RE: HTTPAPI to SSL Website

["Juracich, Jon" <Jon.Juracich@xxxxxxxxxxx>]

Scott:

Like I said, I'm learning as I go. I'll remove the persistent connection (I tried that on the based on the "session timed out" message coming back from the site).

The site does appear to be using cookies - it appears to (try) store a "JSESSIONID" cookie in a directory called /CFLC. I don't see this in /tmp, nor do I see it anywhere on my local PC when I connect to the site via Firefox. I'm also explicitly turning cookies *ON, BTW.

Can you point me in the direction of a "cheat-sheet" that would describe the pieces needed (and the order that they need to be used) for HTTPAPI? That would REALLY be handy.

I have absolutely no idea if I'm connecting to the same server or not on alternate requests - is there a way to determine this?

I've included a "cut down" version of the debug file here, removing certificate information, most of the HTML, etc.

Thanks!

Jon Juracich, IBM Certified Specialist: RPG IV Developer
Sr. Staff Consultant, IBM Solutions Practice

Affiliated, Inc.
(614)889-6555, ext 355

www.aresgrp.com

Affiliated helps growing & Mid-Market organizations identify, evaluate, and implement solutions that use new & existing technology & resources that improve operational efficiency or increase revenue. Both make your organization more profitable and more successful.
________________________________________
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Scott Klement [sk@xxxxxxxxxxxxxxxx]
Sent: Wednesday, June 25, 2008 6:52 PM
To: HTTPAPI and FTPAPI Projects
Subject: Re: HTTPAPI to SSL Website

Hi Jon,

This has little to do with your symptoms, but:

 From your description, you're calling https_init() after
http_persist_open(), which does not make sense.  (https_init sets
parameters that would be used by http_persist_open...  but since the
https_init is occurring after the open, the open is using defaults, and
the https_init is accomplishing nothing.)

You should either call https_init BEFORE http_persist_open(), or (for
clarity) omit the call to https_init() altogether.

Also, since you're using the persistent versions of the APIs, please
ensure that all of your connections are being made to the same HTTP
server.  IF they're to different servers, please replace the
http_persist_get() and http_persist_post() with http_url_get() and
http_url_post().

As for the actual symptom you've described -- "session timed out", I
really need more information.  If I have to guess, I'd say it's related
to cookies...  but that's really a WAG.  If you could send a debug file
that would help a lot.



Juracich, Jon wrote:
> OK, long story short: we have a requirement to interact with a web
> site from the IBM i, effectively acting as a browser. The site
> doesn't offer a web service to accomplish what we need, so we need to
> receive the HTML, pick through it for what we're looking for, and
> send back posts as if someone was sitting at a browser. The intent is
> to run this from within a "green-screen application.
>
> I'm building several "prototypes" so that I can learn / test as I go,
> and I've hit my first major roadblock - the host server is telling me
> that my session has timed out.
>
> The basic call structure of the program is as follows:
>
>
> http_persist_open()
>
> https_init( APP_ID )
>
> http_persist_get() <= which works great!
>
> http_url_encoder_new() <= to send some data on the post (I think)
>
> http_url_encoder_addvar_s() <= just one piece of data...
>
> http_url_encoder_getptr
>
> http_persist_post() <= the page that comes back here says that my
> session has timed out / expired.
>
> http_url_encoder_free()
>
> https_cleanup()
>
> http_persist_close()
>
>
> I've tried various combinations of persistent sessions, etc., and
> this seems to work "the best". I've run the session under debug, and
> (to my untrained eye) everything "appears" to work OK, with the
> exception that the host site thinks that my session has expired. I
> can replicate this behavior with a browser if I sit on the site for a
> while, then try to get to the page that I'm requesting from the i.
>
> If I'm just doing it wrong, I can live with that - this is my first
> real foray into HTTPAPI! Any assistance would be welcomed. If you
> need actual source code, debug files, etc., just LMK.
>
> Thanks,
>
> Jon Juracich
> -----------------------------------------------------------------------
>  This is the FTPAPI mailing list.  To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> -----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

HTTPAPI Ver 1.23 released 2008-04-24
OS/400 Ver V5R4M0

New iconv() objects set, PostRem=819. PostLoc=0. ProtRem=819. ProtLoc=0
http_persist_open(): entered
http_long_ParseURL(): entered
DNS resolver retrans: 2
DNS resolver retry  : 2
DNS resolver options: x'00000136'
DNS default domain: ARGDOMAIN.COM
DNS server found: 192.168.130.46
DNS server found: 192.168.130.25
https_init(): entered
-------------------------------------------------------------------------------------
Dump of local-side certificate information:
-------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------
Dump of server-side certificate information:
-------------------------------------------------------------------------------------
Cert Validation Code = 0
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
not before: 20080529200000
not after: 20110530195959
pub key alg: 1.2.840.113549.1.1.5

