[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: SV: Basic Authentication - Windows Sharepoint server (solved)
Huraay, Huraay, It's a holi- holiday...
Problem solved. As from now on, I'm able to connect our AS400 with Sharepoint with WebServices!
It seems that after a get, the connection is lost and I have to re-authenticate again.
So, in general the solution to my problem:
1) Install HTTPAPI 1.25beta
2) Install WSDL2RPG with NTLM fix fix HTTPAPI
3) take very good care with upper/lowercase on domain/userid/password
4) authenticate BEFORE EVERY connection attempt (request webpage or execute soaprequest)
(or use http_persist_open(URL))
Thanks Thomas, thanks Scott!
Patrick Goovaerts
Systems & Development
-----Original Message-----
From: Patrick Goovaerts
Sent: woensdag 13 februari 2013 16:34
To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
Subject: Re: SV: Basic Authentication - Windows Sharepoint server
Hi all,
NTLM seems to be working, great!
My last problem was solved by
- entering 'DOMAINNAME' in uppercase
- and 'username/password' in lowercase.
After logon I can retrieve a 'secured' html page from our Sharepoint server (i.e. homepage)
But...
When I send a SOAP message to the server, I get the authentication error again, grrrrrrr.
So, after getting homepage the first time, authenticate myself and get the homepage a second time, I received the requested HTML page.
Then I created my soapmessage and executed the following:
rc = http_url_post(
WS_Path
: %addr(SOAPMSG) + 2
: %len(SOAPMSG)
: SoapResponse
: HTTP_TIMEOUT
: HTTP_USERAGENT
: 'text/xml'
: SoapAction);
Whereas....
WS_PATH = 'http://sharepnt/TestSite/_vti_bin/copy.asmx'
SOAPMSG = the soaprequest (see details in debugfile) SOAPACTION = ' http://schemas.microsoft.com/sharepoint/soap/GetItem'
When I load SOAPMSG into SOAPUI-testtool, it works. So there is nothing wrong with the 'XML-SOAP-REQUEST' file.
WS_PATH and SOAPACTION should be correct too...
Any ideas where to look??????
Herewith my current debugfile:
HTTPAPI Ver 1.25beta2 released 2012-03-06 NTLM Ver 1.1.1 released 2012-09-28
OS/400 Ver V7R1M0
New iconv() objects set, PostRem=819. PostLoc=0. ProtRem=819. ProtLoc=0
http_url_get(): entered
http_persist_open(): entered
http_long_ParseURL(): entered
DNS resolver retrans: 3
DNS resolver retry : 5
DNS resolver options: x'00000136'
DNS default domain: CLIPPERSUPPORT.BE
DNS server found: 10.0.0.180
DNS server found: 10.0.0.14
http_persist_get(): entered
http_persist_req(GET) entered.
http_long_ParseURL(): entered
http_long_ParseURL(): entered
do_oper(GET): entered
There are 0 cookies in the cache
GET /SitePages/Home.aspx HTTP/1.1
Host: Sharepnt
User-Agent: http-api/1.24
recvresp(): entered
HTTP/1.1 401 Unauthorized
Server: Microsoft-IIS/7.0
SPRequestGuid: fb099dc2-939e-4b38-bbb4-193642d70a58
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 14.0.0.6029
Date: Wed, 13 Feb 2013 15:02:25 GMT
Content-Length: 0
SetError() #13: HTTP/1.1 401 Unauthorized
recvresp(): end with 401
recvdoc parms: identity 0
interpret_auth(): entered
interpret_auth(): entered
SetError() #36: This page requires a user-id & password
http_close(): entered
HTTPAPI Ver 1.25beta2 released 2012-03-06 NTLM Ver 1.1.1 released 2012-09-28
OS/400 Ver V7R1M0
http_getauth(): entered
http_setauth(): entered
NTLM_setCredentials(): entered
http_url_get(): entered
http_persist_open(): entered
http_long_ParseURL(): entered
DNS resolver retrans: 3
DNS resolver retry : 5
DNS resolver options: x'00000136'
DNS default domain: CLIPPERSUPPORT.BE
DNS server found: 10.0.0.180
DNS server found: 10.0.0.14
http_persist_get(): entered
http_persist_req(GET) entered.
http_long_ParseURL(): entered
http_long_ParseURL(): entered
NTLM_negotiateAuthentication(): entered
http_long_ParseURL(): entered
http_persist_get(): entered
http_persist_req(GET) entered.
