[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: HTTP 1.1/500 Error with Different user profiles
Mike you are THE MAN!!!!!
That's it........Now everything executes correctly for both users.
Thank you very very very very much!!!!!!!!!
On 7 February 2013 08:57, Mike Krebs <[1]mkrebs@xxxxxxxxxxxxxxxxxx>
wrote:
CCSID on QSECOFR and user? Both point to *SYSVAL?
<still grasping>
-----Original Message-----
From: [2]ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:[3]ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of
Vassilios Pierrakos
Sent: Wednesday, February 06, 2013 4:18 PM
To: HTTPAPI and FTPAPI Projects
Subject: Re: HTTP 1.1/500 Error with Different user profiles
The same username, password and certificates are being used. Both users
call the same RPG Program, which has the username and password along
with the URL, service description, etc. Moreover the same SOAP message
is being generated.
The call is made from the same system using the same values as
parameters and on the same server.
It's really odd...
On Feb 6, 2013, at 10:33 PM, Mike Krebs <[4]mkrebs@xxxxxxxxxxxxxxxxxx>
wrote:
> The server says " An error occurred when verifying security for the
message." Kind of a generic and off-base message - until we know the
cause. Then we will understand it.
>
> But, you are using basic authentication. And you did a great job of
obfuscating the obvious...Are you using the same user and password for
your basic authentication?
>
> And the second thing...are the certificates that are being exchanged
the same?
>
>
>
>
> -----Original Message-----
> From: [5]ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:[6]ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Vasilios
Pierrakos
> Sent: Wednesday, February 06, 2013 12:55 PM
> To: HTTPAPI and FTPAPI Projects
> Subject: Re: HTTP 1.1/500 Error with Different user profiles
>
> Thank you for the quick response. Below you may find the logs:
>
> *Correct:*
>
> HTTPAPI Ver 1.24 released 2012-01-23
> OS/400 Ver V7R1M0
>
> http_setauth(): entered
> http_persist_open(): entered
> http_long_ParseURL(): entered
> DNS resolver retrans: 2
> DNS resolver retry : 2
> DNS resolver options: x'00000136'
> DNS default domain: ***.**
> DNS server found: **.**.**.**
> DNS server found: **.**.**.**
> https_init(): entered
>
-----------------------------------------------------------------------
--------------
> Dump of local-side certificate information:
>
-----------------------------------------------------------------------
--------------
>
-----------------------------------------------------------------------
--------------
> Dump of server-side certificate information:
>
-----------------------------------------------------------------------
--------------
> Cert Validation Code = 0
> -----BEGIN CERTIFICATE-----
> ****************************************
> -----END CERTIFICATE-----
> Serial Number: **:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**
> Common Name: **********************
> Issuer CN: **********************
> Version: 03
> not before: 20120405174414
> not after: 20291231230000
> pub key alg: *.*.***.*******.*.*.*
>
> Protocol Used: TLS Version 1
> http_persist_post(): entered
> http_persist_req(POST) entered.
> http_long_ParseURL(): entered
> do_oper(POST): entered
> There are 0 cookies in the cache
> POST
>
/**********************/**********************/**********************HT
TP/1.1
> Host: **********************:****
> User-Agent: http-api/1.24
> Content-Type: application/soap+xml
> SOAPAction: http://**********************/**********************/
> Content-Length: 1627
> Authorization: Basic **********************
>
>
> senddoc(): entered
> <here goes the XML>
> recvresp(): entered
> HTTP/1.1 200 OK
> Content-Length: 1630
> Content-Type: application/soap+xml; charset=utf-8
> Server: Microsoft-IIS/7.5
> X-Powered-By: [7]ASP.NET
> Date: Wed, 06 Feb 2013 18:17:19 GMT
>
>
> SetError() #13: HTTP/1.1 200 OK
> recvresp(): end with 200
> recvdoc parms: identity 1630
> header_load_cookies() entered
> recvdoc(): entered
> SetError() #0:
> <here goes the response XML>
> http_close(): entered
>
> *With Error:*
>
> HTTPAPI Ver 1.24 released 2012-01-23
> OS/400 Ver V7R1M0
>
> http_setauth(): entered
> http_persist_open(): entered
> http_long_ParseURL(): entered
> DNS resolver retrans: 2
> DNS resolver retry : 2
> DNS resolver options: x'00000136'
> DNS default domain: ***.**
> DNS server found: **.**.**.**
> DNS server found: **.**.**.**
> https_init(): entered
>
-----------------------------------------------------------------------
--------------
> Dump of local-side certificate information:
>
-----------------------------------------------------------------------
--------------
>
-----------------------------------------------------------------------
--------------
> Dump of server-side certificate information:
>
-----------------------------------------------------------------------
--------------
> Cert Validation Code = 0
> -----BEGIN CERTIFICATE-----
> ****************************************
> -----END CERTIFICATE-----
> Serial Number: **:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**
> Common Name: **********************
> Issuer CN: **********************
> Version: 03
> not before: 20120405174414
> not after: 20291231230000
> pub key alg: *.*.***.*******.*.*.*
>
> Protocol Used: TLS Version 1
> http_persist_post(): entered
> http_persist_req(POST) entered.
