Solved: HTTP Basic Authentication

Hey,
Your code looks good!!
The first time when you request for the 'Authorization' header, it would be null by default. So you have to prompt your brower for authentication.

if (authorization != null)
{
htmlOutputStream.print("Now to display the user ID and password ");
htmlOutputStream.print(userID);
htmlOutputStream.print (password);
}

else
{
res.setStatus( HttpServletResponse.SC_UNAUTHORIZED );
res.setHeader( "WWW-authenticate", "basic realm=\"realm-name"\"" );
String msg = "<HTML><HEAD></HEAD><BODY>Authorization Failure</BODY></html>";
res.setContentType( "text/html" );
res.setContentLength( msg.length( ) );
htmlOutputStream.print( unauthorized_msg );
htmlOutputStream.flush( );
}

The else part prompts your browser to authenticate. And when authentication fails, the msg is displayed!!

hope this helps!

-viswa

gvijay1

ASKER

Hi viswa,

I tried what u told me to, but I am still getting an error. The browser does request authentication the second time around, but this time, it issues an unhandled exception. here is the code...

String authorization = request.getHeader("Authorization");
String user_text=new String();
String password_text=new String();

if (authorization == null)
{
htmlOutputStream.print("Unable to find the Authorization Info !!");
}
else
{
String userInfo = authorization.substring(6).trim();
BASE64Decoder decoder = new BASE64Decoder();
String namePassword = new String(decoder.decodeBuffer(userInfo));
int index = namePassword.indexOf(":");
user_text = namePassword.substring(0, index);
password_text = namePassword.substring(index+1);
}
//*************************************************************************************

userID = new String (user_text);
password = new String (password_text);

if (authorization != null)
{
htmlOutputStream.print("Now to display the user ID and password ");
htmlOutputStream.print(userID);
htmlOutputStream.print (password);
}
else
{
response.setStatus( HttpServletResponse.SC_UNAUTHORIZED );
response.setHeader( "WWW-authenticate", "basic realm=\"realm-name\"" );
String msg = "<HTML><HEAD></HEAD><BODY>Authorization Failure</BODY></html>";
response.setContentType( "text/html" );
response.setContentLength( msg.length( ) );
htmlOutputStream.print( msg );
htmlOutputStream.flush( );
return;
}

Pls let me know what the problem is..

viswa081400

hey vijay,
Can you give details about the exception??

viswa081400

I guess one more thing is that you need to open the outPut stream only after you set the headers, contnent length and status.

Make sure you open the streams at the correct places.

gvijay1

ASKER

Hi viswa,

This is the error that is printed when this occurs. The browser does ask to enter in the user id and pswd for the second time, so I am sure the code is forcing it to authenticate again. however, once the authentication is done, it throws an exception.

Error 500

An error has occured while processing request: http://10.201.213.2:8022/ISCCONV/servlet/XMLTransaction

Message:Server caught unhandled exception from servlet [XMLTransaction]
Target Servlet: XMLTransaction

DO u have any idea what the error is??

-gvijay1

viswa081400

Can you print the complete code. I wanna look where the streams are intialized and other stuff

gvijay1

ASKER

Hi Viswa,

Thanks again. here is the complete code. I believe that only the first couple of lines, until I extract the user name and password are going to be relevant here. The rest is pretty redundant. Also, the function call to "re-authorize" is at the bottom.

import java.io.*;
import java.util.*;
import javax.servlet.*;
import javax.servlet.http.*;
import com.ibm.connector.cics.*;
import com.ibm.connector.*;
import com.ibm.ctg.client.*;
import org.xml.sax.SAXException;
import org.apache.xalan.xslt.XSLTProcessorFactory;
import org.apache.xalan.xslt.XSLTInputSource;
import org.apache.xalan.xslt.XSLTResultTarget;
import org.apache.xalan.xslt.XSLTProcessor;
import sun.misc.BASE64Decoder;