http_long_ParseURL(): entered
http_long_ParseURL(): entered
do_oper(GET): entered
AuthPlugin_produceAuthenticationHeader(): entered There are 0 cookies in the cache GET /SitePages/Home.aspx HTTP/1.1
Host: Sharepnt
User-Agent: http-api/1.24
Authorization: NTLM TlRMTVNTUAABAAAAByIIAAAAAAAAAAAACgAKACAAAABQRURQUEMwMSAg
recvresp(): entered
HTTP/1.1 401 Unauthorized
Server: Microsoft-IIS/7.0
SPRequestGuid: afe9d6d0-145a-44bc-90cf-eace610e306b
WWW-Authenticate: NTLM TlRMTVNTUAACAAAADgAOADgAAAAFAokCyEzKUsVfiDQAAAAAAAAAAJAAkABGAAAABgByFwAAAA9DAEwASQBQAFAARQBSAAIADgBDAEwASQBQAFAARQBSAAEAEABTAEgAQQBSAEUAUABOAFQABAAUAGMAbABpAHAAcABlAHIALgBiAGUAAwAmAFMASABBAFIARQBQAE4AVAAuAGMAbABpAHAAcABlAHIALgBiAGUABQAUAGMAbABpAHAAcABlAHIALgBiAGUABwAIAOb+diL7Cc4BAAAAAA==
WWW-Authenticate: Negotiate
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 14.0.0.6029
Date: Wed, 13 Feb 2013 15:02:25 GMT
Content-Length: 0
SetError() #13: HTTP/1.1 401 Unauthorized
recvresp(): end with 401
recvdoc parms: identity 0
interpret_auth(): entered
interpret_auth(): entered
SetError() #36: This page requires a user-id & password
do_oper(GET): entered
AuthPlugin_produceAuthenticationHeader(): entered There are 0 cookies in the cache GET /SitePages/Home.aspx HTTP/1.1
Host: Sharepnt
User-Agent: http-api/1.24
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAADAAMAAWAAAAA4ADgAYAQAABgAGACYBAAAUABQALAEAAAAAAAAAAAAABQIIAKjX9XXfhIRTGTXstOn4rGA8bnhYUSNRHZB+CnAeFmcoJq8b72Xt1UABAQAAAAAAAABCddn5IoEDC5wo3moTGl8AAAAAAgAOAEMATABJAFAAUABFAFIAAQAQAFMASABBAFIARQBQAE4AVAAEABQAYwBsAGkAcABwAGUAcgAuAGIAZQADACYAUwBIAEEAUgBFAFAATgBUAC4AYwBsAGkAcABwAGUAcgAuAGIAZQAFABQAYwBsAGkAcABwAGUAcgAuAGIAZQAHAAgA5v52IvsJzgEAAAAAAAAAAEMATABJAFAAUABFAFIAcABnAG8AUABFAEQAUABQAEMAMAAxACAAIAA=
recvresp(): entered
HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Type: text/html; charset=utf-8
Expires: Tue, 29 Jan 2013 15:02:26 GMT
Last-Modified: Wed, 13 Feb 2013 15:02:26 GMT
Server: Microsoft-IIS/7.0
SPRequestGuid: d1e38ea6-2f06-48ce-bdfc-446bdd550655
Set-Cookie: WSS_KeepSessionAuthenticated={5048ff48-f3ec-4dc6-b189-545d51465468}; path=/
X-SharePointHealthScore: 0
Set-Cookie: WSS_KeepSessionAuthenticated={5048ff48-f3ec-4dc6-b189-545d51465468}; path=/
X-AspNet-Version: 2.0.50727
Set-Cookie: http%3A%2F%2Fsharepnt%2FDiscovery=WorkspaceSiteName=Q29udGk3&WorkspaceSiteUrl=aHR0cDovL3NoYXJlcG50&WorkspaceSiteTime=MjAxMy0wMi0xM1QxNTowMjoyNg==; expires=Fri, 15-Mar-2013 15:02:26 GMT; path=/_vti_bin/Discovery.asmx
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 14.0.0.6029
Date: Wed, 13 Feb 2013 15:02:25 GMT
Content-Length: 170124
SetError() #13: HTTP/1.1 200 OK
recvresp(): end with 200
recvdoc parms: identity 170124
header_load_cookies() entered
cookie_parse() entered
cookie = WSS_KeepSessionAuthenticated={5048ff48-f3ec-4dc6-b189-545d51465468}; path=/ cookie attr WSS_KeepSessionAuthenticated={5048ff48-f3ec-4dc6-b189-545d51465468}
cookie attr path=/
cookie_parse() entered
cookie = WSS_KeepSessionAuthenticated={5048ff48-f3ec-4dc6-b189-545d51465468}; path=/ cookie attr WSS_KeepSessionAuthenticated={5048ff48-f3ec-4dc6-b189-545d51465468}
cookie attr path=/
cookie_parse() entered
cookie = http%3A%2F%2Fsharepnt%2FDiscovery=WorkspaceSiteName=Q29udGk3&WorkspaceSiteUrl=aHR0cDovL3NoYXJlcG50&WorkspaceSiteTime=MjAxMy0wMi0xM1QxNTowMjoyNg==; expires=Fri, 15-Mar-2013 15:02:26 GMT; path=/_vti_bin/Discovery.asmx cookie attr http%3A%2F%2Fsharepnt%2FDiscovery=WorkspaceSiteName=Q29udGk3&WorkspaceSiteUrl=aHR0cDovL3NoYXJlcG50&WorkspaceSiteTime=MjAxMy0wMi0xM1QxNTowMjoyNg==
cookie attr expires=Fri, 15-Mar-2013 15:02:26 GMT cookie attr path=/_vti_bin/Discovery.asmx cookie rejected, path/dom doesn't match request.
recvdoc(): entered
SetError() #0:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd";>
...
... REMOVED THE DETAILS FOR SHORTER MESSAGE
...
