Re: HTTP AUTHENTICATE - how to know if the authentification worked
Hi Paul, Start here and see the linked RFCs. https://en.wikipedia.org/wiki/Digest_access_authentication I probably have some old code somewhere that implemented this, I'll see if I can dig it up and send it to you. John DeSoi, Ph.D. > On Sep 29, 2019, at 11:42 AM, Paul Lovejoy wrote: > > Hi John, > > Thanks for your input. I wouldn’t know where to begin creating the > authentication digest myself. Can you point me somewhere? > > Cheers, > > Paul > > ** 4D Internet Users Group (4D iNUG) Archive: http://lists.4d.com/archives.html Options: https://lists.4d.com/mailman/options/4d_tech Unsub: mailto:4d_tech-unsubscr...@lists.4d.com **
Re: HTTP AUTHENTICATE - how to know if the authentification worked
Hi John, Thanks for your input. I wouldn’t know where to begin creating the authentication digest myself. Can you point me somewhere? Cheers, Paul > Le 27 sept. 2019 à 20:27, John DeSoi via 4D_Tech <4d_tech@lists.4d.com> a > écrit : > > Using a HTTP tracing tool where you could see all of the request/response > values with headers might provide useful clues. My other idea would be to > drop HTTP AUTHENTICATE and just build the authentication digest headers > yourself. > > John DeSoi, Ph.D. > > >> On Sep 27, 2019, at 12:47 PM, Paul Lovejoy wrote: >> >> Thanks for your feedback. I’m passing “2” in the extra parameter. The >> following HTTP get() is returning an error -9935, badly formed XML. The HTTP >> get is supposed to be retrieving XML, actually. So the error is not totally >> off base. But I would prefer to know that authentification failed, not the >> HTTP get() > > ** > 4D Internet Users Group (4D iNUG) > Archive: http://lists.4d.com/archives.html > Options: https://lists.4d.com/mailman/options/4d_tech > Unsub: mailto:4d_tech-unsubscr...@lists.4d.com > ** ** 4D Internet Users Group (4D iNUG) Archive: http://lists.4d.com/archives.html Options: https://lists.4d.com/mailman/options/4d_tech Unsub: mailto:4d_tech-unsubscr...@lists.4d.com **
Re: HTTP AUTHENTICATE - how to know if the authentification worked
are you sure it is HTTP Get that is throwing the error? the command is not supposed to touch the body unless you pass OBJECT and the content type is application/json or you pass PICTURE and the content type is image/*, or you pass TEXT and the content type is text/* https://doc.4d.com/4Dv17/4D/17.3/HTTP-Request.301-4620861.en.html perhaps you should pass a BLOB variable instead of TEXT. then you could test the response header beforehand, as well as error handle the XML parse code. > 2019/09/28 2:47、Paul Lovejoy via 4D_Tech <4d_tech@lists.4d.com>のメール: > > Thanks for your feedback. I’m passing “2” in the extra parameter. The > following HTTP get() is returning an error -9935, badly formed XML. The HTTP > get is supposed to be retrieving XML, actually. So the error is not totally > off base. But I would prefer to know that authentification failed, not the > HTTP get() ** 4D Internet Users Group (4D iNUG) Archive: http://lists.4d.com/archives.html Options: https://lists.4d.com/mailman/options/4d_tech Unsub: mailto:4d_tech-unsubscr...@lists.4d.com **
Re: HTTP AUTHENTICATE - how to know if the authentification worked
Using a HTTP tracing tool where you could see all of the request/response values with headers might provide useful clues. My other idea would be to drop HTTP AUTHENTICATE and just build the authentication digest headers yourself. John DeSoi, Ph.D. > On Sep 27, 2019, at 12:47 PM, Paul Lovejoy wrote: > > Thanks for your feedback. I’m passing “2” in the extra parameter. The > following HTTP get() is returning an error -9935, badly formed XML. The HTTP > get is supposed to be retrieving XML, actually. So the error is not totally > off base. But I would prefer to know that authentification failed, not the > HTTP get() ** 4D Internet Users Group (4D iNUG) Archive: http://lists.4d.com/archives.html Options: https://lists.4d.com/mailman/options/4d_tech Unsub: mailto:4d_tech-unsubscr...@lists.4d.com **
Re: HTTP AUTHENTICATE - how to know if the authentification worked
Hi John, Thanks for your feedback. I’m passing “2” in the extra parameter. The following HTTP get() is returning an error -9935, badly formed XML. The HTTP get is supposed to be retrieving XML, actually. So the error is not totally off base. But I would prefer to know that authentification failed, not the HTTP get() Paul > Le 27 sept. 2019 à 18:22, John DeSoi via 4D_Tech <4d_tech@lists.4d.com> a > écrit : > > The documentation says: > >> If you omit the authMethod parameter (or pass 0), you let the program choose >> the appropriate method to use. In this case, 4D sends an additional request >> in order to negotiate the authentication method. > > Are you omitting the authMethod parameter? If so, I suspect the error is > happening in the "additional request". If you provide that, then HTTP Get > should return the right HTTP error code. Hopefully you know ahead of time > what method to use and this is better because you omit the extra request and > should get any error code directly from the site. > > John DeSoi, Ph.D. > > > >> On Sep 27, 2019, at 