public class XMLTransaction extends HttpServlet {

 // Constants
 private final static String aclsTransactionStartTag = "<TRANSACTION>";
 private final static String aclsTransactionEndTag = "</TRANSACTION>";
 private final static String aclsTransCodeTag = "<TRAN-TRN-COD>";
 private final static String aclsResponseStartTag = "<ACLS-RESPONSE>";
 private final static String aclsResponseEndTag = "</ACLS-RESPONSE>";
 private final static String aclsRequestStartTag = "<ACLS-REQUEST>";
 private final static String aclsRequestEndTag = "</ACLS-REQUEST>";
 private final static String aclsTransactionResponseStartTag = "<TRANSACTION-RESPONSE>";
 private final static String aclsTransactionResponseEndTag = "</TRANSACTION-RESPONSE>";
 private final static String aclsDBIOResponseStartTag = "<DBIO-RESPONSE>";
 private final static String aclsDBIOResponseEndTag = "</DBIO-RESPONSE>";
 private final static String aclsTranRowCountStartTag = "<TRAN-ROW-COUNT>";
 private final static String aclsTranRowCountEndTag = "</TRAN-ROW-COUNT>";
 private final static String aclsTransactionCountStartTag = "<TRANSACTION-COUNT>";
 private final static String aclsTransactionCountEndTag = "</TRANSACTION-COUNT>";
 private final static String aclsDBIOStartTag = "<DBIO-SERVER>";
 private final static String aclsDBIOEndTag = "</DBIO-SERVER>";
 private final static String aclsRequestRejectedStartTag = "<REQUEST-REJECTED>";
 private final static String aclsRequestRejectedEndTag = "</REQUEST-REJECTED>";
 private final static String aclsRejectReasonStartTag = "<REJECT-REASON>";
 private final static String aclsRejectReasonEndTag = "</REJECT-REASON>";
 private final static String aclsRequestRejected00007Msg = "00007 ACCOUNT NOT ON FILE";
 private final static String aclsRequestRejected03890Msg ="03890 ACCT SCHEDULED FOR BACKDATING";
 private final static String aclsApplicationNotAvailMsg = "ACLS APPLICATION NOT AVAILABLE";
 private final static String aclsTranRowCount = "<TRAN-ROW-COUNT>";

 private final static int COMM_AREA_LENGTH = 10000;

 private static String CICS_REGION = "";
 private static String CICS_PROGRAM = "";
 private static String CICS_TRANSACTION = "";
 private static String ECI_SYNC_TYPE = "";
 private static String XSL_FILE_LOCATION = "";
 private static String XSL_FILE_EXTENSION = "";
 private static String SESSION_USERID_NAME = "";
 private static String SESSION_PASSWORD_NAME = "";
 private static String SESSION_TARGET_NAME = "";

 //user ID and password fields
 public String userID;
 public String password;

/**
* XMLTransaction constructor comment.
*/
public XMLTransaction() {
 super();
}
/**
* Insert the method's description here.
* Creation date: (06/08/2000 9:51:12 AM)
*/
public void doPost(HttpServletRequest req, HttpServletResponse res)
 throws ServletException, IOException {

 doGet(req,res);

}
/**
* This method takes as input the XML response from ACLS and converts it to HTML.
* The HTML is then written out to the Servlet HTML Response.
*/
public void doGet (HttpServletRequest request, HttpServletResponse response)
 throws ServletException, IOException {

 // For debugging
 Date debugDate = new Date();
 // Send debugging information to STDOUT
 boolean DEBUG = false;
 // Send debugging information as HTML to the web page.
 boolean DEBUG2 = true;

//**************************************************************************************
//Added by: Gunalan Vijayaratnam
//Date Modified: 6/19/2001
//Purpose: Security for the ACLS WebSite

 response.setContentType("text/html");
 ServletOutputStream htmlOutputStream = response.getOutputStream();

String authorization = request.getHeader("Authorization");
String user_text=new String();
String password_text=new String();

if (authorization == null)
{
 askForPassword(response);
}
else
{
String userInfo = authorization.substring(6).trim();
BASE64Decoder decoder = new BASE64Decoder();
String namePassword = new String(decoder.decodeBuffer(userInfo));
int index = namePassword.indexOf(":");
user_text = namePassword.substring(0, index);
password_text = namePassword.substring(index+1);
}
//*************************************************************************************

 if (user_text != null)
 {
 userID = new String (user_text);
 password = new String (password_text);
 }
 else
 {
 askForPassword(response);
 }

/*
 //Get the Session first
 HttpSession session = request.getSession(true);

 //Check if the session indicates that the user has supplied a user id and password
 userID = session.getValue(SESSION_USERID_NAME).toString();
 password = session.getValue(SESSION_PASSWORD_NAME).toString();

 if ( userID == null || password == null ) {

 //Save the request URL as the true target and redirect to the login page.
 session.putValue(SESSION_TARGET_NAME,request.getScheme() + "://" + request.getServerName() + "/aclsweb/Home.html");
 response.sendRedirect(request.getScheme() + "://" + request.getServerName() + "/aclsweb/Login.html");