</body>
</html>
<span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span>
http_close(): entered
HTTPAPI Ver 1.25beta2 released 2012-03-06 NTLM Ver 1.1.1 released 2012-09-28
OS/400 Ver V7R1M0
http_url_post(): entered
http_persist_open(): entered
http_long_ParseURL(): entered
DNS resolver retrans: 3
DNS resolver retry : 5
DNS resolver options: x'00000136'
DNS default domain: CLIPPERSUPPORT.BE
DNS server found: 10.0.0.180
DNS server found: 10.0.0.14
http_persist_post(): entered
http_persist_req(POST) entered.
http_long_ParseURL(): entered
http_long_ParseURL(): entered
do_oper(POST): entered
There are 1 cookies in the cache
cookie=WSS_KeepSessionAuthenticated not sent (wrong path or domain) POST /TestSite/_vti_bin/copy HTTP/1.1
Host: sharepnt
User-Agent: http-api/1.24
Content-Type: text/xml
SOAPAction: http://schemas.microsoft.com/sharepoint/soap/GetItem
Content-Length: 347
senddoc(): entered
<?xml version="1.0" encoding="utf-8"?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:soap="http://schemas.microsoft.com/sharepoint/soap/";> <soapenv:Header/><soapenv:Body><soap:GetItem> <soap:Url>HTTP://sharepnt/TestSite/Sermar Dossiers/Testje.pdf</soap:Url> </soap:GetItem></soapenv:Body></soapenv:Envelope>
recvresp(): entered
HTTP/1.1 401 Unauthorized
Server: Microsoft-IIS/7.0
SPRequestGuid: b9acca49-2875-41e8-b278-e6db7c707483
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 14.0.0.6029
Date: Wed, 13 Feb 2013 15:02:26 GMT
Content-Length: 0
SetError() #13: HTTP/1.1 401 Unauthorized
recvresp(): end with 401
recvdoc parms: identity 0
interpret_auth(): entered
interpret_auth(): entered
SetError() #36: This page requires a user-id & password
http_close(): entered
Patrick Goovaerts
Systems & Development
-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of ftpapi-request@xxxxxxxxxxxxxxxxxxxxxx
Sent: woensdag 13 februari 2013 15:28
To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
Subject: Ftpapi Digest, Vol 76, Issue 13
Send Ftpapi mailing list submissions to
ftpapi@xxxxxxxxxxxxxxxxxxxxxx
To subscribe or unsubscribe via the World Wide Web, visit
http://scottklement.com/mailman/listinfo/ftpapi
or, via email, send a message with subject or body 'help' to
ftpapi-request@xxxxxxxxxxxxxxxxxxxxxx
You can reach the person managing the list at
ftpapi-owner@xxxxxxxxxxxxxxxxxxxxxx
When replying, please edit your Subject line so it is more specific than "Re: Contents of Ftpapi digest..."
Today's Topics:
1. Re: SV: SV: Basic Authentication - Windows Sharepoint server
(Thomas Raddatz)
2. Re: SV: Basic Authentication - Windows Sharepoint server
(Patrick Goovaerts)
----------------------------------------------------------------------
Message: 1
Date: Tue, 12 Feb 2013 22:08:00 +0100
From: Thomas Raddatz <thomas.raddatz@xxxxxxxxxxx>
To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: SV: SV: Basic Authentication - Windows Sharepoint server
Message-ID: <511AAF30.7060601@xxxxxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Magne,
I do not know what version of the NTLM patch you have. I assume that it is v1.1. The current version 1.1.1 only adds some cosmetic changes which do not affect the operation of it:
Version 1.1.1 - 28.09.2012
--------------------------
Changed: Added NTLM version information to debugger output.
Unfortunately I had to change HTTPUTILR4 for that.
Changed: Updated comments to better describe why some procedures
are exported. Only procedures that are marked with
"Official API procedure" must be used by HTTPAPI. All
other procedures (exported or not) are private to the
NTLM patch.
Therefore it is up to you to decide whether or not to update your version of the patch.
Actually I did not want to publish an official download link, because I wanted to keep track of the people who use the patch for several reasons:
a) I wanted to be able to contact the people in case of serious errors
b) I wanted to be able to ask people for feedback and their experiences with the patch in order to improve it
c) I wanted to know how many people use the patch in order to ask Scott whether or not he wants to add it to his code base
So far I know about 7 users of the patch. But honestly I did not yet asked them for feedback or their experiences with it.
But why not publish an official link and let the people decide to let me know about that they downloaded the patch. So here is the download link which will be valid until I added it to the WSDL2RPG download page:
http://www.tools400.de/Downloads/Freeware/Beta/httpapi_v1.25beta2_ntlm_patches_v1.1.1.zip
Regards,
Thomas.
Am 12.02.2013 21:00, schrieb Magne Kofoed:
> Hi Thomas,
>
> I have been busy with another project the last couple of months, but are now ready to make a new try on NTLM and httpapi.
> Does this mean that I need to download an upgraded NTLM patch?
>
> Best regards,
> Magne
>
>
> ________________________________
>
> Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx p? vegne av Thomas Raddatz
> Sendt: ti 12.02.2013 18:42
> Til: HTTPAPI and FTPAPI Projects
> Emne: Re: SV: Basic Authentication - Windows Sharepoint server
>
>
>
> Hi Magne,
>
> Just for the records, but in fact the server seems to support three
> authentication schemes: SPNEGO (Kerberos or NTLM), NTLM and BASIC.
>
> See also: http://msdn.microsoft.com/en-us/library/ms995329.aspx
>
> The problem is that HTTPAPI does not check all available protocols but
> picks up the first protocol only.
>
> The parameter list of http_getAuth(peBasic: peDigest: peRealm) makes
> be believe, that somewhere in the past HTTPAPI checked for BASIC and
> DIGEST authentication scheme and that it was changed to pick up only
> the first one, later.
>
> Today interpret_auth() is called only once and hence picks the first
> authentication scheme available and ignores additional options. That
> is something I had to change for my NTLM patch.
>
> Regards,
>
> Thomas.
>
> Am 11.02.2013 21:19, schrieb Magne Kofoed:
>> Hi,
>>
>> this is not Basic Authentication, but NTLM.
>>
>> >From your debug file: WWW-Authenticate: NTLM
>>
>> Thomas Raddatz have a solution on how to use HTTPApi with NTLM.
