[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SOAPAction and Watchguard firewall
Scott,
I came to the same conclusion after I sent the email. I found the problem
in my program. It was so stupid I don't want to talk about it. The
SOAPAction is working just fine using HTTPS. I'm getting a different SOAP
reject response now and it either has to do with the XML syntax or I need
to encode some of the special characters that are picked up when a credit
card is swiped. I'm using the HTTP_SetCCSIDs to specify UTF-8 translation.
Thanks for your response and many thanks for the work you and the group
have put into the HTTPAPI project.
Rusty Gadberry
Arkansas Data Services, Inc.
Makers of DOCS/400
501-327-8000 office
www.ark-data-services.com
This message (including any attachments) contains confidential information
intended for a specific individual and purpose, and is protected by law. If
you are not the intended recipient, you should delete this message. Any
disclosure, copying, or distribution of this message, or the taking of any
action based on it, is strictly prohibited.
Scott Klement
<sk@scottklement.
com> To
Sent by: HTTPAPI and FTPAPI Projects
ftpapi-bounces@li <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
sts.scottklement. cc
com
Subject
Re: SOAPAction and Watchguard
09/06/2006 11:25 firewall
AM
Please respond to
HTTPAPI and
FTPAPI Projects
<ftpapi@xxxxxxxxx
ttklement.com>
> After applying the above change to the firewall the web service starting
to
> work using HTTP but fails using HTTPS with the same SOAP response as
above.
There's no way that your firewall can view or change HTTP headers in an
SSL connection. The SSL connection is encrypted, and cannot be decrypted
except by destination server.
If your firewall could decrypt the data in order to tell what the headers
are, a hacker could also decrypt the document. The point behind HTTPS is
to guarantee that nobody was able to read or tamper with the HTTP session.
> I don't think this problem is related to the firewall. In reviewing the
log
> it appears that the "SOAPAction:
> http://tempuri.org/TransGateway/Transact/PostXML"; is missing on the
header.
Are you passing this string in the peSoapAction parameter to HTTPAPI?
You also show "UTF-8" as your character set, both in the content-type and
in the encoding parameter of the XML document. Are you sure that it's in
UTF-8 format? This would require you to jump through extra hoops to
achieve, since HTTPAPI typically encodes things in ISO-8859-1
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------