 return;
 }
*/

 /* Convert web browser using XSL to ACLS Markup Language */
 // First, generate the input XML
 StringBuffer buf = new StringBuffer();
 boolean skipAclsCall = false;
 String passToResponseString = "";
 String requestFile = "", formatFile = "", errorFile = "";
 buf.append("<FORM-INPUT>");
 Vector transactions = new Vector();
 // Ignor index number zero(0). Put in a empty hash for index 0
 Hashtable emptyTran = new Hashtable();
 transactions.addElement(emptyTran);
 for (Enumeration e = request.getParameterNames() ; e.hasMoreElements() ; ) {
 String name = (String) e.nextElement();
 String value = (String) request.getParameter(name);
 if ( DEBUG )
 System.out.println(debugDate + " " + "name =" + name + ", value =" + value + ".");
 if ( name.equals("PASS_TO_RESPONSE") )
 passToResponseString = value;
 else if ( name.equals("BYPASS_ACLS") ) {
 if ( value.toUpperCase().equals("TRUE") )
 skipAclsCall = true;
 }
 else if ( name.equals("REQUEST_FILE") )
 requestFile = value;
 else if ( name.equals("ERROR_FILE") )
 errorFile = value;
 else if ( name.equals("FORMAT_FILE") )
 formatFile = value;
 else {
 // Check for multiline stuff. If name has "__number" at the end (for example, __3),
 // strip and pack in a transaction
 int rowNumber = 0;
 String tranName = "";
 try {
 int underscoreIndex = name.lastIndexOf("__");
 rowNumber = Integer.parseInt(name.substring(underscoreIndex + 2));
 String elementName = name.substring(0, underscoreIndex);
 if ( transactions.size() < rowNumber + 1 ) {
 transactions.setSize(rowNumber + 1);
 Hashtable newTran = new Hashtable();
 newTran.put(elementName, value);
 transactions.setElementAt(newTran, rowNumber);
 }
 else {
 if ( transactions.elementAt(rowNumber) == null ) {
 Hashtable newTran = new Hashtable();
 newTran.put(elementName, value);
 transactions.setElementAt(newTran, rowNumber);
 }
 else {
 ((Hashtable) transactions.elementAt(rowNumber)).put(elementName, value);
 }
 }
 }
 catch (NumberFormatException ignored) {
 buf.append("<").append(name).append(">").append(value).append("</").append(name).append(">");
 }
 catch (IndexOutOfBoundsException alsoIgnored) {
 buf.append("<").append(name).append(">").append(value).append("</").append(name).append(">");
 }
 }
 }

 // Get multiline info, pack into transactions.
 StringBuffer newTranBuf = new StringBuffer();
 if ( transactions.size() > 1 ) {

 for ( int i = 1 ; i < transactions.size() ; i++ ) {
 StringBuffer tranBuf = new StringBuffer();
 boolean includeTran = false;
 tranBuf.append(aclsTransactionStartTag);
 Hashtable tran = (Hashtable) transactions.elementAt(i);
 for (Enumeration e = tran.keys() ; e.hasMoreElements() ; ) {
 String name = (String) e.nextElement();
 String value = (String) tran.get(name);
 // TRAN_TRN_COD acts as a flag. If a value is not specified, then do not execute a transaction.
 if ( name.equals("TRAN_TRN_COD") && value.length() > 0 ) {
 includeTran = true;
 }
 tranBuf.append("<").append(name).append(">").append(value).append("</").append(name).append(">");
 }
 tranBuf.append(aclsTransactionEndTag);
 if ( includeTran ) {
 newTranBuf.append(tranBuf);
 }
 }
 }
 buf.append(newTranBuf);

 buf.append("</FORM-INPUT>");

 if ( DEBUG )
 System.out.println(debugDate + " " + "buf:" + buf.toString() + ":buf");

 if ( DEBUG2 ) {

 htmlOutputStream.println("The following XML was generated on the form:");
 htmlOutputStream.println("");
 processXSLTError(htmlOutputStream, buf.toString());
 htmlOutputStream.println("");
 htmlOutputStream.flush();
 }

 if ( DEBUG )
 System.out.println(debugDate + " " + "requestFile:" + requestFile.toString() + ":requestFile");

// The transaction must specify a request file.
if ( requestFile.equals("") ) {

 htmlOutputStream.println("System error: Please contact the System Administrator.");
 htmlOutputStream.println("");
 htmlOutputStream.println("the application must specify a request file.");
 htmlOutputStream.println("");
 return;
 }
 // The transaction must specify a format file.
 if ( formatFile.equals("") ) {

 htmlOutputStream.println("System error: Please contact the System Administrator.");
 htmlOutputStream.println("");
 htmlOutputStream.println("the application must specify a format file.");
 htmlOutputStream.println("");
 return;
 }

 // Second, process the XML using XSL
 StringWriter aclsRequestWriter = new StringWriter();
 try {
 XSLTProcessor processor = XSLTProcessorFactory.getProcessor();
 processor.process(new XSLTInputSource(new StringReader(buf.toString())),
 new XSLTInputSource(XSL_FILE_LOCATION + "/" + requestFile + "." + XSL_FILE_EXTENSION),
 new XSLTResultTarget(aclsRequestWriter));
 }
 catch (Exception e)
 {

 DefaultErrorProcess(htmlOutputStream, e.toString());
 return;
 }

 String aclsXSLTRequest = aclsRequestWriter.toString().trim();

 if ( DEBUG2 ) {

 htmlOutputStream.println("The following XML was generated by the XSLT for the application:");
 htmlOutputStream.println("");
 processXSLTError(htmlOutputStream, aclsXSLTRequest);
 htmlOutputStream.println("");
 htmlOutputStream.flush();
 }

