RESTFUL web service with server certificate using UHTTP

Author: fearandir@gmail.com (fearandir)

Good morning everyone.   Currently, we are working with a bunch of restful web services that NOW are implemented over a secure, encrypted HTTPS connection using a SERVER SIDE certificate. Not client certificate required.   The authentication is made, providing the user and password inside the SOP header. You can see the encoded user and pass:   

newinstance "UHTTP", VUHTTP getitem/id VS_URL, PSI_IN, "ENDPOINT" VSSECURITY = $encode("BASE64","%%VS_USER:%%VS_PASS") putitem/id PSO_HEAD, "Authorization", "%%VS_AUTH %%VSSECURITY" PNO_STATUS = VUHTTP->Send(VS_URL,"GET","","",PSO_HEAD,PSO_BODY,PSO_RESP)

 I got a funny $STATUS=0. The SEND help page do not cover this returned status...   So i followed the secure https connections guideline:

  1. Add the certificate information into a file called ca-bundle.crt

  2. Put this file in the Uniface \usys folder.

But i got the same result. Finally i checked this issue: http://unifaceinfo.com/change-http-header-content-with-soap-connector/

  And downloaded the CURL manual. Inside  the manual the -H and -d parameters are specified.

  • The “-d” option allows us to pass data to the remote server
  • The “-H” option allows you to add an HTTP header to the request.

So... Maybe the Uniface CURL implementation do not includes this feature?   Thanks in advance, Sergio

4 Comments

  1. Which Uniface version (and patch level) are you using? The mentioned wish (Change HTTP Header content with SOAP Connector) is only applicable to the SOAP U2.0 connector and does not affect the UHTTP component. If you, however, use Uniface version 9.6.07 (patch MX06) or 9.7.01 (and newer) then the following issue could be relevant:

    The mentioned bug is currently still unresolved, but the headers can be sent with all HTTP methods when setting the flag code "8" (using the UHTTP operation SET_FLAGS). For details see the workaround of the mentioned BUG. Thanks, Daniel Uniface Support


    Author: diseli (daniel.iseli@uniface.com)
  2. We are using 9.6.04.02, X402 The flag code 8 is not available in this version. Thanks, Sergio


    Author: fearandir (fearandir@gmail.com)
  3. fearandir said We are using 9.6.04.02, X402  

    Prior to version 9.6.07 (patch MX06) the UHTTP component used on Windows the WinINet API and on other platforms cURL. In order to make the behavior of the UHTTP component more consistent and easier to maintain it was decided to replace WinINet and use cURL on all plaforms as of Uniface 9.6.07 (patch MX06). So in your case the UHTTP component will not use the ca-bundle.crt (in \common\usys) as locale certificate store, but the locale certificate store of Windows (as used e.g. by the Internet Explorer). And there's another issue that might be relevant for you:

    The mentioned bug has been resolved with the version 9.6.07 patch X701 (and higher). And this error can occur in different situations. E.g. when:

    • a Header item has no value
    • a HTTPS site is called that requires a valid client certificate
    • a non-existing proxy server is used
    • ...

    Hope this helps. Daniel


    Author: diseli (daniel.iseli@uniface.com)
  4. Wow. Tricky.   Well, i think we can not upgrade to 9.7.01 because some of the client machines are Windows Xp. I am not sure about this. So, i will inform about all this stuff to the IT systems department...   Tanks Daniel, Sergio    

     


    Author: fearandir (fearandir@gmail.com)