Protocol Used: TLS Version 1
https_init(): entered
-------------------------------------------------------------------------------------
Dump of local-side certificate information:
-------------------------------------------------------------------------------------
http_persist_get(): entered
http_long_ParseURL(): entered
do_get(): entered
GET /cflc/index.jsp HTTP/1.1
Host: webapps.doj.ca.gov
User-Agent: http-api/1.23


recvresp(): entered
HTTP/1.1 200 OK
Date: Wed, 25 Jun 2008 18:33:39 GMT
Server: Oracle-Application-Server-10g/10.1.3.1.0 Oracle-HTTP-Server
Content-Location: http://webapps.doj.ca.gov:9010/cflc/WEB-INF/jsp/layout/mainAppLayout.jsp
Set-Cookie: JSESSIONID=ac1a0b0c30d570380db0ab334d32b8f6c0af6f60a028.e38Qa3qKaxuTb40Lb34Kc34PbNqMe0; path=/cflc
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: text/html; charset=ISO-8859-1


SetError() #13: HTTP/1.1 200 OK
recvdoc parms: chunked 0
header_load_cookies() entered
cookie_parse() entered
cookie =  JSESSIONID=ac1a0b0c30d570380db0ab334d32b8f6c0af6f60a028.e38Qa3qKaxuTb40Lb34Kc34PbNqMe0; path=/cflc
cookie attr jsessionid=ac1a0b0c30d570380db0ab334d32b8f6c0af6f60a028.e38Qa3qKaxuTb40Lb34Kc34PbNqMe0
cookie attr path=/cflc
recvchunk(): entered
get_chunk_size(): entered
116d

chunk size = 4461
get_chunk_size returned 4461
calling comm_blockread

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
        "http://www.w3.org/TR/html4/strict.dtd";>
<html>
</html>


comm_blockread returned 6495


get_chunk_size(): entered
0

chunk size = 0
get_chunk_size returned 0
http_persist_post(): entered
http_long_ParseURL(): entered
do_post(): entered
POST /cflc/addEnrolee.do HTTP/1.1
Host: webapps.doj.ca.gov
User-Agent: http-api/1.23
Content-Type: text/xml
Expect: 100-continue
Content-Length: 29
Cookie: $Version=0; jsessionid=ac1a0b0c30d570380db0ab334d32b8f6c0af6f60a028.e38Qa3qKaxuTb40Lb34Kc34PbNqMe0; $Path=/cflc;


recvresp(): entered

HTTP/1.1 100 Continue


SetError() #13: 
HTTP/1.1 100 Continue


senddoc(): entered
dispatch=enrollmentGuidelines
recvresp(): entered
HTTP/1.1 200 OK
Date: Wed, 25 Jun 2008 18:33:41 GMT
Server: Oracle-Application-Server-10g/10.1.3.1.0 Oracle-HTTP-Server
Content-Location: http://webapps.doj.ca.gov:9010/cflc/WEB-INF/jsp/layout/mainAppLayout.jsp
Set-Cookie: JSESSIONID=ac1a0b0b30d65851080286124d148e0bb3bbb8b172b3.e34Nah0Pbh4KaO0LchmOa3iKbNiRe0; path=/cflc
Pragma: no-cache
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/html; charset=ISO-8859-1


SetError() #13: HTTP/1.1 200 OK
recvdoc parms: chunked 0
header_load_cookies() entered
cookie_parse() entered
cookie =  JSESSIONID=ac1a0b0b30d65851080286124d148e0bb3bbb8b172b3.e34Nah0Pbh4KaO0LchmOa3iKbNiRe0; path=/cflc
cookie attr jsessionid=ac1a0b0b30d65851080286124d148e0bb3bbb8b172b3.e34Nah0Pbh4KaO0LchmOa3iKbNiRe0
cookie attr path=/cflc
recvchunk(): entered
get_chunk_size(): entered
1205

chunk size = 4613
get_chunk_size returned 4613
calling comm_blockread


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
        "http://www.w3.org/TR/html4/strict.dtd";>

    
      <div id="errors"> 
        
         
          <ul class="confirmationMsg">
             
              <li>Your session has timed out.</li>
             
          </ul>  
        
      </div><!-- close errors div -->
    

</html>
comm_blockread returned 6495


get_chunk_size(): entered
0

chunk size = 0
get_chunk_size returned 0
http_close(): entered

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------