 String aclsRequest = processNumericRequest(aclsXSLTRequest, requestFile);

 /* Encode application user ID and password. */
 if ( aclsRequest.indexOf("<TRAN-USERID") < 0 ) {
 int open = aclsRequest.indexOf("</TRANSACTION>");
 if ( open >= 0 ) {
 String newRequest = aclsRequest.substring(0, open) +
 "<TRAN-USERID>" + userID + "</TRAN-USERID>" +
 aclsRequest.substring(open);
 aclsRequest = newRequest;
 }
 }

 if ( DEBUG )
 System.out.println(debugDate + " " + "aclsRequest:" + aclsRequest + ":aclsRequest");

 String aclsResponse;
 StringBuffer multilineResponse;

 if ( skipAclsCall ) {
 aclsResponse = aclsResponseStartTag + aclsTransactionResponseStartTag +
 aclsTransactionResponseEndTag + aclsResponseEndTag;
 }
 else {
 JavaGateway jgaConnection = null;
 try {
 // Create the gateway
 jgaConnection = new JavaGateway();
 // Setup the connection
 jgaConnection.setURL("local:");
 // Open the connection
 jgaConnection.open();
 // Create the communication area byte array
 byte [] commArea = initCommArea(aclsRequest, COMM_AREA_LENGTH);
 // Create the ECI request
 ECIRequest eciRequest = new ECIRequest(
 getECISyncType(), // Specify synchronous transaction (required to utilize the CICS Tran ID)
 CICS_REGION, // CICS Region
 userID, // User ID
 password, // Password
 CICS_PROGRAM, // Program Name
 CICS_TRANSACTION, // CICS transaction ID
 commArea // Communication area byte array created above
 );
 // Execute the acls cics transaction
 jgaConnection.flow(eciRequest);
 // Get the response
 aclsResponse = new String(eciRequest.Commarea).trim();
 if ( aclsResponse.equals(aclsRequest) ) {

 DefaultErrorProcess(htmlOutputStream, "You are unable to connect!");
 return;
 }
 }
 catch (CICSResourceException e)
 {
 DefaultErrorProcess(htmlOutputStream, e.toString());
 return;
 }
 catch (IOException ioe)
 {
 DefaultErrorProcess(htmlOutputStream, ioe.toString());
 return;
 }
 catch (CommunicationException ce)
 {
 DefaultErrorProcess(htmlOutputStream, ce.toString());
 return;
 }
 catch (Exception e)
 {

 DefaultErrorProcess(htmlOutputStream, e.toString());
 return;
 }
 finally {
 // Close the connection
 if ( jgaConnection != null ) {
 jgaConnection.close();
 }
 }

 }

 if ( DEBUG )
 System.out.println(debugDate + " " + "aclsResponse:" + aclsResponse + ":aclsResponse");

 if ( DEBUG2 ) {

 htmlOutputStream.println("The following XML was received from the application:");
 htmlOutputStream.println("");
 processXSLTError(htmlOutputStream, aclsResponse);
 htmlOutputStream.println("");
 htmlOutputStream.flush();
 }

 // Include the request in the response.
 String aclsStart = aclsResponseStartTag + aclsTransactionResponseStartTag;
 String aclsEnd = aclsTransactionResponseEndTag + aclsResponseEndTag;
 String fullResponse = "";

 // Check to see if the request was rejected.
 StringBuffer rejectStringBuff = new StringBuffer(aclsRequestRejectedStartTag).append(aclsRejectReasonStartTag)
 .append(aclsRequestRejected00007Msg)
 .append(aclsRejectReasonEndTag).append(aclsRequestRejectedEndTag);

 String rejectString = rejectStringBuff.toString();

 if ( aclsResponse.indexOf(aclsRequestRejectedStartTag) >= 0 &&
 // If multi-line and 00007 message is only error, the request is not really rejected
 ! ( aclsRequest.indexOf(aclsTranRowCount) >= 0 && aclsResponse.indexOf(rejectString) >= 0 &&
 aclsResponse.indexOf(aclsRejectReasonStartTag, aclsResponse.indexOf(aclsRejectReasonStartTag) + 1) < 0 )) {
 // If rejected, include transaction request and all field elements.
 // Consider multi-line stuff

 int requestCursor = aclsRequestStartTag.length();
 int responseCursor = 0;
 StringBuffer responseBuf = new StringBuffer();
 // 1: Insert ACLS-RESPONSE
 String appendStr = aclsResponse.substring(0, aclsResponseStartTag.length());
 responseBuf.append(appendStr);
 responseCursor += appendStr.length();
 boolean firstPass = true;
 boolean ListTrans = false;
 boolean NextTrans = false;

 int TransCodeidx = aclsRequest.indexOf(aclsTransCodeTag);

 if ((aclsRequest.substring(TransCodeidx + aclsTransCodeTag.length(),TransCodeidx + aclsTransCodeTag.length()+1)).equals("L")) {
 ListTrans = true;
 passToResponseString += aclsRequest.substring(aclsRequestStartTag.length(), aclsRequest.indexOf(aclsTransactionEndTag, aclsRequestStartTag.length()) + aclsTransactionEndTag.length());