>> http://www.tools400.de/Downloads/Freeware/Tools/FAQ/wsdl2rpg/FAQ_HTTP
>> API_and_NTLM_v1.5.pdf
>>
>> Best regards,
>> Magne
>>
>>
>>
>>
>> ________________________________
>>
>> Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx p? vegne av Patrick
>> Goovaerts
>> Sendt: ma 11.02.2013 14:53
>> Til: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
>> Emne: Basic Authentication - Windows Sharepoint server
>>
>>
>>
>> Our windows Sharepoint server + IIS server running on same system has both 'Basic Authentication' enabled. Can't figure out what the problem is, I use same to connect to another server in our environment without any problem. Windows server log gives the following error:
>> Account For Which Logon Failed:
>> Security ID: NULL SID
>> Account Name: PGO
>> Account Domain: CLIPPER
>>
>> Whereas it should be something like this:
>> Security ID: CLIPPER\dl
>> Account Name: dl
>> Account Domain: CLIPPER
>>
>> Hence the 'SecurityID'...
>>
>> Any suggestions????
>>
>>
>> In my RPG app, I set following property:
>> http_setAuth(HTTP_AUTH_BASIC:'CLIPPER\userid':'userpassword');
>>
>>
>> Then I prepare XML soapmessage and execute the following code:
>> rc = http_url_post(
>> WS_Path
>> : %addr(SOAPMSG) + 2
>> : %len(SOAPMSG)
>> : SoapResponse
>> : HTTP_TIMEOUT
>> : HTTP_USERAGENT
>> : 'text/xml'
>> : SoapAction);
>>
>> This ends in the following http_error:
>> This page requires a user-id & password
>>
>> Debuglog contains the following:
>> HTTPAPI Ver 1.24 released 2012-01-23
>> OS/400 Ver V7R1M0
>>
>> New iconv() objects set, PostRem=819. PostLoc=0. ProtRem=819.
>> ProtLoc=0
>> http_setauth(): entered
>> http_url_post(): entered
>> http_persist_open(): entered
>> http_long_ParseURL(): entered
>> DNS resolver retrans: 3
>> DNS resolver retry : 5
>> DNS resolver options: x'00000136'
>> DNS default domain: CLIPPERSUPPORT.BE DNS server found: 10.0.0.180
>> DNS server found: 10.0.0.14
>> http_persist_post(): entered
>> http_persist_req(POST) entered.
>> http_long_ParseURL(): entered
>> do_oper(POST): entered
>> There are 0 cookies in the cache
>> POST /TestSite/_vti_bin/copy.asmx HTTP/1.1
>> Host: Sharepnt
>> User-Agent: http-api/1.24
>> Content-Type: text/xml
>> SOAPAction: http://schemas.microsoft.com/sharepoint/soap/GetItem
>> Content-Length: 347
>> Authorization: Basic Q0xJUFBFUlxQR086UU9TTUlP
>>
>>
>> senddoc(): entered
>> <?xml version="1.0" encoding="utf-8"?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:soap="http://schemas.microsoft.com/sharepoint/soap/";> <soapenv:Header/><soapenv:Body><soap:GetItem> <soap:Url>HTTP://sharepnt/TestSite/Sermar Dossiers/Testje.pdf</soap:Url> </soap:GetItem></soapenv:Body></soapenv:Envelope>
>> recvresp(): entered
>> HTTP/1.1 401 Unauthorized
>> Server: Microsoft-IIS/7.0
>> SPRequestGuid: ceb76eb7-af7a-4924-a334-a7e74bd06975
>> WWW-Authenticate: Negotiate
>> WWW-Authenticate: NTLM
>> WWW-Authenticate: Basic realm="Sharepnt"
>> X-Powered-By: ASP.NET
>> MicrosoftSharePointTeamServices: 14.0.0.6029
>> Date: Mon, 11 Feb 2013 13:47:27 GMT
>> Content-Length: 0
>>
>>
>> SetError() #13: HTTP/1.1 401 Unauthorized
>> recvresp(): end with 401
>> recvdoc parms: identity 0
>> interpret_auth(): entered
>> SetError() #36: This page requires a user-id & password
>> http_close(): entered
>>
>>
>>
>> When using
>>
>> Patrick Goovaerts
>> Systems & Development
>>
>> vCard<http://www.conti7.be/VCards/PGO.vcf>
>>
>> [emailsignature_c]
>>
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> -- This is the FTPAPI mailing list. To unsubscribe, please go to:
>> http://www.scottklement.com/mailman/listinfo/ftpapi
>> ---------------------------------------------------------------------
>> --
>>
> ----------------------------------------------------------------------
> - This is the FTPAPI mailing list. To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> ----------------------------------------------------------------------
> -
>
>
>
>
> ----------------------------------------------------------------------
> - This is the FTPAPI mailing list. To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> ----------------------------------------------------------------------
> -
>
------------------------------
Message: 2
Date: Wed, 13 Feb 2013 14:27:52 +0000
From: Patrick Goovaerts <p.goovaerts@xxxxxxxxxxxxxxxxxxxxxx>
To: "ftpapi@xxxxxxxxxxxxxxxxxxxxxx" <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: SV: Basic Authentication - Windows Sharepoint server
Message-ID:
<F821B9E810A4774F884929492CAA7CD32D511682@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset="us-ascii"
Thomas,
Thx for the link and additional information on how to implement the NTML authentication with the HTTPAPI.
I have:
- installed NTML-fix
- installed wsdl2rpg tools
- recreated HTTPAPI objects
- recompiled my application
According to the log, I can authenticate myself to the Sharepoint server but I still get the same error as before when I connect to send/retrieve requests.
