cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How can I capture the complete http-message sent from client to WAS?

Go to solution
Former Member

on ‎04-20-2006 9:47 AM

0 Kudos

Hello,

When debugging a BSP application several utility classes/objects are available. Only I can't find the original authentication information forwarded by the client (userid). Therefor I would like to have available the whole http-message (full header and body) so I can distil the information myself.

Is there a method available which gives me the full, original http-message sent by the client?

NOTE: I use http-watch in my browser but this is not available on the reversed proxy.

kind regards,

Roelof Jan

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

athavanraja
Active Contributor
‎04-20-2006 9:55 AM
0 Kudos

you can use method

CALL METHOD request->if_http_request~get_raw_message

receiving

data = ws_xstring .

check out cl_http_reqest class to other options available. (reading header alone or form fields , etc)

Regards

Raja

Show replies
Show replies
Former Member
‎04-20-2006 10:56 AM
0 Kudos

Thanks Durairaj,

I have converted ws_xtring to a string which results in the readable stream below:

GET /tomonline(bD1lbiZjPTAxMA==)/bp_login.htm HTTP/1.0##host: kappa.trespa.com:8

015##accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vn

d.ms-powerpoint, application/vnd.ms-excel, application/msword, application/x-sho

ckwave-flash, /##accept-language: en-us##cache-control: no-cache##connection:

Keep-Alive##cookie: sap-usercontext=sap-client=010;##pragma: no-cache##referer:

https://trespa.infonet-asp.com/__extraweb__authen##user-agent: Mozilla/4.0 (comp

atible; MSIE 6.0; Windows NT 5.0)##authorization:

####

But now we get to my real problem. I'm missing authentication information in the httpmessage, forwarded by a reversed proxyserver which is visible in the serverlog (SMICM>Goto>HTTP Log>Server Name>Display Entries):

...snapshot of logtail, related to http string above

212.189.47.211 - tomadmin [20/Apr/2006:11:50:12 +0200] "GET /tomonline(bD1lbiZjPTAxMA==)/bp_login.htm HTTP/1.0" 500 3700

...

>212.189.47.211 = the ipadres of the reversed proxy (=client for the BSP application)

>tomadmin = the userid which is forwarded basic authentication userid by reversed proxy

I'm purely interested in this userid <b>tomadmin</b> which I want to use in my application.

Where did my <b>tomadmin</b> go???

I configured the service ztomonline as anonymous login. Maybe this mechanism strips of the userid.

regards Roelof Jan

Message was edited by: Roelof Jan Bouwknegt

Former Member
‎04-20-2006 1:23 PM
0 Kudos

Hello Durairaj,

I think I found the exact spot where my authentication data is stripped from the message:

METHOD DELETE_SECURITY_FIELDS

in METHOD AUTHENTICATION of class CL_HTTP_SERVER_NET.

This still keeps the question open how to capture the authorization: parameter from the http message before it is stripped.

Has anybody an idea?

kind regards,

Roelof Jan

thomas_jung
Developer Advocate
Developer Advocate
‎04-20-2006 2:08 PM
0 Kudos

I would probably try to create my own ICF Handler class. You can set a handler on an ICF Node that overrides the inherited BSP handler. In this handler you MIGHT be able to pull this information out - I can't be certain without trying it to see the order that the security fields are removed. I would start by just creating a simple handler class on a new node not in the BSP area to see if it is processed early enough.

If so then you can create your real handler that exports the data to shared memory. Since you can nest handlers, once yours is done processing, you can allow the flow to continue up to the normal BSP handler. In your application you then import the details from shared memory.

Former Member
‎04-20-2006 3:09 PM
0 Kudos

Hi Thomas,

In Ch5-Authentication is stated: 'The ICM will accept HTTP requests from any browser and will pass it then to the ICF layer for processing. However , before any processing can start, the incoming HTTP request has to be connected to a known ABAP user. This is the authentication step'.

I think this authentication step happens before the first HTTP Handler is processed but correct me if I'm wrong.

In the authentication step, part of the http header is stripped. This is the information I need.

Is there a way of replacing the authentication step by my own Zvariant?

kind regards,

Roelof Jan

thomas_jung
Developer Advocate
Developer Advocate
‎04-20-2006 3:40 PM
0 Kudos

No I don't think you can replace the authentication step. However I would just quickly try out the ICF Handler and see if it is too late. I have used this approach before to pull header infromation from the IISProxy tool so perhaps this will work for you.

Answers (0)

Ask a Question