HTTPGet request - secure requests

[Joe Maus]

Hi,

If you need to stay with an older version of Studio but have the flexibility of hosting a local proxy server you could use Membrane (http://membrane-soa.org/service-proxy/) or something similar to talk HTTP (or older HTTPS) from Studio to the local proxy server that then initiated an appropriate secure connection and then passed back the appropriate details to the calling Studio session.  

In general, this tool (and others like it) is handy to have around when you need to do some SOAP or RESTful work with older versions of Studio that don’t have the ability to do these kinds of interactions directly and/or easily.  Its obviously not the most secure way of making things happen in regards to Studio talking to the proxy, but under the right conditions it can extend your Studio functionality nicely.

Regards,

Joe Maus
The Convergent Consulting Group, LLC
303-349-6696
jmaus at theccgllc.com




> On Dec 27, 2017, at 3:49 PM, Michael Mantkowski <michaelj at clientrax.com> wrote:
> 
> Hi Chris,
> 
> I agree about Omnis 4.3.  However, using the Automation method pretty much takes that out of the equation since we are not actually doing HTTP Calls via Omnis but instead using the MS Automation Objects.  (This works on later versions of Omnis as well with no modifications which I find kind of nice.)  It also seems faster than rolling your ow HTTP code.
> 
> Obviously, should Microsoft stop supporting those then you would be in the same boat.
> 
> I also have code using Kelly's TCPTalk for doing these types of things on the Mac but it is noticeably slower than the Windows method.
> 
> *********************************************************************
> Michael Mantkowski
> ClienTrax Software
> 1-614-875-2245
> *********************************************************************
> 
> 
> -----Original Message-----
> From: Chris Webb [mailto:Chris.Webb at catalina-software.co.uk] 
> Sent: Wednesday, December 27, 2017 12:12 PM
> To: 'Michael Mantkowski' <michaelj at clientrax.com>
> Cc: 'OmnisDev List - English' <omnisdev-en at lists.omnis-dev.com>
> Subject: RE: HTTPGet request - secure requests
> 
> Hi Michael,
> 
> Thanks for your reply.  I have got a few lines of investigation to go on now so will be looking into these over the next few days.
> 
> I think the main issue is that we are interfacing to servers of organisations that are not at all likely to budge where SSL/TLS is concerned so we need to try and get it to work from our end.  This isn't helped by Omnis 4.3 as others have said.
> 
> I'll post back as/when we have any luck.
> 
> Thanks again
> 
> Chris
> 
> -----Original Message-----
> From: Michael Mantkowski [mailto:michaelj at clientrax.com] 
> Sent: 27 December 2017 16:30
> To: 'OmnisDev List - English' <omnisdev-en at lists.omnis-dev.com>
> Cc: Chris Webb <Chris.Webb at catalina-software.co.uk>
> Subject: RE: HTTPGet request - secure requests
> 
> Hi Chris,
> 
> I have not had any issues with any of the servers I work with that were not resolvable.  (Credit Card Interface, Lab Results, Drug Guides, PACS Image Management).
> 
> Issues normally are on the server side but also you might not be sending a proper header or have a URL formatting problem.  Hopefully you have a good technical contact with the service you are working with and can ask the administrator to track the conversions between client and server.
> 
> I use the "Msxml2.XMLHTTP.6.0" object for all my communications (for the ie6 object).  This is the latest that I am aware of, but you can see that I also allow for older versions for people that never upgrade their systems.  In Windows 7 and Windows 10 I see only ver3 and ver6 are available to select from.
> 
> Last thing, as Doug pointed out most Credit Card Companies now require newer version of TLS (1.0 and 1.1 being depreciated).  We have had to run compliance testing for this and everything checks out for TLS 1.2 compatibility. 
> 
> *********************************************************************
> Michael Mantkowski
> ClienTrax Software
> 1-614-875-2245
> *********************************************************************
> 
> 
> -----Original Message-----
> From: omnisdev-en [mailto:omnisdev-en-bounces at lists.omnis-dev.com] On Behalf Of Chris Webb via omnisdev-en
> Sent: Wednesday, December 27, 2017 4:07 AM
> To: 'OmnisDev List - English' <omnisdev-en at lists.omnis-dev.com>
> Cc: Chris Webb <Chris.Webb at catalina-software.co.uk>
> Subject: RE: HTTPGet request - secure requests
> 
> Hi Michael,
> 
> Thanks for the below.  I will have a look.
> 
> The thing is the automation object we use, works fine for one https:// address but not for another.  I presume this is related to server side settings/requirements than being an Omnis issue though.
> 
> Thanks for your assistance.
> 