> http_long_ParseURL(): entered
> do_oper(POST): entered
> There are 0 cookies in the cache
> POST
>
/**********************/**********************/**********************HT
TP/1.1
> Host: **********************:****
> User-Agent: http-api/1.24
> Content-Type: application/soap+xml
> SOAPAction: http://**********************/**********************/
> Content-Length: 1627
> Authorization: Basic **********************
>
>
> senddoc(): entered
> <Here goes the XML>
> recvresp(): entered
> HTTP/1.1 500 Internal Server Error
> Content-Length: 576
> Content-Type: application/soap+xml; charset=utf-8
> Server: Microsoft-IIS/7.5
> X-Powered-By: [8]ASP.NET
> Date: Wed, 06 Feb 2013 18:30:50 GMT
>
>
> SetError() #13: HTTP/1.1 500 Internal Server Error
> recvresp(): end with 500
> recvdoc parms: identity 576
> header_load_cookies() entered
> recvdoc(): entered
> SetError() #0:
> <s:Envelope xmlns:s="[9]http://www.w3.org/2003/05/soap-envelope";
xmlns:a="
> [10]http://www.w3.org/2005/08/addressing";><s:Header><a:Action
>
s:mustUnderstand="1">[11]http://www.w3.org/2005/08/addressing/soap/faul
t</a:Action></s:Header><s:Body><s:Fault><s:Code><s:Value>s:Sender</s:Va
lue><s:Subcode><s:Value
> xmlns:a="
>
[12]http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-
secext-1.0.xsd">a:InvalidSecurity</s:Value></s:Subcode></s:Code><s:Reas
on><s:Text
> xml:lang="el-GR">An error occurred when verifying security for the
> message.</s:Text></s:Reason></s:Fault></s:Body></s:Envelope>
> SetError() #13: HTTP/1.1 500 Internal Server Error
> http_close(): entered
>
> Thank you in advance.
>
>
> On 6 February 2013 20:15, Mike Krebs <[13]mkrebs@xxxxxxxxxxxxxxxxxx>
wrote:
>
>> Not quite enough information as a 500 error is coming from the
server you
>> are contacting and should not have a problem with the local user.
>>
>> Can you share the debug logs when it works and when it doesn't?
>>
>>
>> -----Original Message-----
>> From: [14]ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [mailto:
>> [15]ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Vasilios
Pierrakos
>> Sent: Wednesday, February 06, 2013 10:29 AM
>> To: HTTPAPI and FTPAPI Projects
>> Subject: HTTP 1.1/500 Error with Different user profiles
>>
>> Dear All,
>>
>> I am experiencing a strange problem:
>> I get HTTP 1.1/ 500 error with one user and not with another. The
error
>> displayed in the Debug Log is that the security of the message
cannot be
>> verified.
>> That's really strange since both users call the same RPG Program. I
have
>> checked the Certificates permissions, object permissions etc. The
user that
>> successfully calls the service is *QSECOFR. The thing is that I even
tried
>> changing the user who gets the 500 error to *QSECOFR and nothing
>> happens......
>>
>> Any help?
>>
-----------------------------------------------------------------------
>> This is the FTPAPI mailing list. To unsubscribe, please go to:
>> [16]http://www.scottklement.com/mailman/listinfo/ftpapi
>>
-----------------------------------------------------------------------
>>
>
-----------------------------------------------------------------------
> This is the FTPAPI mailing list. To unsubscribe, please go to:
> [17]http://www.scottklement.com/mailman/listinfo/ftpapi
>
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
[18]http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
[19]http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
References
1. mailto:mkrebs@xxxxxxxxxxxxxxxxxx
2. mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
3. mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
4. mailto:mkrebs@xxxxxxxxxxxxxxxxxx
5. mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
6. mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
7. http://ASP.NET/
8. http://ASP.NET/
9. http://www.w3.org/2003/05/soap-envelope
10. http://www.w3.org/2005/08/addressing
11. http://www.w3.org/2005/08/addressing/soap/fault
12. http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
13. mailto:mkrebs@xxxxxxxxxxxxxxxxxx
14. mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
15. mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
16. http://www.scottklement.com/mailman/listinfo/ftpapi
17. http://www.scottklement.com/mailman/listinfo/ftpapi
18. http://www.scottklement.com/mailman/listinfo/ftpapi
19. http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------