 }

 if ((aclsRequest.substring(TransCodeidx + aclsTransCodeTag.length(),TransCodeidx + aclsTransCodeTag.length()+1)).equals("N")) {
 NextTrans = true;
 passToResponseString += aclsRequest.substring(aclsRequestStartTag.length(), aclsRequest.indexOf(aclsTransactionEndTag, aclsRequestStartTag.length()) + aclsTransactionEndTag.length());
 }

 String DBIOServerStr = "";

 if (aclsRequest.indexOf(aclsDBIOStartTag) >= 0 ) {

 DBIOServerStr = aclsRequest.substring( aclsRequest.indexOf(aclsDBIOStartTag),aclsRequest.indexOf(aclsDBIOEndTag) + aclsDBIOEndTag.length());
 aclsRequest = aclsRequest.substring(0,aclsRequest.indexOf(DBIOServerStr)).concat(aclsRequestEndTag);
 }

 String DBIOResponseStr = "";

 if (aclsResponse.indexOf(aclsDBIOResponseStartTag) >= 0 ) {

 DBIOResponseStr = aclsResponse.substring( aclsResponse.indexOf(aclsDBIOResponseStartTag),aclsResponse.indexOf(aclsDBIOResponseEndTag) + aclsDBIOResponseEndTag.length());
 aclsResponse = aclsResponse.substring(0,aclsResponse.indexOf(DBIOResponseStr)).concat(aclsResponseEndTag);
 }

 while ( responseCursor < ( aclsResponse.length() - aclsResponseEndTag.length() - 1 ) ) {
 // Check transaction by transaction. If successful, just include the response. Otherwise,
 // include the request and the response.
 StringBuffer successTran = new StringBuffer();
 StringBuffer failTran = new StringBuffer();
 boolean success = true;

 // 2: Add TRANSACTION-RESPONSE
 appendStr = aclsResponse.substring(responseCursor, responseCursor + aclsTransactionResponseStartTag.length());
 responseCursor += appendStr.length();

 failTran.append(appendStr);
 successTran.append(appendStr);

 if ( firstPass ) {

 firstPass = false;
 failTran.append(passToResponseString);
 successTran.append(passToResponseString);

 }

 // 3: Add the transaction request to the buffer

 appendStr = aclsRequest.substring(requestCursor, aclsRequest.indexOf(aclsTransactionEndTag, requestCursor) + aclsTransactionEndTag.length());

 if(! ListTrans && ! NextTrans )
 requestCursor += appendStr.length();

 failTran.append(appendStr);

 // 4: Add the transaction request data to the buffer

 String tran = appendStr;
 appendStr = tran.substring(aclsTransactionStartTag.length(), tran.length() - aclsTransactionEndTag.length());
 failTran.append(appendStr);

 // 5: Add the transaction response data to the buffer
 appendStr = aclsResponse.substring(responseCursor, aclsResponse.indexOf(aclsTransactionResponseEndTag, responseCursor));
 responseCursor += appendStr.length();
 failTran.append(appendStr);
 successTran.append(appendStr);

 if ( appendStr.indexOf(aclsRequestRejectedStartTag) >= 0 )
 success = false;
 // 6: Add /TRANSACTION-RESPONSE
 appendStr = aclsResponse.substring(responseCursor, responseCursor + aclsTransactionResponseEndTag.length());
 responseCursor += appendStr.length();
 failTran.append(appendStr);
 successTran.append(appendStr);

 // Check if successful transaction.
 if ( success )
 responseBuf.append(successTran);
 else
 responseBuf.append(failTran);
 }

 responseBuf.append(DBIOResponseStr);
 // 7: Insert /ACLS-RESPONSE

 appendStr = aclsResponse.substring(responseCursor);
 responseBuf.append(appendStr);
 responseCursor += appendStr.length();
 //fullResponse = aclsResponse.substring(0, aclsStart.length()) +
 // aclsRequest.substring(aclsRequestStartTag.length(), aclsRequest.length() - aclsRequestEndTag.length()) +
 // passToResponseString +
 // aclsRequest.substring(aclsRequestStartTag.length() + aclsTransactionStartTag.length(), aclsRequest.length() - aclsRequestEndTag.length() - aclsTransactionEndTag.length()) +
 // aclsResponse.substring(aclsStart.length());
 fullResponse = responseBuf.toString().trim();
 // If an error file is specified, use the error file.
 if ( ! errorFile.equals("") )
 formatFile = errorFile;
 }
 else {

 if ( aclsResponse.indexOf(aclsDBIOResponseStartTag) >= 0 && aclsResponse.indexOf(aclsTransactionResponseStartTag) < 0) {

