[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: userid password



Hello,

> Does this mean before my post I call the following:
> 
>  callp     http_setauth(HTTP_AUTH_BASIC:
>                         userid: pass)

Yes, that looks correct.


> I did try this but I am getting back "Bad Request" - which could be a
> missing XML statement as this web service requires alot of input.

Hmm..  well, '400 Bad Request' has little to do with userid/password.

I see the following in your log...   I wonder if this is only part of 
your SoapAction string?  It kinda looks like the end is chopped off.

http://online.instamed.com/v1r3/TransactionServices/HIPAA/DoElig

At least, I'm guessing that 'DoElig' is part of a longer string.  If 
that's the case, take a look at EXAMPLE20 for an example of how to send 
a longer SoapAction header.

> Authorization: Basic bWVkaWNvcnA6SkxvdzkrQWtZcEk9

WARNING:  When you posted that 'Authorization:' keyword to the list, you 
sent your userid/password publicly.  Anyone with access to a base64 
decoder (and there are free ones on the web) can decode that string and 
see that you are user=medicorp and password=JLow9+AkYpI=  --  Please 
change your password immediately.  (Unless these were "dummy" values)

Base64 is NOT encryption.  Don't expect it to protect your password!
-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------