>From the Wintel server with Sharepoint I get following error
Account For Which Logon Failed:
Security ID: NULL SID
Account Name: userid
Account Domain: domain
Hence the 'Security ID' which is still 'NULL SID' and should contain 'domain\userid'
Herewith my RPG code used for testing:
// ****************************************************
// Authentication
// ****************************************************
Begsr authentication;
URL = 'HTTP://Sharepnt/SitePages/Home.aspx';
rc = http_url_get( URL: '/home/USERID/TestAuth.html');
if (rc <> 1);
// http_crash();
http_error(err);
if (err = HTTP_NDAUTH);
rc = http_getAuth(basic: digest: realm);
select;
when (basic);
dsply 'Authentication is BASIC';
rc = http_setAuth(HTTP_AUTH_BASIC
:'DOMAIN\USERID':'PASSWORD');
when (digest);
dsply 'Authentication is DIGEST';
rc = http_setAuth(HTTP_AUTH_MD5_DIGEST
:'DOMAIN\USERID':'PASSWORD');
other;
dsply 'Authentication is NTLM';
rc = http_setAuth(HTTP_AUTH_NTLM
:'DOMAIN\USERID':'PASSWORD');
endsl;
rc = http_url_get( URL: '/home/USERID/TestAuth.html');
if (rc<>1);
Global_error = *on;
Global_error_m = '*fatal authentication error occured';
endif;
endif;
endif;
Endsr;
Herewith debug log from HTTPAPI:
HTTPAPI Ver 1.25beta2 released 2012-03-06 NTLM Ver 1.1.1 released 2012-09-28
OS/400 Ver V7R1M0
New iconv() objects set, PostRem=819. PostLoc=0. ProtRem=819. ProtLoc=0
http_url_get(): entered
http_persist_open(): entered
http_long_ParseURL(): entered
DNS resolver retrans: 3
DNS resolver retry : 5
DNS resolver options: x'00000136'
DNS default domain: CLIPPERSUPPORT.BE
DNS server found: 10.0.0.180
DNS server found: 10.0.0.14
http_persist_get(): entered
http_persist_req(GET) entered.
http_long_ParseURL(): entered
http_long_ParseURL(): entered
do_oper(GET): entered
There are 0 cookies in the cache
GET /SitePages/Home.aspx HTTP/1.1
Host: Sharepnt
User-Agent: http-api/1.24
recvresp(): entered
HTTP/1.1 401 Unauthorized
Server: Microsoft-IIS/7.0
SPRequestGuid: 02bf6d93-90fe-4576-b6bd-3d090ab3292b
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 14.0.0.6029
Date: Wed, 13 Feb 2013 14:19:21 GMT
Content-Length: 0
SetError() #13: HTTP/1.1 401 Unauthorized
recvresp(): end with 401
recvdoc parms: identity 0
interpret_auth(): entered
interpret_auth(): entered
SetError() #36: This page requires a user-id & password
http_close(): entered
HTTPAPI Ver 1.25beta2 released 2012-03-06 NTLM Ver 1.1.1 released 2012-09-28
OS/400 Ver V7R1M0
http_getauth(): entered
http_setauth(): entered
NTLM_setCredentials(): entered
http_url_get(): entered
http_persist_open(): entered
http_long_ParseURL(): entered
DNS resolver retrans: 3
DNS resolver retry : 5
DNS resolver options: x'00000136'
DNS default domain: CLIPPERSUPPORT.BE
DNS server found: 10.0.0.180
DNS server found: 10.0.0.14
http_persist_get(): entered
http_persist_req(GET) entered.
http_long_ParseURL(): entered
http_long_ParseURL(): entered
NTLM_negotiateAuthentication(): entered
http_long_ParseURL(): entered
http_persist_get(): entered
http_persist_req(GET) entered.
http_long_ParseURL(): entered
http_long_ParseURL(): entered
do_oper(GET): entered
AuthPlugin_produceAuthenticationHeader(): entered There are 0 cookies in the cache GET /SitePages/Home.aspx HTTP/1.1
Host: Sharepnt
User-Agent: http-api/1.24
Authorization: NTLM TlRMTVNTUAABAAAAByIIAAAAAAAAAAAACgAKACAAAABQRURQUEMwMSAg
recvresp(): entered
HTTP/1.1 401 Unauthorized
Server: Microsoft-IIS/7.0
SPRequestGuid: b6b0fd2c-ba81-4018-a67c-773bacc1dcc5
WWW-Authenticate: NTLM TlRMTVNTUAACAAAADgAOADgAAAAFAokCcFIy4lpdxY4AAAAAAAAAAJAAkABGAAAABgByFwAAAA9DAEwASQBQAFAARQBSAAIADgBDAEwASQBQAFAARQBSAAEAEABTAEgAQQBSAEUAUABOAFQABAAUAGMAbABpAHAAcABlAHIALgBiAGUAAwAmAFMASABBAFIARQBQAE4AVAAuAGMAbABpAHAAcABlAHIALgBiAGUABQAUAGMAbABpAHAAcABlAHIALgBiAGUABwAIAKafrF71Cc4BAAAAAA==
WWW-Authenticate: Negotiate
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 14.0.0.6029
Date: Wed, 13 Feb 2013 14:21:10 GMT
Content-Length: 0
SetError() #13: HTTP/1.1 401 Unauthorized
recvresp(): end with 401
recvdoc parms: identity 0
interpret_auth(): entered
interpret_auth(): entered
SetError() #36: This page requires a user-id & password
do_oper(GET): entered
AuthPlugin_produceAuthenticationHeader(): entered There are 0 cookies in the cache GET /SitePages/Home.aspx HTTP/1.1
