Unfortunately, I am not aware of Hmux when Resin is running behind Apache or
IIS.Are there any further hints about the 401? The Q:quit is logged by the
Hmux Protocol.
I would expect something from com.caucho.server.security.* which indicates a
reason for the 401.


2009/7/14 Mktg. Incorporate Fast <m...@incorporatefast.com>

>  Hey Steffen,
>
> Thanks once again for your time and help!
>
> I enabled the additional log settings which provide some more data.  There
> are a couple of questionable items that I thought I may note:
>
> 1.)  It now shows the content=length: 2882, and the post-data: 2760.
> Apparently the entire xml file is being read in two pieces
>
> At the beginning of the incoming XML there is an initial READ, and then at
> the end of the XML their is another READ, to get the last couple of tags and
> closing XML tag.
>
> 2.)  It is also showing that the incoming connection is
> content-type=application/xml;.  The read type of file is : text/html;
> charset=utf-8.
>
> The apparent last post by Google is a Q:quit, this is right before the next
> log entry of  "s 401 Authentication Failed."
>
> I am guessing that the problem may be related to the incoming content type
> as an application, and Q:quit.
>
> Thanks again....Joey.
>
>  ------------------------------
> *From:* resin-interest-boun...@caucho.com [mailto:
> resin-interest-boun...@caucho.com] *On Behalf Of *Steffen Busch
> *Sent:* Tuesday, July 14, 2009 1:26 PM
> *To:* General Discussion for the Resin application server
> *Subject:* SPAM-LOW: Re: [Resin-interest] Google Checkout / Web Service
>
> I think the content-type S text/html; charset=utf-8 is due to the HTML
> answer of Resin for 401 Authentication Failed. Usually the sequence of
> requests is like this:
>
> 1.) Request without authentication header or wrong authentication supplied.
> 2.) Resin replies with 401 Unauthorized (actually I don't have a 3.1
> instance to verify. 2.1 replies with 401 Unauthorized)
> 3.) New Request with authorization header.
>
> I would recommed to enable a full debug logging for the web-app
> (resin-web.xml):
>
>  <web-app xmlns="http://caucho.com/ns/resin";
>          xmlns:resin="http://caucho.com/ns/resin/core";>
>
>   <!--
>      - Debug Logging with a heavily loaded format attribute to get more
> information ...
>   -->
>   <log level="finest" path="WEB-INF/debug_${webApp.name}.log"
>        timestamp="[%H:%M:%S.%s] {%{thread}} "
>        format="[${app.contextPath}] ${log.level} ${log.sourceClassName}
> (${log.sourceMethodName}) ${log.message}">
>     <logger name="com.caucho" level="finest"/>
>   </log>
>
> </web-app
>
> Maybe this can give further information about the underlying issue.
>
>
>
> 2009/7/14 Mktg. Incorporate Fast <m...@incorporatefast.com>
>
>>  Hey Steffen,
>>
>> Thank you,  the authentication appears to be partially working .  However
>> I am still having an issue.  I am creating a webservice for Google Checkout,
>> as shown below.  The Basic authentication appears to now be working, as I
>> can see from the log files, however, when the incoming XML is received I am
>> still getting an 401 authentication failed error.  It is kind of strange
>> because I am seeing the following in the log file?   Should the web
>> service be setup a different way within Resin to allow for a web service
>> or  is it possible a problem that the incoming file is viewed by Resin as "S
>> text/html; charset=utf-8" , instead of  "content-type=application/xml;
>> charset=UTF-8" which was sent by Google?
>>
>> <<XML incoming from Google Checkout>>
>> [10:49:06.917] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8]
>> start request
>> [10:49:06.917] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8]
>> channel 1
>> [10:49:06.917] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8]
>> U:uri /notification
>> [10:49:06.917] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8]
>> m:method POST
>> [10:49:06.917] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] c
>> protocol: HTTP/1.0
>> [10:49:06.917] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] v
>> server-host: www.domain.com
>> [10:49:06.918] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] g
>> server-port: 80
>> [10:49:06.918] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] h
>> 74.125.64.136
>> [10:49:06.918] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] i
>> 74.125.64.136
>> [10:49:06.918] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] j
>> remote-port: 57305
>> [10:49:06.918] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] q
>> content-type=application/xml; charset=UTF-8
>> [10:49:06.918] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] H
>> User-Agent=Google Checkout Notification Agent 1.0
>> [10:49:06.918] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] H
>> Authorization=Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
>> [10:49:06.918] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] H
>> Host=www.domain.com
>> [10:49:06.918] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] p
>> content-length=2882
>> [10:49:06.919] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] H
>> Via=1.1 proxy.google.com:80 (squid)
>> [10:49:06.919] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] H
>> X-Forwarded-For=unknown
>> [10:49:06.919] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] H
>> Cache-Control=max-age=259200
>> [10:49:06.919] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] H
>> Connection=keep-alive
>> [10:49:06.919] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] H
>> SCRIPT_URL=/notification
>> [10:49:06.919] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] H
>> SCRIPT_URI=http://www.domain.com/notification
>> [10:49:06.919] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] D
>> post-data: 2882
>> [10:49:06.924] {hmux-127.0.0.1:6809-8$16874657}Dispatch '/notification' to
