[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Ftpapi] HTTPAPI http_setAuth Problem
Daniel,
When you no longer want the credentials that you supplied with
http_setAuth() to be sent, then call http_setAuth() again and supply
HTTP_AUTH_NONE with a blank userid and password.
The HTTP_AUTH_NONE will turn off the authentication you provided
previously so that it is no longer sent.
http_persist_close() is not related to these credentials being sent. It
is to end a persistent connection that was created with http_persist_open().
-SK
On 3/7/2017 10:40 AM, Daniel Stephens wrote:
Hi All,
I am using REST, TLS, JSON, & OAUTH to do a 2 part process to send new
hire data to our payroll processor.
The first step is to contact their token server passing client ID and
client Secret to get a token that has to be passed in the 2^nd step.
The client ID and client Secret are basically userid and password. I
use http_setAuth(HTTP_AUTH_BASIC : %trim(clientID) :
%trim(clientSecret)). This is working fine. I get back the token
successfully.
My problem is in the 2^nd step. I use http_xproc(
HTTP_POINT_ADDL_HEADER :%paddr(Additional_Security_Header)) to add a
header: “Authorization: Bearer authtoken” where authtoken is the token
returned from step 1. While I am getting the additional header as
desired, I’m also getting a basic authorization header in front of it
as though I had called the http_setAuth() with the same parameters as
in step 1.
I tried using http_persist_close(pComm) at the end of step 1, thinking
that the connection is remaining open but it doesn’t seem to make any
difference. Is there something I need to do to close the connection at
the end of step 1 or a way to suppress the “Authorization Basic:
/endcoded client credentials/” header in step 2?
Thanks in advance.
*/CFI/***
*Dan Stephens*
/Systems Engineer Analyst Principal/
4701 E. 32nd St.
Joplin, MO 64804 USA
P: 417-623-5229 ext. 5462
M: 310-612-9847
This e-mail and any files transmitted with it are confidential and
solely for the use of the individual or entity to which they are
addressed and intended. If you have received this e-mail in error,
please notify the sender by return e-mail. If you are not the intended
recipient, you may not read, copy, retain, print, disclose, or
distribute this message or its contents to any other individual, for
such actions may be unlawful. WARNING: We take certain precautions to
prevent viruses, but we are not responsible for loss or damage arising
from the use of this e-mail or attachments.
--
_______________________________________________
Ftpapi mailing list
Ftpapi@xxxxxxxxxxxxxxxxxxxxxx
http://scottklement.com/mailman/listinfo/ftpapi