[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Debug file error 400 using HTTPAPI

The plus symbols were part of the debug file.  I replaced the user id
with #'s and password with p's.
Below is HTML that is currently working:
<!--- Here is where we try to pull reports from Experian --->
   <cftry>
      <cfoutput>
        <cfhttp url= "http://www.experian.com/ais/servlets/VHRXML";
 
method="post"
 
result="objGet">
            <cfhttpparam type="FormField" value="#expLogin#" name="id">
            <cfhttpparam type="FormField" value="#expPassword#"
name="password">
            <cfhttpparam type="FormField" value="#VINsToSend#"
name="vinlist">
            <cfhttpparam type="FormField" value="#expLevel#"
name="level">
        </cfhttp>
      </cfoutput>

      <cfcatch>
         <cfset reportInfo = "U" />
         <cfset returnVal = false />
      </cfcatch>
   </cftry>

<!--- If we are not able to pull reports then skip to reportError
handling.  Otherwise, process below. --->
   <cfif trim(reportInfo) neq "U" and findNoCase("200",
objGet.statusCode) gt 0>
   <cfif isDefined("objGet.FileContent")>
   <cfset returnInfo = objGet.fileContent />

   <cfscript>
       reportInfo = xmlParse(returnInfo); 

Worth Holmes
Extn 1656
(817) 938-3889


-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Mike Krebs
Sent: Thursday, June 02, 2011 4:26 PM
To: HTTPAPI and FTPAPI Projects
Subject: RE: Debug file error 400 using HTTPAPI

I'm curious in your debug file for the id and password there are ++ and
+++. Is that part of your obfuscation or were those included in the data
sent? They shouldn't be there most likely.

If you have the HTML page source that works, copy it into your email and
we can help decipher the differences between the HTML post and the
HTTPAPI post. The debug file shows what pretty much the conversation
that takes place from the IBMi. If you have wireshark, you can grab the
data that is being sent from your PC.  Is this a HTTPS request?

Also, you are running on "old" version of HTTPAPI. Upgrades are free!
And very stable. Grab the latest beta and update your software.



-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Holmes,
Worth
Sent: Thursday, June 02, 2011 2:35 PM
To: HTTPAPI and FTPAPI Projects
Subject: RE: Debug file error 400 using HTTPAPI

Thank you very much for the info. There are lots of ways to skin a
cat...

 

I will be speaking to the person who manages the site in about an hour
and will somehow work out the details.  I used the HTTP_URL_POST
function and have included the four items (user, password, VIN, & level)
they need in four forms statements.  I just wish I could actually see
the value of the HTTP as sent to them.  J

 

I chose this method because our web developer sends them the four facts
as 4 forms after the HTTP: line as a post.

 

Worth Holmes

Extn 1656

(817) 938-3889

 

 

-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Scott
Klement
Sent: Thursday, June 02, 2011 1:52 PM
To: HTTPAPI and FTPAPI Projects
Subject: Re: Debug file error 400 using HTTPAPI

 

hi Worth,

 

HTTP only provides a channel of communication.  Different programmers 

can (and will) use that channel of communication differently.  HTTPAPI 

strives to provide a basic set of tools to help you write software that 

can participate in conversations using HTTP communication.

 

Why am I saying this?

 

The key bit is:  Different programmers can/will use that channel of 

communication differently.

 

HTTPAPI is enabling you to communicate with an HTTP server, and that 

server wants you to send a userid and password.  Great.  How should that


userid/password be sent?

 

Here are some ways that I've experienced:

 

1) Using HTTP's www-authenticate mechanism with BASIC auth.

2) Using HTTP's www-authetnicate with other auth schemes.

3) Using SOAP headers

4) Using SOAP parameters

5) Using html form data (what you're trying) via POST

6) Using html form data via GET

7) Using plain XML (POX) in attributes or elements

8) Using digital keys

 

Are these the only possibilities? No. There are many possibilities.  To 

understand which one you need to use, you need to understand the server 

application. They are all different! We do not understand your server 

application. How could we?

 

So...  you need to know and understand how data must be sent to the 

server.  If you can explain that part to us, then we might be able to 

tell you how you can use HTTPAPI to accomplish your task.

 

 

On 6/2/2011 1:10 PM, Holmes, Worth wrote:

> 

>     The target URL indicates that the userid&  password was not sent,
but

>     my debug log shows it was.

> 

> 

>     Is there something I need to tell the target URL to do in order to

>     accept my post?

> 

> 

>     Below is part of the debug log (user&  password scrubbed):

> 

> 

>     recvresp(): entered

> 

>     SetError() #43: CommTCP_read: No 100-Continue (error ignored)

> 

>     senddoc(): entered

> 

>
id=########++&password=pppppppppp+++&level=full&vinlist=1D7HA18N18J142

>     004

> 

>     recvresp(): entered

> 

>     HTTP/1.1 100 Continue

> 

> 

>     Attached is the complete log.

> 

> 

> 

>     Worth Holmes | Sr. Programmer / Analyst |  UNITRIN SPECIALTY

>     8360 LBJ Freeway Suite 400 | Dallas, TX 75243 | (: 800-456-1919

>     ext. 1656 | *: wholmes1@xxxxxxxxxxx |

> 

> 

>     CONFIDENTIALITY NOTICE: This communication may contain
confidential

>     information intended only for the addressee(s). If you received
this

>     communication in error, please notify the sender and delete it
from

>     your system.

> 

> 

> 

> 

>
-----------------------------------------------------------------------

> This is the FTPAPI mailing list.  To unsubscribe, please go to:

> http://www.scottklement.com/mailman/listinfo/ftpapi

>
-----------------------------------------------------------------------

 

-----------------------------------------------------------------------

This is the FTPAPI mailing list.  To unsubscribe, please go to:

http://www.scottklement.com/mailman/listinfo/ftpapi

-----------------------------------------------------------------------


CONFIDENTIALITY NOTICE: This communication may contain confidential
information intended only for the addressee(s). If you received this
communication in error, please notify the sender and delete it from your
system.
-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

CONFIDENTIALITY NOTICE: This communication may contain confidential information intended only for the addressee(s). If you received this communication in error, please notify the sender and delete it from your system.
-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------