use of https url and basic authentication

This topic has 6 replies, 3 voices, and was last updated 2 years, 3 months ago by Ken Smith.

Creator

Topic
September 1, 2022 at 4:30 am #119917
Ken Smith
Participant
I was asked to connect to an API using an https url and basic authentication. The API is an internal one.

I can connect in this manner using the basic http-client thread and POST. The call to the API is successful and the message/data updates the backend database.

I cannot connect in this manner using the java/ws-rawclient thread and GET. I get errors along the lines of:

java.lang.RuntimeException: RuntimeException invoking https://xx.xx.xx.xx:1234/api/Interface/xxxxxxxxx: java.lang.RuntimeException: HostnameVerifier,

I’ve tried various settings on the java/ws-rawclient thread with no affect (e.g., enabling TLS). There is no certificate. It makes more intuitive sense that the call would fail than that it would succeed.

But I am curious as to why the http-client works and the java/ws-rawclient does not. Is it the thread, is it the call (POST vs GET), it is both?
Creator

Topic

Viewing 2 reply threads

Author

Replies
- September 1, 2022 at 7:37 am #119920
  Robert Kersemakers
  Participant
  Why are you using GET with java/ws-rawclient, when you used POST and http-client successfully? If you want to send/deliver data with java/ws-rawclient, you need to use ‘Method’ POST.
  
  Zuyderland Medisch Centrum; Heerlen/Sittard; The Netherlands
  - September 1, 2022 at 7:40 am #119921
    Ken Smith
    Participant
    The POST is being used to send data into a db via the API. The GET is being used to retrieve data from the db via the API.
    
    I am able to use the http-client thread because the data is formatted in xml, which that thread handles gracefully. It doesn’t handle JSON at all.
    
    As the data is supplied outbound (i.e., via GET) in JSON format, I can’t used the http-client but have to use the raw client instead.
- September 1, 2022 at 1:17 pm #119923
  Don Martin
  Participant
  What SSL configuration is set up in you http-client thread? I believe it is possible to have these threads skip server authentication based on the properties you set on the thread, which might explain why you can post info to this API.
  
  You mentioned this is an internal API… wondering if they are using a self-signed cert that your rawclient thread won’t trust unless you add it to the configuration of your conduit?
  - September 2, 2022 at 4:01 am #119925
    Ken Smith
    Participant
    Thank you for that thought, it is very helpful.
    
    The http-client allows a setting for anonymous mode when selecting https (with SSL protocol defaulted to All), and with no settings for certificate. I didn’t really notice it at the time as it was the default.
    
    The java/ws-rawclient doesn’t seem to allow this same configuration, i.e., anonymous mode, or at least I can’t see how to enable it in the config options.
    
    As regards the internal API, it is not using any certificate.
- September 2, 2022 at 9:52 am #119926
  Don Martin
  Participant
  As far as the API not using any certificate, that’s interesting. Are you sure they require you to connect with https/SSL? Have you tried calling to http://theAPI instead of https://theAPI?
  
  I can’t imagine their API endpoint is going to work via https on a rawclient thread if they don’t have a cert installed.
  - September 2, 2022 at 9:57 am #119927
    Ken Smith
    Participant
    The interfaces and the API are very much part and parcel of the same project. Yes, they did very specifically asked if I could connect with https. Calling the API with http definitely works with basic user/pwd authentication. Adding the https was either gilding the lily or belt-and-braces, depending upon how you look at it.
    
    I was of a similar mind, that https was never going to work on a rawclient without a cert. The failure of https w/o the cert was what I was expecting. I did want however to see if there was anything I’d overlooked. Thanks for your response, much appreciated.
Author

Replies

Viewing 2 reply threads

You must be logged in to reply to this topic.