>> WebAppFilterChain[http://www.domain.com, next=CacheFilterChain[null?null,
>> next=SecurityFilterChain[]]]
>> [10:49:06.925]
>> {hmux-127.0.0.1:6809-8$16874657}SessionImpl[abcwZa9bhDI6b_OcDy6js,] new
>> [10:49:06.925]
>> {hmux-127.0.0.1:6809-8$16874657}SessionImpl[abcwZa9bhDI6b_OcDy6js,] create
>> session
>> [10:49:06.925] {hmux-127.0.0.1:6809-8$16874657}basic: userID -> userID
>> [10:49:06.925] {hmux-127.0.0.1:6809-8$16874657}userID is in role: resin
>>
>>
>>
>> <<Then the following apparent error>>
>> [10:49:06.927] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8]
>> Q:quit
>> [10:49:06.928] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] s
>> 401 Authentication Failed.
>> [10:49:06.928] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] M
>> cpu-load
>> [10:49:06.928] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] S 0
>> [10:49:06.928] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] H
>> Set-Cookie
>> [10:49:06.928] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] S
>> JSESSIONID=abcwZa9bhDI6b_OcDy6js; path=/
>> [10:49:06.928] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] H
>> Content-Type
>> [10:49:06.928] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] S
>> text/html; charset=utf-8
>> [10:49:06.928] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] G
>> [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8]
>> write-chunk(161)
>> [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8]
>> D:data 161
>> [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8]
>> data <<html>
>> [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}<head><title>401
>> Authentication Failed.</title></head>
>> [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}<body>
>> [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}<h1>401 Authentication
>> Failed.</h1>
>> [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}<p /><hr />
>> [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}<small>
>> [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}Resin/3.1.8
>> [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}</small>
>> [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}</body></html>
>> [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}>
>> [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] Q:
>> quit channel
>> [10:49:06.930] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8]
>> complete request - keepalive
>> [10:49:06.930] {hmux-127.0.0.1:6809-8$16874657}Tcp[www.domain.com,8]
>> keepalive (thread)
>>
>>
>> Thanks very much for your help!
>>
>>  ------------------------------
>> *From:* resin-interest-boun...@caucho.com [mailto:
>> resin-interest-boun...@caucho.com] *On Behalf Of *Steffen Busch
>> *Sent:* Tuesday, July 14, 2009 12:51 AM
>> *To:* General Discussion for the Resin application server
>> *Subject:* Re: [Resin-interest] Google Checkout
>>
>> Hi Joey,
>> I don't have experience with Google Checkout integration with Resin, but
>> maybe I can still help a little bit.
>> First of all, do you know the content of Authorization-Header from Google?
>> Something like this:
>>
>>
>> Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
>>
>>
>> The above line contains the BASE64 value of user name "Aladdin", password
>> "open sesame".
>> If you put "QWxhZGRpbjpvcGVuIHNlc2FtZQ==" into a BASE64 decoder (for
>> example http://www.motobit.com/util/base64-decoder-encoder.asp) you will
>> receive: "Aladdin:open sesame".
>>
>>
>> If you receive a value that you already know and is your (afaik from the
>> google api doc) MERCHANT_ID:MERCHANT_KEY then you would need to change the
>> Resin Configuration to use BASIC auth-method and no password-digest:
>>
>>
>>  <authenticator type="com.caucho.server.security.XmlAuthenticator">
>>   <init>
>>     <password-digest-realm>none</password-digest-realm>
>>     <user>userID:userPWD:resin</user>
>>   </init>
>> </authenticator>
>> <login-config auth-method="BASIC"/>
>> <security-constraint url-pattern='/notification' role-name='resin'/>
>>
>> You need to regenerate the userPWD with digest-realm of "none".
>>
>> Hope this helps.
>>
>> Regards,
>> Steffen
>>
>>
>>
>> 2009/7/14 Mktg. Incorporate Fast <m...@incorporatefast.com>
>>
>>>  Hello,
>>>
>>> I'm trying to integrate google checkout with Resin, and they require
>>> BASIC HTML authentication on callback of XML posts.
>>>
>>> <authenticator type="com.caucho.server.security.XmlAuthenticator">
>>>   <init>
>>>     <password-digest-realm>resin</password-digest-realm>
>>>     <password-digest>MD5-base64</password-digest>
>>>     <user>userID:userPWD:resin</user>
>>>   </init>
>>> </authenticator>
>>> <login-config auth-method="DIGEST"/>
>>> <security-constraint url-pattern='/notification' role-name='resin'/>
>>>
>>> It constantly fails with error of wrong password.  I have created the
>>> password as suggested in the Docs on caucho.com, however, the encrypted
>>> password sent back by Google is slightly different.  I can't post those
>>> passwords becuase they are live passwords, so instead I'll post to the
>>> Google Docs.
>>>
>>>
>>> http://code.google.com/apis/checkout/developer/index.html#https_auth_scheme
>>>
>>> Has anybody had success setting up Google Checkout to work with Resin?
>>>
>>> Thanks
>>>
>>> Joey.
>>>
>>> _______________________________________________
>>> resin-interest mailing list
>>> resin-interest@caucho.com
>>> http://maillist.caucho.com/mailman/listinfo/resin-interest
>>>
>>>
>>
>> _______________________________________________
>> resin-interest mailing list
>> resin-interest@caucho.com
>> http://maillist.caucho.com/mailman/listinfo/resin-interest
>>
>>
>
> _______________________________________________
> resin-interest mailing list
> resin-interest@caucho.com
> http://maillist.caucho.com/mailman/listinfo/resin-interest
>
>
_______________________________________________
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

Reply via email to