 // DBIO response
 aclsStart = aclsResponseStartTag + aclsDBIOResponseStartTag;
 aclsEnd = aclsResponseEndTag + aclsDBIOResponseEndTag;
 fullResponse = aclsResponse.substring(0, aclsStart.length()) +
 aclsRequest.substring(aclsRequestStartTag.length(), aclsRequest.length() - aclsRequestEndTag.length()) +
 passToResponseString +
 aclsResponse.substring(aclsStart.length());
 }
 else {
 // Transaction response
 fullResponse = aclsResponse.substring(0, aclsStart.length()) +
 aclsRequest.substring(aclsRequestStartTag.length(), aclsRequest.length() - aclsRequestEndTag.length()) +
 passToResponseString +
 aclsResponse.substring(aclsStart.length());
 }
 }

 // Check for multiple transactions where the request is for more than one transaction
 // based on TRAN-ROW-COUNT, and fewer were returned because there were no more available.
 // If TRAN-ROW-COUNT is NOT specified, TRANSACTION-COUNT is specified.
 if ( aclsRequest.indexOf(aclsTranRowCountStartTag) >= 0 || fullResponse.indexOf(aclsTransactionCountStartTag) >= 0 ) {
 int tranRequestCount = 0;
 if ( aclsRequest.indexOf(aclsTranRowCountStartTag) >= 0 ) {

 tranRequestCount = new Integer(aclsRequest.substring(
 aclsRequest.indexOf(aclsTranRowCountStartTag) + aclsTranRowCountStartTag.length(),
 aclsRequest.indexOf(aclsTranRowCountEndTag))).intValue();
 }
 else {
 tranRequestCount = new Integer(fullResponse.substring(
 fullResponse.indexOf(aclsTransactionCountStartTag) + aclsTransactionCountStartTag.length(),
 fullResponse.indexOf(aclsTransactionCountEndTag))).intValue();
 }
 int tranRowCount = 0;
 int tranStart = -1, lastTranStart = -1;
 while ( (tranStart = aclsResponse.indexOf(aclsTransactionResponseStartTag, tranStart + 1)) >= 0 ) {
 tranRowCount += 1;
 lastTranStart = tranStart;
 }
 // add the transactions
 String newTran = aclsTransactionResponseStartTag + aclsTransactionResponseEndTag;
 StringBuffer additionalTran = new StringBuffer();
 while (tranRowCount < tranRequestCount) {
 additionalTran.append(newTran);
 tranRowCount++;
 }
 String newResponse = fullResponse.substring(0, fullResponse.length() - aclsResponseEndTag.length()) +
 additionalTran.toString() +
 fullResponse.substring(fullResponse.length() - aclsResponseEndTag.length());
 fullResponse = newResponse;
 }

 if ( DEBUG )
 System.out.println(debugDate + " " + "fullResponse:" + fullResponse + ":fullResponse");

 aclsResponse = processNumericResponse(fullResponse);

 try {
 StringWriter aclsResponseWriter = new StringWriter();
 XSLTProcessor processor = XSLTProcessorFactory.getProcessor();
 processor.process(new XSLTInputSource(new StringReader(aclsResponse)),
 new XSLTInputSource(XSL_FILE_LOCATION + "/" + formatFile + "." + XSL_FILE_EXTENSION),
 //new XSLTResultTarget(so));
 new XSLTResultTarget(aclsResponseWriter));
 htmlOutputStream.print(aclsResponseWriter.toString().trim());
 }
 catch (Exception e)
 {

 DefaultErrorProcess(htmlOutputStream, e.toString());
 }

}
/**
* Check the ECI request type.
* Creation date: (1/25/01 2:07:50 PM)
* @return int
*/
public int getECISyncType() {

 if ( ECI_SYNC_TYPE.equals("ECI_SYNC") ) {
 return ECIRequest.ECI_SYNC;
 }
 else if ( ECI_SYNC_TYPE.equals("ECI_SYNC_TPN") ) {
 return ECIRequest.ECI_SYNC_TPN;
 }
 else if ( ECI_SYNC_TYPE.equals("ECI_ASYNC") ) {
 return ECIRequest.ECI_ASYNC;
 }
 else if ( ECI_SYNC_TYPE.equals("ECI_ASYNC_TPN") ) {
 return ECIRequest.ECI_ASYNC_TPN;
 }

 return ECIRequest.ECI_SYNC_TPN;