11:07 AM, Paul Lovejoy via 4D_Tech >> <4d_tech@lists.4d.com> wrote: >> >> I’m using HTTP AUTHENTICATE to authenticate connections to a web server. The >> call to authenticate is immediately followed by a HTTP get(). The HTTP get >> occasionally fails and I’ve been able to trace this to a failed HTTP >> AUTHENTICATE, which appears to be an error from the website. However, it >> appears there’s no way to know the authentification succeeded or failed. >> There is no return code and OK doesn’t get set either. So I get various >> errors such as -9935 from the subsequent call to HTTP get(), which isn’t >> very helpful. > > ** > 4D Internet Users Group (4D iNUG) > Archive: http://lists.4d.com/archives.html > Options: https://lists.4d.com/mailman/options/4d_tech > Unsub: mailto:4d_tech-unsubscr...@lists.4d.com > ** ** 4D Internet Users Group (4D iNUG) Archive: http://lists.4d.com/archives.html Options: https://lists.4d.com/mailman/options/4d_tech Unsub: mailto:4d_tech-unsubscr...@lists.4d.com **
Re: HTTP AUTHENTICATE - how to know if the authentification worked
The documentation says: > If you omit the authMethod parameter (or pass 0), you let the program choose > the appropriate method to use. In this case, 4D sends an additional request > in order to negotiate the authentication method. Are you omitting the authMethod parameter? If so, I suspect the error is happening in the "additional request". If you provide that, then HTTP Get should return the right HTTP error code. Hopefully you know ahead of time what method to use and this is better because you omit the extra request and should get any error code directly from the site. John DeSoi, Ph.D. > On Sep 27, 2019, at 11:07 AM, Paul Lovejoy via 4D_Tech <4d_tech@lists.4d.com> > wrote: > > I’m using HTTP AUTHENTICATE to authenticate connections to a web server. The > call to authenticate is immediately followed by a HTTP get(). The HTTP get > occasionally fails and I’ve been able to trace this to a failed HTTP > AUTHENTICATE, which appears to be an error from the website. However, it > appears there’s no way to know the authentification succeeded or failed. > There is no return code and OK doesn’t get set either. So I get various > errors such as -9935 from the subsequent call to HTTP get(), which isn’t very > helpful. ** 4D Internet Users Group (4D iNUG) Archive: http://lists.4d.com/archives.html Options: https://lists.4d.com/mailman/options/4d_tech Unsub: mailto:4d_tech-unsubscr...@lists.4d.com **
Re: HTTP AUTHENTICATE - how to know if the authentification worked
I would say that you should use the HTTP Status Code returned by HTTP Get. A well designed service should return 401 Unauthorised. Regards, Narinder Chandi, ToolBox Systems Ltd. I am available for new consulting opportunities… http://4d.1045681.n5.nabble.com/ANN-4D-Developer-Available-td5765443.html -- -Original Message- From: 4D_Tech <4d_tech-boun...@lists.4d.com> on behalf of 4D Tech Mailing List <4d_tech@lists.4d.com> Reply-To: 4D Tech Mailing List <4d_tech@lists.4d.com> Date: Friday, 27 September 2019 at 17:07 To: 4D Tech Mailing List <4d_tech@lists.4d.com> Cc: Paul Lovejoy Subject: HTTP AUTHENTICATE - how to know if the authentification worked Hi everyone, I’m using HTTP AUTHENTICATE to authenticate connections to a web server. The call to authenticate is immediately followed by a HTTP get(). The HTTP get occasionally fails and I’ve been able to trace this to a failed HTTP AUTHENTICATE, which appears to be an error from the website. However, it appears there’s no way to know the authentification succeeded or failed. There is no return code and OK doesn’t get set either. So I get various errors such as -9935 from the subsequent call to HTTP get(), which isn’t very helpful. Has anyone found an elegant workaround to find out if HTTP AUTHENTICATE() actually worked they can share? Thanks in advance, Paul ** 4D Internet Users Group (4D iNUG) Archive: http://lists.4d.com/archives.html Options: https://lists.4d.com/mailman/options/4d_tech Unsub: mailto:4d_tech-unsubscr...@lists.4d.com ** ** 4D Internet Users Group (4D iNUG) Archive: http://lists.4d.com/archives.html Options: https://lists.4d.com/mailman/options/4d_tech Unsub: mailto:4d_tech-unsubscr...@lists.4d.com **
HTTP AUTHENTICATE - how to know if the authentification worked
Hi everyone, I’m using HTTP AUTHENTICATE to authenticate connections to a web server. The call to authenticate is immediately followed by a HTTP get(). The HTTP get occasionally fails and I’ve been able to trace this to a failed HTTP AUTHENTICATE, which appears to be an error from the website. However, it appears there’s no way to know the authentification succeeded or failed. There is no return code and OK doesn’t get set either. So I get various errors such as -9935 from the subsequent call to HTTP get(), which isn’t very helpful. Has anyone found an elegant workaround to find out if HTTP AUTHENTICATE() actually worked they can share? Thanks in advance, Paul ** 4D Internet Users Group (4D iNUG) Archive: http://lists.4d.com/archives.html Options: https://lists.4d.com/mailman/options/4d_tech Unsub: mailto:4d_tech-unsubscr...@lists.4d.com **