Host: Sharepnt
User-Agent: http-api/1.24
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAADAAMAAWAAAAA4ADgAYAQAABgAGACYBAAAUABQALAEAAAAAAAAAAAAABQIIAIvJFUWFHCuDXv55ELdiFaEScHuqEQYqSCA/djmD4fD06iqMyUD2UBkBAQAAAAAAAAAWWTPAIoEDD7YRu0JUJHUAAAAAAgAOAEMATABJAFAAUABFAFIAAQAQAFMASABBAFIARQBQAE4AVAAEABQAYwBsAGkAcABwAGUAcgAuAGIAZQADACYAUwBIAEEAUgBFAFAATgBUAC4AYwBsAGkAcABwAGUAcgAuAGIAZQAFABQAYwBsAGkAcABwAGUAcgAuAGIAZQAHAAgApp+sXvUJzgEAAAAAAAAAAGMAbABpAHAAcABlAHIAcABnAG8AUABFAEQAUABQAEMAMAAxACAAIAA=
recvresp(): entered
HTTP/1.1 401 Unauthorized
Server: Microsoft-IIS/7.0
SPRequestGuid: 0dcaf252-0815-4d0c-a4a3-bc9a6af3d185
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 14.0.0.6029
Date: Wed, 13 Feb 2013 14:21:10 GMT
Content-Length: 0
SetError() #13: HTTP/1.1 401 Unauthorized
recvresp(): end with 401
recvdoc parms: identity 0
interpret_auth(): entered
interpret_auth(): entered
SetError() #36: This page requires a user-id & password
http_close(): entered
Patrick Goovaerts
Systems & Development
-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of ftpapi-request@xxxxxxxxxxxxxxxxxxxxxx
Sent: dinsdag 12 februari 2013 19:00
To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
Subject: Ftpapi Digest, Vol 76, Issue 11
Send Ftpapi mailing list submissions to
ftpapi@xxxxxxxxxxxxxxxxxxxxxx
To subscribe or unsubscribe via the World Wide Web, visit
http://scottklement.com/mailman/listinfo/ftpapi
or, via email, send a message with subject or body 'help' to
ftpapi-request@xxxxxxxxxxxxxxxxxxxxxx
You can reach the person managing the list at
ftpapi-owner@xxxxxxxxxxxxxxxxxxxxxx
When replying, please edit your Subject line so it is more specific than "Re: Contents of Ftpapi digest..."
Today's Topics:
1. RE: Basic Authentication - Windows Sharepoint server
(Richard Schoen)
2. RE: Basic Authentication - Windows Sharepoint server
(Richard Schoen)
3. Re: SV: Basic Authentication - Windows Sharepoint server
(Thomas Raddatz)
----------------------------------------------------------------------
Message: 1
Date: Mon, 11 Feb 2013 16:39:17 -0600
From: Richard Schoen <richard@xxxxxxxxxxxxxxx>
To: "ftpapi@xxxxxxxxxxxxxxxxxxxxxx" <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: RE: Basic Authentication - Windows Sharepoint server
Message-ID:
<93467A22A481B54AAB93950270ED71865D7121091E@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset="us-ascii"
Great article link.
Now you have me curious as well.
Thanks to Thomas.
Regards,
Richard Schoen
RJS Software Systems Inc.
Where Information Meets Innovation
Document Management, Workflow, Report Delivery, Forms and Business Intelligence
Email: richard@xxxxxxxxxxxxxxx
Web Site: http://www.rjssoftware.com
Tel: (952) 736-5800
Fax: (952) 736-5801
Toll Free: (888) RJSSOFT
------------------------------
Message: 2
Date: Mon, 11 Feb 2013 21:19:40 +0100
From: "Magne Kofoed" <ma-kofo@xxxxxxxxxxx>
To: "HTTPAPI and FTPAPI Projects" <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: SV: Basic Authentication - Windows Sharepoint server
Message-ID:
<04C2641A8694804CAB77AD33B8AA81EF01B47950@xxxxxxxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset="iso-8859-1"
Hi,
this is not Basic Authentication, but NTLM.
>From your debug file: WWW-Authenticate: NTLM
Thomas Raddatz have a solution on how to use HTTPApi with NTLM.
http://www.tools400.de/Downloads/Freeware/Tools/FAQ/wsdl2rpg/FAQ_HTTPAPI_and_NTLM_v1.5.pdf
Best regards,
Magne
________________________________
Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx p? vegne av Patrick Goovaerts
Sendt: ma 11.02.2013 14:53
Til: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
Emne: Basic Authentication - Windows Sharepoint server
Our windows Sharepoint server + IIS server running on same system has both 'Basic Authentication' enabled. Can't figure out what the problem is, I use same to connect to another server in our environment without any problem. Windows server log gives the following error:
Account For Which Logon Failed:
Security ID: NULL SID
Account Name: PGO
Account Domain: CLIPPER
Whereas it should be something like this:
Security ID: CLIPPER\dl
Account Name: dl
Account Domain: CLIPPER
Hence the 'SecurityID'...
Any suggestions????
