1. Jay Pillai
  2. PowerBuilder
  3. Thursday, 6 May 2021 11:19 AM UTC

Hi

I know this question was asked before but the solution provided for some reason did not work for me.
My issue is with the cache when I call a REST service using Msxml2.XMLHTTP.6.0. I am Using PB 2017 R3.

I use GET,POST and PUT requests. The GET Userid and password are different to POST and PUT (POST and PUT have the same).

The first time I do a GET, with the Userid and password it works. Now I have to do a POST
or a PUT, the userid and password changes here and the request fails because it takes the userid and password from GET. After closing the Application, the other way around if I do a PUT first it works and then doing a GET fails for the same reason.

 I tried all these Header options but to no avail.

oleHTTP.setRequestHeader("Cache-Control", "no-cache, no-store, private, max-age=0")
oleHTTP.setRequestHeader("Pragma", "no-cache");
oleHTTP.setRequestHeader("Expires", "Tue, 01 Jan 1900 1:00:00 GMT")
oleHTTP.setRequestHeader("If-None-Match", "??Dummy??" + string(li_random2) );

Thank you

Armeen Mazda @Appeon Accepted Answer Pending Moderation
  1. Thursday, 6 May 2021 14:43 PM UTC
  2. PowerBuilder
  3. # 1

Why don't use just use the RESTClient to call REST APIs.  From security perspective, you should be using tokens not passing username/password.  The RESTClient supports both OAuth and JWT tokens.

Comment
  1. Jay Pillai
  2. Friday, 6 August 2021 07:01 AM UTC
Hello Armeen

With the issues I am having with the SSO server logout using xml2.XMLHTTP.6.0.( PB 2017 R3.), Can using a RESTClient to call REST API's. enable to log of from a SSO server and login with a new credentials?. I was asked to check with the vendor and report back if it's possible. A change to RESTClient will be a major change for me but it would be good to know if this is possible.

Thank you
  1. Helpful
  1. Armeen Mazda @Appeon
  2. Friday, 6 August 2021 07:21 AM UTC
I suggest do a simple proof of concept before making major changes to your app and verify. The other thing is I suggest you use HTTPClient not RESTClient… it gives you more control. Lastly, here is tech article that might help you go in right direction: https://community.appeon.com/index.php/articles-blogs/tutorials-articles/2-powerbuilder/296-how-to-use-httpclient-or-restclient-to-call-an-api-with-basic-authentication
  1. Helpful
  1. Jay Pillai
  2. Friday, 6 August 2021 07:58 AM UTC
Thank you Armeen for the link to the article. Will do a POC before proceeding.
  1. Helpful
There are no comments made yet.
Jay Pillai Accepted Answer Pending Moderation
  1. Friday, 7 May 2021 05:18 AM UTC
  2. PowerBuilder
  3. # 2

Hello Armeen

To change to anything else will be a major change in the Application, so we really want to keep this.

We were calling the z/OS REST Service with GET,PUT and POST having the same  User with no issues at all. The problem started after having two different users one for GET and another one for POST and PUT.     

In the debugger I can see that I am passing the appropriate user to the server but on the server it is always the first passed user until I close the PB Application.

Could this have something to do with the Z/OS server settings? I tried with the mentioned Header option on the client side but that did not help.

 

 

 

Comment
  1. Armeen Mazda @Appeon
  2. Friday, 7 May 2021 05:59 AM UTC
Thanks for explaining your situation. I don’t know the answer whether you made mistake or this Windows API has limitations. Since this is Windows API issue rather than PB specific, you might want to post this also on Stack Overflow also.
  1. Helpful
There are no comments made yet.
René Ullrich Accepted Answer Pending Moderation
  1. Friday, 7 May 2021 06:03 AM UTC
  2. PowerBuilder
  3. # 3

Hi Jay,

How do you specify username and password?

Do you specify it in Open method or do you set it in request header.

If you specify it in open methode you could try to specify request heaer instead or try to specify it in in open and request header.

HTH,

René

Comment
There are no comments made yet.
Jay Pillai Accepted Answer Pending Moderation
  1. Friday, 7 May 2021 06:16 AM UTC
  2. PowerBuilder
  3. # 4

Hi Rene

I do it like this now  oleHTTP.open(Upper(as_Method), as_Url, False, as_userid, as_password ) .

Can you give me an example of specifying this in Request Header?  

Jay

Comment
There are no comments made yet.
René Ullrich Accepted Answer Pending Moderation
  1. Friday, 7 May 2021 06:26 AM UTC
  2. PowerBuilder
  3. # 5

Hi Jay,

For basic authentication you have to set the request header "Authorization" and specify username and password in the form  "Basis encodedvalue" where encodedvalue is a Base64 encoded string "username:password"

Add the request header after Open and before Send.

Example:

lcod_CoderObject = CREATE CoderObject

lole_XmlHttp.SetRequestHeader ("Authorization", "Basic " + lcod_CoderObject.Base64Encode (Blob (as_userid + ":" + as_password, EncodingUTF8!)))

Regards,

René

Comment
  1. Jay Pillai
  2. Tuesday, 3 August 2021 09:30 AM UTC
Thank you René. I will check this out
  1. Helpful
  1. Jay Pillai
  2. Tuesday, 3 August 2021 10:40 AM UTC
Hi René

I was using the same oleHTTP instance for GET,POST and PUT and I also tried a few weeks ago with two instances one for GET and the other for POST/PUT and DisconnectObject() and Destroy. That unfortunately did not work so I reverted to one instance.

Jay



  1. Helpful
  1. Jay Pillai
  2. Tuesday, 3 August 2021 11:21 AM UTC
Hi René

Checked the stackoverflow link, and I noticed that I have all the mentioned setRequestHeaders in my code.

I think since I cannot logout() once connected to the server as my first call credentials are maintained even if there is a change as SSO enforces this, I will have to request for a server with SSO disabled. Hopefully they will agree to have such a server just for the application.. As of now I don't see any possibility of doing it from my PB application..

  1. Helpful
There are no comments made yet.
Jay Pillai Accepted Answer Pending Moderation
  1. Friday, 7 May 2021 09:23 AM UTC
  2. PowerBuilder
  3. # 6

Hi René

Tried as you suggested but still facing the same problem. In the meantime I will inform the z/OS guys about the problem I am facing, not sure if this could be on the server side, I know I am sending the right credentials to the server.

Regards

Jay 

 

Comment
There are no comments made yet.
Roland Smith Accepted Answer Pending Moderation
  1. Monday, 2 August 2021 12:44 PM UTC
  2. PowerBuilder
  3. # 7

Long time ago in a non-PowerBuilder app I solved this by adding a parameter to the end of the URL with a random number as the value.

Comment
  1. Jay Pillai
  2. Monday, 2 August 2021 12:54 PM UTC
Hi Roland

I think it was your posting that I found, I am not sure, and I tried something like this:

oleHTTP.setRequestHeader("If-None-Match", "??Dummy??" + string(li_random2) );

Unfortunately this did not help.

Jay
  1. Helpful
  1. Roland Smith
  2. Monday, 2 August 2021 13:07 PM UTC
Not in a header, on the end of the URL. Like this:



https://www.mywebserver.com/webservices/myservice.php?random=123456

  1. Helpful
  1. Jay Pillai
  2. Tuesday, 3 August 2021 10:50 AM UTC
Hi Roland

I tried appending a random value to the URL but the REST service rejects it.
  1. Helpful
There are no comments made yet.
  • Page :
  • 1


There are no replies made for this question yet.
However, you are not allowed to reply to this question.