Progress 4gl安全套接字认证

时间:2016-05-12 19:18:49

标签: sockets authentication progress-4gl openedge

目前正尝试使用username:password @ domain语法执行与具有身份验证设置的主机的套接字连接。通过命令行运行时,以下curl请求正常工作:

/opt/pware/bin/curl -s -v -S -k -X POST -d @/test/worldpay.xml https://username:password@secure-test.worldpay.com/jsp/merchant/xml/paymentService.jsp

问题在于尝试使用进度安全套接字发布相同的worldpay.xml有效内容文件时。我的套接字使用以下方式连接:

DEFINE VARIABLE vhSocket AS HANDLE NO-UNDO.
CREATE SOCKET vhSocket.

vhSocket:CONNECT('-H test.worldpay.com -S 443 -ssl -nohostverify') NO-ERROR.
IF vhSocket:CONNECTED() EQ FALSE THEN
DO: 
    Message "COULD NOT CONNECT".
    vhSocket:DISCONNECT().
    DELETE OBJECT vhSocket NO-ERROR.
    RETURN.
END.
ELSE
   Message "CONNECTED!".

打开套接字连接后,我按如下方式设置标题:

ASSIGN 
vRequest = 'POST ' +
username + ":" + password + "@" + "/jsp/merchant/xml/paymentService.jsp" +
' HTTPS/1.1' + chr(13) + chr(10) +
'Connect: close' + chr(13) + chr(10) +
'Host: ' + "secure-test.worldpay.com" + chr(13) + chr(10) +
'Content-Length: ' + string(LENGTH(postdata,"raw")) + chr(13) + chr(10) +
'Content-Type: text/xml' + chr(13) + chr(10) +
chr(13) + chr(10) +
postData +
chr(13) + chr(10).


set-byte-order(vData) = BIG-ENDIAN.
set-size(vData) = LENGTH(vRequest,"raw").
put-string(vData,1,LENGTH(vRequest,"raw")) = vRequest.

vReturnCode = vhSocket:WRITE(vData, 1, LENGTH(vRequest,"raw")).

任何有关如何构建标头或如何通过正在进行的安全套接字执行基本身份验证的帮助将不胜感激。谢谢你们!

1 个答案:

答案 0 :(得分:0)

对于http(s)基本身份验证,您不要将用户名作为网址的一部分进行发布。

请参阅https://en.wikipedia.org/wiki/Basic_access_authentication#Client_side

这是我们在http客户端中使用的内容,您必须将对AddHttpHeader的调用更改为将该标题行发送到服务器套接字的代码。

/*------------------------------------------------------------------------------
    Purpose: Adds a basic authorization header to the request
    Notes:   
    @param pcUserName The UserName to use for basic authorization
    @param pcPassword The password to use for basic authorization
------------------------------------------------------------------------------*/
METHOD PUBLIC VOID SetBasicAuthorization (pcUserName AS CHARACTER,
                                          pcPassword AS CHARACTER):

    DEFINE VARIABLE cBase64        AS LONGCHAR NO-UNDO.
    DEFINE VARIABLE mAuthorization AS MEMPTR   NO-UNDO .

    ASSIGN cBase64 = SUBSTITUTE ("&1:&2":U, pcUserName, pcPassword) .

    SET-SIZE (mAuthorization) = LENGTH (cBase64) .

    PUT-STRING (mAuthorization, 1, LENGTH (cBase64)) = cBase64 .

    ASSIGN cBase64 = BASE64-ENCODE (mAuthorization) .

    AddHttpHeader (SUBSTITUTE ("Authorization Basic &1":U, cBase64)) .

    FINALLY:
        SET-SIZE (mAuthorization) = 0 .         
    END FINALLY.

END METHOD .

所以在你的情况下,试试这个:

ASSIGN 
vRequest = 'POST ' + "/jsp/merchant/xml/paymentService.jsp" +
' HTTPS/1.1' + chr(13) + chr(10) +
'Connect: close' + chr(13) + chr(10) +
'Host: ' + "secure-test.worldpay.com" + chr(13) + chr(10) +
'Content-Length: ' + string(LENGTH(postdata,"raw")) + chr(13) + chr(10) +
'Content-Type: text/xml' + chr(13) + chr(10) +
'Authorization: Basic ' + cBase64 + chr(13) + chr(10) +
chr(13) + chr(10) +
postData +
chr(13) + chr(10).
相关问题
最新问题