=subscribe>
List-unsubscribe: <http://www.scottklement.com/mailman/listinfo/ftpapi>, <mailto:ftpapi-request@lists.scottklement.com?subject=unsubscribe>
Reply-to: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Sender: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx

   Hi Scott
   Thanks for your reply.  I will try the suggestions below today, and if
   I am still having trouble, I will send the logs in the next post.
   Thanks
   -Jeff
     _________________________________________________________________

   > Date: Fri, 16 Mar 2007 18:43:41 -0500
   > From: klemscot@xxxxxxxxxxxx
   > To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
   > Subject: Re: Using HTTPAPI with SQL SERVER 2005 endpoints
   >
   > Hi Jeff,
   >
   > I've never even heard of SQL Server Endpoints, but a quick Google
   tells
   > me that they're just a way of creating web services on SQL Server.
   That
   > being the case, they should work like any other web service.
   >
   > You say that if you use an INTEGRATED or DIGEST end point, you get
   an
   > error. Can you expand on that? I have no clue what "INTEGRATED"
   > means, but HTTPAPI does support DIGEST authentication.
   >
   > However, DIGEST can be a bit tricky: You see, a special key value,
   > called a "nonce" must be retrieved from the server, and used to
   encrypt
   > the userid/password that you send back to the server. The reason
   it's
   > tricky, is that you have to communicate with the server in order to
   get
   > the nonce!
   >
   > To make digest work, you have to follow these steps:
   >
   > a) Try to access the site without specifying a userid/password.
   > It will fail, and HTTPAPI will set it's error number to
   > HTTP_NDAUTH to indicate that authorization is needed. And,
   > when this happens, the server will also send the "nonce"
   > string, and HTTPAPI will see that, and memorize it.
   >
   > b) Call http_getauth(), it will tell you the name of the realm
   > and also that digest authentication is required. If you like,
   > you can stop here and ask the user for a userid/password for
   > the given realm.
   >
   > c) Call http_setauth() to tell HTTPAPI that you want to set a
   > userid/password, and that the authentication type should be
   > digest.
   >
   > d) Make the request again. This time, HTTPAPI will already know
   > the nonce, and will know that you want digest authentication,
   > so it will send the digest-encrypted login string properly to
   > the server.
   >
   > By contrast, BASIC authentication does not need any data from the
   server
   > in advance, because there's no cryptographic keys (BASIC sends the
   > userid/password as clear text encoded in base64. Base64 is not
   > encryption, and anyone who can read the data can decode it. That's
   > probably why your server requires SSL with Base64 -- SSL encrypts
   the
   > entire communication, including the password exchange, while it's
   > sending over the network.)
   >
   > Can you expand on the problem you're having with BASIC and SSL? You
   > said that Comm_Resolve() returns *NULL. At the moment, the only
   cause
   > for that is the "Host Not Found" error, that is, the DNS lookup for
   the
   > host name failed -- but this doesn't appear to have anything
   whatsoever
   > to do with the problems you've described. Can you please make a
   > diagnostic log (by calling the http_debug() API) and post the error
   > messages from that log to the list?
   >
   >
   >
   > jeff hetrick wrote:
   > > Has anyone had any success in using the HTTPAPI to call an
   endpoint
   > > defined in SQL Server 2005?
   > >
   > > Defining the endpoint as INTEGRATED or DIGEST, I keep getting
   > > authentication errors. When using BASIC, the endpoint requires an
   SSL
   > > port. So I define it within HTTPAPI, but I get an *NULL returned
   from
   > > the comm_resolve in sub-procedure http_persist_open...
   > >
   >
   >
   ----------------------------------------------------------------------
   -
   > This is the FTPAPI mailing list. To unsubscribe, please go to:
   > http://www.scottklement.com/mailman/listinfo/ftpapi
   >
   ----------------------------------------------------------------------
   -
     _________________________________________________________________

   Take a break and play crossword puzzles - FREE! [1]Play Now!

References

   1. http://games.msn.com/en/flexicon/default.htm?icid=flexicon_%20wlmemailtaglinemarch07

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

Prev by Date: Re: Using HTTPAPI with SQL SERVER 2005 endpoints
Next by Date: http_url_post_xml and retrieving multiple values from incoming xml document
Previous by thread: Re: Using HTTPAPI with SQL SERVER 2005 endpoints
Next by thread: http_url_post_xml and retrieving multiple values from incoming xml document
Index(es):
- Date
- Thread