}
/**
* Insert the method's description here.
* Creation date: (1/25/01 1:58:10 PM)
*/
public void init(ServletConfig config) throws javax.servlet.ServletException {

 super.init(config);

 try {

 // figure out the name of the props file
 String propsfilename = getClass().getName().replace('.', '/') + ".props";

 // this approach will read from the top of any CLASSPATH entry
 InputStream is = getClass().getResourceAsStream("/" + propsfilename);
 Properties p = new Properties();

 // load the file into the Properties object
 p.load(is);

 // set the properties
 this.CICS_REGION = p.getProperty("CICS_REGION");
 this.CICS_PROGRAM = p.getProperty("CICS_PROGRAM");
 this.CICS_TRANSACTION = p.getProperty("CICS_TRANSACTION");
 this.ECI_SYNC_TYPE = p.getProperty("ECI_SYNC_TYPE");
 this.XSL_FILE_LOCATION = p.getProperty("XSL_FILE_LOCATION");
 this.XSL_FILE_EXTENSION = p.getProperty("XSL_FILE_EXTENSION");
 this.SESSION_USERID_NAME = p.getProperty("SESSION_USERID_NAME");
 this.SESSION_PASSWORD_NAME = p.getProperty("SESSION_PASSWORD_NAME");
 this.SESSION_TARGET_NAME = p.getProperty("SESSION_TARGET_NAME");

 }
 catch (Exception e) {
 throw new RuntimeException("UNABLE TO INITIALIZE, EXITING...");
 }

}
/**
* Insert the method's description here.
* Creation date: (1/23/01 3:17:09 PM)
*/
private byte[] initCommArea(String data, int size) {

 // Method logic obtained from Chapter 17.3.6, Java Programming Guide for OS/390

 // Build a temporary byte array
 byte [] dataBytes = data.getBytes();

 // Create the new communication area
 byte [] theCommArea = new byte[size];

 // Copy the data to the communication area
 System.arraycopy(dataBytes, 0, theCommArea, 0, dataBytes.length);

 // Fill the rest of the communication area with 0
 for ( int c = dataBytes.length ; c < size ; c++ ) {
 theCommArea[c] = 0;
 }

 return theCommArea;

}
/**
* Insert the method's description here.
* Creation date: (1/25/01 9:39:59 AM)
*/
private String processNumericRequest(String aclsRequest, String requestFile) {

 String newRequest = "";

 if ( requestFile.equals("Request_CCOD") || requestFile.equals("Request_ICOD") ) {
 int open = aclsRequest.indexOf("<X10-98");
 int close = aclsRequest.indexOf("</X10-98");
 if ( open > 0 && close > 0 ) {
 newRequest = aclsRequest.substring(0, open) +
 "<10-98" +
 aclsRequest.substring(open + 7, close) +
 "</10-98" +
 aclsRequest.substring(close + 8);
 aclsRequest = newRequest;
 }
 }

 if ( requestFile.equals("Request_CDQY") || requestFile.equals("Request_IDQY") ) {
 int open = aclsRequest.indexOf("<X1ST-N");
 int close = aclsRequest.indexOf("</X1ST-N");
 if ( open > 0 && close > 0 ) {
 newRequest = aclsRequest.substring(0, open) +
 "<1ST-N" +
 aclsRequest.substring(open + 7, close) +
 "</1ST-N" +
 aclsRequest.substring(close + 8);
 aclsRequest = newRequest;
 }
 open = aclsRequest.indexOf("<X2ND-N");
 close = aclsRequest.indexOf("</X2ND-N");
 if ( open > 0 && close > 0 ) {
 newRequest = aclsRequest.substring(0, open) +
 "<2ND-N" +
 aclsRequest.substring(open + 7, close) +
 "</2ND-N" +
 aclsRequest.substring(close + 8);
 aclsRequest = newRequest;
 }
 }

 //Making changes to include the IIC1 and CIC1 screens
 //Made on 3/14 by Gunalan Vijayaratnam

 if ( requestFile.equals("Request_IIC1") || requestFile.equals("Request_CIC1") )
 {
 int open = aclsRequest.indexOf("<X1ST-D");
 int close = aclsRequest.indexOf("</X1ST-D");
 if ( open > 0 && close > 0 )
 {
 newRequest = aclsRequest.substring(0, open) +
 "<1ST-D" +
 aclsRequest.substring(open + 7, close) +
 "</1ST-D" +
 aclsRequest.substring(close + 8);
 aclsRequest = newRequest;
 }
 open = aclsRequest.indexOf("<X1ST-P");
 close = aclsRequest.indexOf("</X1ST-P");
 if ( open > 0 && close > 0 )
 {
 newRequest = aclsRequest.substring(0, open) +
 "<1ST-P" +
 aclsRequest.substring(open + 7, close) +
 "</1ST-P" +
 aclsRequest.substring(close + 8);
 aclsRequest = newRequest;
 }
 }
 //End of Changes to include IIIC1 and CIC1 screens

