ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » Passing Username/Password as application/x-www-form-urlencod

Post new topic  Reply to topic
 Passing Username/Password as application/x-www-form-urlencod « View previous topic :: View next topic » 
Author Message
apmohan
PostPosted: Mon Feb 08, 2021 4:17 am    Post subject: Passing Username/Password as application/x-www-form-urlencod Reply with quote

Apprentice

Joined: 28 Dec 2012
Posts: 27

Hello All,

I am using IIB V10.0.0.18 and I want to do call a external rest to fetch a token, when i try to use postman, I am passing the username/password as Key and Value under Body with Content Type as "application/x-www-form-urlencoded".



How can do the same using IIB ?
I tried below
Code:

SET OutputLocalEnvironment.Destination.HTTP.RequestLine.Method = 'POST';
Set OutputRoot.HTTPRequestHeader."Content-Type" = 'application/x-www-form-urlencoded';
SET OutputLocalEnvironment.Destination.HTTP.Parameters.username = 'xx';
SET OutputLocalEnvironment.Destination.HTTP.Parameters.password = 'yy';
SET OutputLocalEnvironment.Destination.HTTP.RequestURL = 'https://URL';


Please

file:///D:/1.PBB_SBSA/1.My_Work/3.ESRI_API_WMB/POSTMAN.jpg
Back to top
View user's profile Send private message Send e-mail
apmohan
PostPosted: Mon Feb 08, 2021 4:29 am    Post subject: Re: Passing Username/Password as application/x-www-form-urle Reply with quote

Apprentice

Joined: 28 Dec 2012
Posts: 27

apmohan wrote:
Hello All,

I am using IIB V10.0.0.18 and I want to do call a external rest to fetch a token, when i try to use postman, I am passing the username/password as Key and Value under Body with Content Type as "application/x-www-form-urlencoded".



How can do the same using IIB ?
I tried below
Code:

SET OutputLocalEnvironment.Destination.HTTP.RequestLine.Method = 'POST';
Set OutputRoot.HTTPRequestHeader."Content-Type" = 'application/x-www-form-urlencoded';
SET OutputLocalEnvironment.Destination.HTTP.Parameters.username = 'xx';
SET OutputLocalEnvironment.Destination.HTTP.Parameters.password = 'yy';
SET OutputLocalEnvironment.Destination.HTTP.RequestURL = 'https://URL';


Please

file:///D:/1.PBB_SBSA/1.My_Work/3.ESRI_API_WMB/POSTMAN.jpg


When I pass the username/password as HTTP Parameters
Code:

Set OutputRoot.HTTPRequestHeader.HTTP.QueryString.username = 'XX';
Set OutputRoot.HTTPRequestHeader.HTTP.QueryString.password = 'YY';


I am getting an error
Quote:
<data contentType="text/plain;charset=utf-8" contentLength="155"><![CDATA[{"error": {
"code": 400,
"message": "Unable to generate token.",
"details": [
"'username' must be specified.",
"'password' must be specified."
]
}}]]></data>
Back to top
View user's profile Send private message Send e-mail
Vitor
PostPosted: Mon Feb 08, 2021 5:45 am    Post subject: Reply with quote

Grand High Poobah

Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA

Neither of those methods add anything to the body of the call.

Your first example adds them to the parameters passed in the HTTP header, the second adds them as query items to the end of the URL.

If you want them in the body of the query, add them as you would anything else in the message tree.
_________________
Honesty is the best policy.
Insanity is the best defence.
Back to top
View user's profile Send private message
apmohan
PostPosted: Mon Feb 08, 2021 6:19 am    Post subject: Reply with quote

Apprentice

Joined: 28 Dec 2012
Posts: 27

Vitor wrote:
Neither of those methods add anything to the body of the call.

Your first example adds them to the parameters passed in the HTTP header, the second adds them as query items to the end of the URL.

If you want them in the body of the query, add them as you would anything else in the message tree.


Thanks Vitor for the reply, can you please let me know how I can add them as body of the query?