In my RPG app, I set following property:
http_setAuth(HTTP_AUTH_BASIC:'CLIPPER\userid':'userpassword');
Then I prepare XML soapmessage and execute the following code:
rc = http_url_post(
WS_Path
: %addr(SOAPMSG) + 2
: %len(SOAPMSG)
: SoapResponse
: HTTP_TIMEOUT
: HTTP_USERAGENT
: 'text/xml'
: SoapAction);
This ends in the following http_error:
This page requires a user-id & password
Debuglog contains the following:
HTTPAPI Ver 1.24 released 2012-01-23
OS/400 Ver V7R1M0
New iconv() objects set, PostRem=819. PostLoc=0. ProtRem=819. ProtLoc=0
http_setauth(): entered
http_url_post(): entered
http_persist_open(): entered
http_long_ParseURL(): entered
DNS resolver retrans: 3
DNS resolver retry : 5
DNS resolver options: x'00000136'
DNS default domain: CLIPPERSUPPORT.BE
DNS server found: 10.0.0.180
DNS server found: 10.0.0.14
http_persist_post(): entered
http_persist_req(POST) entered.
http_long_ParseURL(): entered
do_oper(POST): entered
There are 0 cookies in the cache
POST /TestSite/_vti_bin/copy.asmx HTTP/1.1
Host: Sharepnt
User-Agent: http-api/1.24
Content-Type: text/xml
SOAPAction: http://schemas.microsoft.com/sharepoint/soap/GetItem
Content-Length: 347
Authorization: Basic Q0xJUFBFUlxQR086UU9TTUlP
senddoc(): entered
<?xml version="1.0" encoding="utf-8"?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:soap="http://schemas.microsoft.com/sharepoint/soap/";> <soapenv:Header/><soapenv:Body><soap:GetItem> <soap:Url>HTTP://sharepnt/TestSite/Sermar Dossiers/Testje.pdf</soap:Url> </soap:GetItem></soapenv:Body></soapenv:Envelope>
recvresp(): entered
HTTP/1.1 401 Unauthorized
Server: Microsoft-IIS/7.0
SPRequestGuid: ceb76eb7-af7a-4924-a334-a7e74bd06975
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
WWW-Authenticate: Basic realm="Sharepnt"
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 14.0.0.6029
Date: Mon, 11 Feb 2013 13:47:27 GMT
Content-Length: 0
SetError() #13: HTTP/1.1 401 Unauthorized
recvresp(): end with 401
recvdoc parms: identity 0
interpret_auth(): entered
SetError() #36: This page requires a user-id & password
http_close(): entered
When using
Patrick Goovaerts
Systems & Development
vCard<http://www.conti7.be/VCards/PGO.vcf>
[emailsignature_c]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 30262 bytes
Desc: not available
URL: <http://scottklement.com/pipermail/ftpapi/attachments/20130211/91148630/attachment.bin>
------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list digest. To unsubscribe, go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
End of Ftpapi Digest, Vol 76, Issue 10
**************************************
------------------------------
Message: 2
Date: Mon, 11 Feb 2013 16:42:10 -0600
From: Richard Schoen <richard@xxxxxxxxxxxxxxx>
To: "ftpapi@xxxxxxxxxxxxxxxxxxxxxx" <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: RE: Basic Authentication - Windows Sharepoint server
Message-ID:
<93467A22A481B54AAB93950270ED71865D7121091F@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset="us-ascii"
Looks like the article from Thomas Raddatz posted by Magne may help.
The Sharepoint API's can be a pain to work with though.
If you reach an impasse and would like a commercial tool at some point to push documents to Sharepoint, our DeliverNow software can be used to publish and version control documents in Sharepoint Document Libraries.
You may also want to check with your Java Guru's and have them wrap this as well unless you're dead-set in using RPG.
All good food for thought.
Regards,
Richard Schoen
RJS Software Systems Inc.
Where Information Meets Innovation
Document Management, Workflow, Report Delivery, Forms and Business Intelligence
Email: richard@xxxxxxxxxxxxxxx
Web Site: http://www.rjssoftware.com
Tel: (952) 736-5800
Fax: (952) 736-5801
Toll Free: (888) RJSSOFT
----------------------------------------------------------------------
Message: 1
Date: Mon, 11 Feb 2013 19:03:51 +0000
From: Patrick Goovaerts <p.goovaerts@xxxxxxxxxxxxxxxxxxxxxx>
To: "'ftpapi@xxxxxxxxxxxxxxxxxxxxxx'" <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: RE: Basic Authentication - Windows Sharepoint server
Message-ID:
<F821B9E810A4774F884929492CAA7CD32D50DDFC@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset="us-ascii"
Hi Richard,
We have no .net experience. We connect to other systems (internally and externally) using Webservices via RPGLE calling Java code. For this Sharepoint connectivity I wanted to use the HTTPAPI without javaobjects, it seems much easier. For this project, documents are generated on our AS400 and need to be stored in Sharepoint.
Patrick Goovaerts
Systems & Development
-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of ftpapi-request@xxxxxxxxxxxxxxxxxxxxxx
Sent: maandag 11 februari 2013 19:00
To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
Subject: Ftpapi Digest, Vol 76, Issue 9
Send Ftpapi mailing list submissions to
ftpapi@xxxxxxxxxxxxxxxxxxxxxx
To subscribe or unsubscribe via the World Wide Web, visit
http://scottklement.com/mailman/listinfo/ftpapi
or, via email, send a message with subject or body 'help' to
ftpapi-request@xxxxxxxxxxxxxxxxxxxxxx
You can reach the person managing the list at
ftpapi-owner@xxxxxxxxxxxxxxxxxxxxxx
When replying, please edit your Subject line so it is more specific than "Re: Contents of Ftpapi digest..."
