It seems you are constructing the Authorization
header incorrectly. The format is somewhat more
complex with secure AuthSub:
Example:
Authorization: AuthSub token="yourSessionToken"
data="GET https://www.google.com/health/feeds/profile/default
1148503696 15948652339726849410" sig="MCwCFrV93K4agg==" sigalg="rsa-
sha1"
See http://code.google.com/apis/health/developers_guide_protocol.html#AuthSub
The Java client library handles this for you:
http://code.google.com/apis/health/developers_guide_java.html#Authenticating
Eric
On Oct 30, 3:10 am, "cao ky" <[EMAIL PROTECTED]> wrote:
> Hi
>
> Now I'm facing the problem is "401: Invalid AuthSub header".
> Can everybody help me what problem.?
>
> Thanks
>
> On Thu, Oct 30, 2008 at 9:12 AM, cao ky <[EMAIL PROTECTED]> wrote:
> > Thank Eric
>
> > Everything was correct, but I got the error "401: Invalid AuthSub
> > signature" when I called
> > AuthSubUtil.exchangeForSessionToken(URLDecoder.decode(token, "UTF-8"),
> > Utility.getPrivateKey());
> > I would like to ask about keytool to create jks and pem.
> > + jks: keytool -genkey -v -alias test -keystore ./test.jks -keyalg RSA
> > -sigalg SHA1withRSA -dname "CN=www.example.biz, OU=Engineering, O=off,
> > L=San Marino, ST=CA, C=US" -storepass superemr -keypass superemr
> > + pem: keytool -export -rfc -keystore ./test.jks -storepass test-alias
> > test-file test.pem
>
> > I thought everything is correct. But I don't know what problem i'm facing
>
> > Thank for your time
>
> > On Thu, Oct 30, 2008 at 5:01 AM, Eric (Google) <[EMAIL PROTECTED]>wrote:
>
> >> Verify that test.jks is readable by your webserver and
> >> you're using the correct one (corresponding to the certificate
> >> uploaded
> >> in the ManageDomains tool). I'm also assuming you're putting in the
> >> correct parameters to getPrivateKeyFromKeystore.
>
> >> Eric
>
> >> On Oct 28, 3:33 am, "superemrtest superemrtest"
> >> <[EMAIL PROTECTED]> wrote:
> >> > Hi
>
> >> > I have registered my domain already,
> >> > I can download and upload CCR from H9 and used secure=0,
> >> > When I certified my pem to my domain and jks by java tools. and I used
> >> > secure =1
> >> > I am getting a " Invalid AuthSub signature." response when I call
> >> > AuthSubUtil.exchangeForSessionToken(URLDecoder.decode(token, "UTF-8"),
> >> > Utility.getPrivateKey());
> >> > public static PrivateKey getPrivateKey() {
> >> > if (privateKey == null) {
> >> > try {
> >> > privateKey =
> >> > AuthSubUtil.getPrivateKeyFromKeystore("./test.jks",
> >> > "test",
> >> > "test",
> >> > "test");
> >> > System.out.println("privateKey:" +privateKey);
> >> > } catch (Exception e) {
> >> > throw new RuntimeException("Error reading from keystore
> >> file
> >> > - ", e);
> >> > }
> >> > }
> >> > return privateKey;
> >> > }
>
> >> > I appreciate your help.
>
> >> > Thanks
>
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Google Health Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/googlehealthdevelopers?hl=en
-~----------~----~----~----~------~----~------~--~---