Please
Back to top
View user's profile Send private message Send e-mail
abhi_thri
PostPosted: Mon Feb 08, 2021 9:18 am    Post subject: Re: Passing Username/Password as application/x-www-form-urle Reply with quote

Knight

Joined: 17 Jul 2017
Posts: 516
Location: UK

apmohan wrote:

when i try to use postman, I am passing the username/password as Key and Value under Body with Content Type as "application/x-www-form-urlencoded".


hi...to add to Vitor's comment, look at the successful postman request structure and try creating the same in IIB, i.e if username/password is created in the request body and not as headers/query params the same need to be done in IIB as well. Can you post the full postman request from the http logs, anonymise the credentials first
Back to top
View user's profile Send private message
apmohan
PostPosted: Mon Feb 08, 2021 9:56 pm    Post subject: Re: Passing Username/Password as application/x-www-form-urle Reply with quote

Apprentice

Joined: 28 Dec 2012
Posts: 27

abhi_thri wrote:
apmohan wrote:

when i try to use postman, I am passing the username/password as Key and Value under Body with Content Type as "application/x-www-form-urlencoded".


hi...to add to Vitor's comment, look at the successful postman request structure and try creating the same in IIB, i.e if username/password is created in the request body and not as headers/query params the same need to be done in IIB as well. Can you post the full postman request from the http logs, anonymise the credentials first


Thanks abhi_thri for the reply, here is the postman console logs:
Quote:

Request Headers
User-Agent: PostmanRuntime/7.26.8
Accept: */*
Postman-Token: e07cd6b0-c290-459e-9557-814b01fa9e7b
Host: xxx.com
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 53
Cookie: __cfduid=de8392f08c7a07ee482c8b7b5eb6529391612532279
Request Body
username: "XX"
password: "YY"

Here if you see the Request Body just shows username and password, so I am not sure whether this is a JSON format or someother ?
Regarding your reply
Quote:
try creating the same in IIB, i.e if username/password is created in the request body and not as headers/query params the same need to be done in IIB as well
I am struggling to create as body, I am need some on this to how create it ?
Back to top
View user's profile Send private message Send e-mail
abhi_thri
PostPosted: Tue Feb 09, 2021 12:24 am    Post subject: Re: Passing Username/Password as application/x-www-form-urle Reply with quote

Knight

Joined: 17 Jul 2017
Posts: 516
Location: UK

apmohan wrote:

Here if you see the Request Body just shows username and password, so I am not sure whether this is a JSON format or someother ?


Don't you think the best way is to query with the service provider or check their specs to see what message format they expects for the token request?

Looking at the request which worked it looks like a normal tag delimited format, i.e data lines have two fields separated by ':' and the lines themselves got <newline> as delimiter. Without bothering to create a message model for it you could easily put the whole data string (user/password ones) to the OutputRoot.BLOB.BLOB and see what happens

Code:
username: "XX"
password: "YY"
Back to top
View user's profile Send private message
apmohan
PostPosted: Tue Feb 09, 2021 5:03 am    Post subject: Re: Passing Username/Password as application/x-www-form-urle Reply with quote

Apprentice

Joined: 28 Dec 2012
Posts: 27

abhi_thri wrote:
apmohan wrote:

Here if you see the Request Body just shows username and password, so I am not sure whether this is a JSON format or someother ?


Don't you think the best way is to query with the service provider or check their specs to see what message format they expects for the token request?

Looking at the request which worked it looks like a normal tag delimited format, i.e data lines have two fields separated by ':' and the lines themselves got <newline> as delimiter. Without bothering to create a message model for it you could easily put the whole data string (user/password ones) to the OutputRoot.BLOB.BLOB and see what happens

Code:
username: "XX"
password: "YY"


Thanks Again for reverting back..

Quote:
OutputRoot.BLOB.BLOB and see what happens
I tried this but it fails and not going through.

Quote:
Don't you think the best way is to query with the service provider or check their specs to see what message format they expects for the token request?