Today's Topics:
1. RE: Basic Authentication - Windows Sharepoint server
(Richard Schoen)
------------------------------
Message: 3
Date: Tue, 12 Feb 2013 18:42:11 +0100
From: Thomas Raddatz <thomas.raddatz@xxxxxxxxxxx>
To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: SV: Basic Authentication - Windows Sharepoint server
Message-ID: <511A7EF3.1000103@xxxxxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Hi Magne,
Just for the records, but in fact the server seems to support three authentication schemes: SPNEGO (Kerberos or NTLM), NTLM and BASIC.
See also: http://msdn.microsoft.com/en-us/library/ms995329.aspx
The problem is that HTTPAPI does not check all available protocols but picks up the first protocol only.
The parameter list of http_getAuth(peBasic: peDigest: peRealm) makes be believe, that somewhere in the past HTTPAPI checked for BASIC and DIGEST authentication scheme and that it was changed to pick up only the first one, later.
Today interpret_auth() is called only once and hence picks the first authentication scheme available and ignores additional options. That is something I had to change for my NTLM patch.
Regards,
Thomas.
Am 11.02.2013 21:19, schrieb Magne Kofoed:
> Hi,
>
> this is not Basic Authentication, but NTLM.
>
>>From your debug file: WWW-Authenticate: NTLM
>
> Thomas Raddatz have a solution on how to use HTTPApi with NTLM.
> http://www.tools400.de/Downloads/Freeware/Tools/FAQ/wsdl2rpg/FAQ_HTTPA
> PI_and_NTLM_v1.5.pdf
>
> Best regards,
> Magne
>
>
>
>
> ________________________________
>
> Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx p? vegne av Patrick
> Goovaerts
> Sendt: ma 11.02.2013 14:53
> Til: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
> Emne: Basic Authentication - Windows Sharepoint server
>
>
>
> Our windows Sharepoint server + IIS server running on same system has both 'Basic Authentication' enabled. Can't figure out what the problem is, I use same to connect to another server in our environment without any problem. Windows server log gives the following error:
> Account For Which Logon Failed:
> Security ID: NULL SID
> Account Name: PGO
> Account Domain: CLIPPER
>
> Whereas it should be something like this:
> Security ID: CLIPPER\dl
> Account Name: dl
> Account Domain: CLIPPER
>
> Hence the 'SecurityID'...
>
> Any suggestions????
>
>
> In my RPG app, I set following property:
> http_setAuth(HTTP_AUTH_BASIC:'CLIPPER\userid':'userpassword');
>
>
> Then I prepare XML soapmessage and execute the following code:
> rc = http_url_post(
> WS_Path
> : %addr(SOAPMSG) + 2
> : %len(SOAPMSG)
> : SoapResponse
> : HTTP_TIMEOUT
> : HTTP_USERAGENT
> : 'text/xml'
> : SoapAction);
>
> This ends in the following http_error:
> This page requires a user-id & password
>
> Debuglog contains the following:
> HTTPAPI Ver 1.24 released 2012-01-23
> OS/400 Ver V7R1M0
>
> New iconv() objects set, PostRem=819. PostLoc=0. ProtRem=819.
> ProtLoc=0
> http_setauth(): entered
> http_url_post(): entered
> http_persist_open(): entered
> http_long_ParseURL(): entered
> DNS resolver retrans: 3
> DNS resolver retry : 5
> DNS resolver options: x'00000136'
> DNS default domain: CLIPPERSUPPORT.BE
> DNS server found: 10.0.0.180
> DNS server found: 10.0.0.14
> http_persist_post(): entered
> http_persist_req(POST) entered.
> http_long_ParseURL(): entered
> do_oper(POST): entered
> There are 0 cookies in the cache
> POST /TestSite/_vti_bin/copy.asmx HTTP/1.1
> Host: Sharepnt
> User-Agent: http-api/1.24
> Content-Type: text/xml
> SOAPAction: http://schemas.microsoft.com/sharepoint/soap/GetItem
> Content-Length: 347
> Authorization: Basic Q0xJUFBFUlxQR086UU9TTUlP
>
>
> senddoc(): entered
> <?xml version="1.0" encoding="utf-8"?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:soap="http://schemas.microsoft.com/sharepoint/soap/";> <soapenv:Header/><soapenv:Body><soap:GetItem> <soap:Url>HTTP://sharepnt/TestSite/Sermar Dossiers/Testje.pdf</soap:Url> </soap:GetItem></soapenv:Body></soapenv:Envelope>
> recvresp(): entered
> HTTP/1.1 401 Unauthorized
> Server: Microsoft-IIS/7.0
> SPRequestGuid: ceb76eb7-af7a-4924-a334-a7e74bd06975
> WWW-Authenticate: Negotiate
> WWW-Authenticate: NTLM
> WWW-Authenticate: Basic realm="Sharepnt"
> X-Powered-By: ASP.NET
> MicrosoftSharePointTeamServices: 14.0.0.6029
> Date: Mon, 11 Feb 2013 13:47:27 GMT
> Content-Length: 0
>
>
> SetError() #13: HTTP/1.1 401 Unauthorized
> recvresp(): end with 401
> recvdoc parms: identity 0
> interpret_auth(): entered
> SetError() #36: This page requires a user-id & password
> http_close(): entered
>
>
>
> When using
>
> Patrick Goovaerts
> Systems & Development
>
> vCard<http://www.conti7.be/VCards/PGO.vcf>
>
> [emailsignature_c]
>
>
>
>
>
> ----------------------------------------------------------------------
> - This is the FTPAPI mailing list. To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> ----------------------------------------------------------------------
> -
>
------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list digest. To unsubscribe, go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
End of Ftpapi Digest, Vol 76, Issue 11
**************************************
------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list digest. To unsubscribe, go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
End of Ftpapi Digest, Vol 76, Issue 13
**************************************
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------