> Hope everyone had a good Christmas!
> 
> Regards
> 
> Chris
> 
> -----Original Message-----
> From: omnisdev-en [mailto:omnisdev-en-bounces at lists.omnis-dev.com] On Behalf Of Michael Mantkowski
> Sent: 22 December 2017 19:20
> To: 'OmnisDev List - English' <omnisdev-en at lists.omnis-dev.com>
> Subject: RE: HTTPGet request - secure requests
> 
> Hi Doug, Chris,
> 
> Actually, you can.  On Windows you can via IE Automation or via Kelly's TCP Talk.
> 
> Here is how I do a getRequest via IE Automation.
> 
> Do method ----getRequest (lvURL,cvHeaderList,'',lvUserName,lvPassword,lvResponseText) Returns lvResponseCode
> 
> ; getRequest Method
> If sys(6)='X'
> ;  Use TCPTalk for Macs
> Calculate pvURL as replaceall(pvURL,' ','%20')     ;; Encode Spaces
> Do cvTCPTalk.$doHTTPRequest('GET',pvURL,pvHeaderList,pvXML,pvUserID,pvPassword,pvResponse) Returns responseCode Else ;  Create the IE Object Do ie6.$createobject() If ie6.$isavailable Set reference httpobj to ie6.$ref Else Do ie5.$createobject() If ie5.$isavailable Set reference httpobj to ie5.$ref Else Do ie4.$createobject() If ie4.$isavailable Set reference httpobj to ie4.$ref Else Do ie3.$createobject() If ie3.$isavailable Set reference httpobj to ie3.$ref Else Quit method con(jst(statusCode,'-3NP0'),' ',statusDesc) End If End If End If End If Do httpobj.$open('GET',pvURL,kFalse) ;  Make Headers Begin reversible block Set current list pvHeaderList End reversible block For each line in list from 1 to #LN step 1 Do httpobj.$setrequestheader(pvHeaderList.c1,pvHeaderList.c2)
> End For
> Do httpobj.$setrequestheader('User-Agent','ClienTrax')
> Do httpobj.$setrequestheader('Content-Length',len(pvXML))
> Do httpobj.$setrequestheader('Cache-Control','no-cache,no-store,post-check=0,pre-check=0')
> Do httpobj.$setrequestheader('Host',pvURL)
> If pvUserID<>''&pvPassword<>''
> ;  Set Server Authentication
> Calculate lvAuth as con(pvUserID,':',pvPassword) UUEncode (lvAuth,lvEncodedAuth) Do httpobj.$setrequestheader('Authorization',con('Basic ',lvEncodedAuth)) End If ;  Send Request Do httpobj.$send(pvXML) ;  Get Response Calculate pvResponse as httpobj.$responsetext Calculate statusDesc as httpobj.$statustext Calculate statusCode as httpobj.$status If 1=2 Calculate #S1 as httpobj.$getallresponseheaders End If ;  Give the memory back...
> Do httpobj.$release()
> Calculate responseCode as con(jst(statusCode,'-3NP0'),' ',statusDesc) End If Quit method responseCode
> 
> *********************************************************************
> Michael Mantkowski
> ClienTrax Software
> 1-614-875-2245
> *********************************************************************
> 
> 
> -----Original Message-----
> From: omnisdev-en [mailto:omnisdev-en-bounces at lists.omnis-dev.com] On Behalf Of Doug Easterbrook
> Sent: Friday, December 22, 2017 2:02 PM
> To: OmnisDev List - English <omnisdev-en at lists.omnis-dev.com>
> Subject: Re: HTTPGet request - secure requests
> 
> hi Chris:
> 
> you can’t use https with studio 4 — doesn’t work.   the feature I think was new to studio 5.
> 
> Doug Easterbrook
> Arts Management Systems Ltd.
> mailto:doug at artsman.com
> http://www.artsman.com
> Phone (403) 650-1978
> 
> 
> 
> 
> see you at the third annual users conference
> https://tickets.proctors.org/TheatreManager/95/online?performance=29086 <https://tickets.proctors.org/TheatreManager/95/online?performance=29086>
> 
>> On Dec 22, 2017, at 9:34 AM, Chris Webb via omnisdev-en <omnisdev-en at lists.omnis-dev.com> wrote:
>> 
>> Hi All,
>> Using Omnis 4.3 (not for much longer though).
>> Trying to access a secure url to download a file using the HTTP automation object but are getting an SSL error response.
>> So, tried using the HTTPGet request and this returns a HTTP 301 Moved Permanently response. Now I think this is because it is not actually doing a request goes to http and tries to redirect to secure (which it can't).
>> Then added the optional parameters for port (443) and get the response 'The plain HTTP request was sent to HTTPS port'.
>> Then added the parameter for secure as kTrue and it wouldn't even open a socket.
>> Any thoughts on how to get secure request working through HTTPGet?
>> Thank in advance.
>> Chris
>> _____________________________________________________________
>> Manage your list subscriptions at http://lists.omnis-dev.com
> 
> _____________________________________________________________
> Manage your list subscriptions at http://lists.omnis-dev.com
> 
> _____________________________________________________________
> Manage your list subscriptions at http://lists.omnis-dev.com _____________________________________________________________
> Manage your list subscriptions at http://lists.omnis-dev.com
> 
> 
> _____________________________________________________________
> Manage your list subscriptions at http://lists.omnis-dev.com