Also I asked the vendor but they aren't sure of it
Back to top
View user's profile Send private message Send e-mail
Vitor
PostPosted: Tue Feb 09, 2021 5:41 am    Post subject: Re: Passing Username/Password as application/x-www-form-urle Reply with quote

Grand High Poobah

Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA

apmohan wrote:
Also I asked the vendor but they aren't sure of it


Well that's weird but not as unusual as it should be.

But in your first post you said:

apmohan wrote:
I am passing the username/password as Key and Value under Body


So you know the format you need because you created it in Postman. The console log you posted simply proves that Postman understood what you meant and made the call with the details. Create the same body in IIB and it too will make the correct call.
_________________
Honesty is the best policy.
Insanity is the best defence.
Back to top
View user's profile Send private message
apmohan
PostPosted: Tue Feb 09, 2021 10:04 pm    Post subject: Re: Passing Username/Password as application/x-www-form-urle Reply with quote

Apprentice

Joined: 28 Dec 2012
Posts: 27

Vitor wrote:
apmohan wrote:
Also I asked the vendor but they aren't sure of it


Well that's weird but not as unusual as it should be.

But in your first post you said:

apmohan wrote:
I am passing the username/password as Key and Value under Body


So you know the format you need because you created it in Postman. The console log you posted simply proves that Postman understood what you meant and made the call with the details. Create the same body in IIB and it too will make the correct call.


Thanks Vitor for the update, as advised I passed everything as Blob which resolved the issue

Code:
SET OutputLocalEnvironment.Destination.HTTP.RequestLine.Method = 'POST';
DECLARE payload CHARACTER;
SET payload = 'username=xx&password=yy&ip=&client=referer&referer=sit.com&expiration=60&f=pjson';
SET OutputRoot.BLOB.BLOB = CAST(payload AS BLOB CCSID 1208 ENCODING 815);
SET OutputLocalEnvironment.Destination.HTTP.RequestURL = 'Site.com';


Thanks to all
Back to top
View user's profile Send private message Send e-mail
gbaddeley
PostPosted: Wed Feb 10, 2021 2:15 pm    Post subject: Re: Passing Username/Password as application/x-www-form-urle Reply with quote

Jedi

Joined: 25 Mar 2003
Posts: 2492
Location: Melbourne, Australia

apmohan wrote:
Thanks Vitor for the update, as advised I passed everything as Blob which resolved the issue

Code:
SET OutputLocalEnvironment.Destination.HTTP.RequestLine.Method = 'POST';
DECLARE payload CHARACTER;
SET payload = 'username=xx&password=yy&ip=&client=referer&referer=sit.com&expiration=60&f=pjson';
SET OutputRoot.BLOB.BLOB = CAST(payload AS BLOB CCSID 1208 ENCODING 815);
SET OutputLocalEnvironment.Destination.HTTP.RequestURL = 'Site.com';


Thanks to all

Is this a https session? Otherwise the credentials will be flowing over the network as visible plain text.
_________________
Glenn
Back to top
View user's profile Send private message
apmohan
PostPosted: Wed Feb 10, 2021 9:37 pm    Post subject: Re: Passing Username/Password as application/x-www-form-urle Reply with quote

Apprentice

Joined: 28 Dec 2012
Posts: 27

gbaddeley wrote:
apmohan wrote:
Thanks Vitor for the update, as advised I passed everything as Blob which resolved the issue

Code:
SET OutputLocalEnvironment.Destination.HTTP.RequestLine.Method = 'POST';
DECLARE payload CHARACTER;
SET payload = 'username=xx&password=yy&ip=&client=referer&referer=sit.com&expiration=60&f=pjson';
SET OutputRoot.BLOB.BLOB = CAST(payload AS BLOB CCSID 1208 ENCODING 815);
SET OutputLocalEnvironment.Destination.HTTP.RequestURL = 'Site.com';


Thanks to all

Is this a https session? Otherwise the credentials will be flowing over the network as visible plain text.



Yeah it is a https session only.
Back to top
View user's profile Send private message Send e-mail
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » Passing Username/Password as application/x-www-form-urlencod
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
 
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.