 //***********************************************************************
 //Change to accomodate CDEPA for change transaction
 //***********************************************************************
 if (requestFile.equals("CDEPA") )
 {
 int open = aclsRequest.indexOf("<1ST-N");
 int close = aclsRequest.indexOf("</1ST-N");
 if ( open > 0 && close > 0 )
 {
 newRequest = aclsRequest.substring(0, open) +
 "<X1ST-N" +
 aclsRequest.substring(open + 6, close) +
 "</X1ST-N" +
 aclsRequest.substring(close + 7);
 aclsRequest = newRequest;
 }

 open = aclsRequest.indexOf("<1ST-N");
 close = aclsRequest.indexOf("</1ST-N");
 if ( open > 0 && close > 0 )
 {
 newRequest = aclsRequest.substring(0, open) +
 "<X1ST-N" +
 aclsRequest.substring(open + 6, close) +
 "</X1ST-N" +
 aclsRequest.substring(close + 7);
 aclsRequest = newRequest;
 }
 }
 //End of changek

 return aclsRequest;
}
/**
* Modify the response to eliminate XML tags that start with a number.
* Creation date: (1/26/01 12:32:22 PM)
* @return java.lang.String
* @param aclsResponse java.lang.String
*/
public String processNumericResponse(String aclsResponse) {

 String tranCodeStartTag = "<TRAN-TRN-COD>", tranCodeEndTag = "</TRAN-TRN-COD>";
 String tranCode = "";
 if ( aclsResponse.indexOf(tranCodeStartTag) >= 0 ) {
 tranCode = aclsResponse.substring(aclsResponse.indexOf(tranCodeStartTag) + tranCodeStartTag.length(),
 aclsResponse.indexOf(tranCodeEndTag));
 }

 // XML does not allow tags to start with a number
 if ( tranCode.equals("CCOD") || tranCode.equals("ICOD") || tranCode.equals("IICOD")) {
 // Have COD transaction
 int open = aclsResponse.indexOf("<10-98");
 int close = aclsResponse.indexOf("</10-98");
 if ( open > 0 && close > 0 ) {
 String newResponse = aclsResponse.substring(0, open) +
 "<X10-98" +
 aclsResponse.substring(open + 6, close) +
 "</X10-98" +
 aclsResponse.substring(close + 7);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<10-98");
 close = aclsResponse.indexOf("</10-98");
 if ( open > 0 && close > 0 ) {
 String newResponse = aclsResponse.substring(0, open) +
 "<X10-98" +
 aclsResponse.substring(open + 6, close) +
 "</X10-98" +
 aclsResponse.substring(close + 7);
 aclsResponse = newResponse;
 }
 }

 if ( tranCode.equals("IIDQY") || tranCode.equals("IDQY") || tranCode.equals("CDQY")) {
 // Have DQY transaction
 int open = aclsResponse.indexOf("<2ND-N");
 int close = aclsResponse.indexOf("</2ND-N");
 if ( open > 0 && close > 0 ) {
 String newResponse = aclsResponse.substring(0, open) +
 "<X2ND-N" +
 aclsResponse.substring(open + 6, close) +
 "</X2ND-N" +
 aclsResponse.substring(close + 7);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<2ND-N");
 close = aclsResponse.indexOf("</2ND-N");
 if ( open > 0 && close > 0 ) {
 String newResponse = aclsResponse.substring(0, open) +
 "<X2ND-N" +
 aclsResponse.substring(open + 6, close) +
 "</X2ND-N" +
 aclsResponse.substring(close + 7);
 aclsResponse = newResponse;
 }

 open = aclsResponse.indexOf("<1ST-N");
 close = aclsResponse.indexOf("</1ST-N");
 if ( open > 0 && close > 0 ) {
 String newResponse = aclsResponse.substring(0, open) +
 "<X1ST-N" +
 aclsResponse.substring(open + 6, close) +
 "</X1ST-N" +
 aclsResponse.substring(close + 7);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<1ST-N");
 close = aclsResponse.indexOf("</1ST-N");
 if ( open > 0 && close > 0 ) {
 String newResponse = aclsResponse.substring(0, open) +
 "<X1ST-N" +
 aclsResponse.substring(open + 6, close) +
 "</X1ST-N" +
 aclsResponse.substring(close + 7);
 aclsResponse = newResponse;
 }
 }

//*********************************************************************************************
//Change made by Gunalan Vijayaratnam
//DEPA and IVR Inquiry screen on 4/3/2001
//Associated change made to the Format_IDEPA.xsl file to change 1ST-N to X1ST-N
//Associated change made to the Format_IVR.xsl file to change 8-10- to X8-10-
//*********************************************************************************************

 if ( tranCode.equals("IDEPA") || tranCode.equals("CDEPA") )
 {
 int open = aclsResponse.indexOf("<1ST-N");
 int close = aclsResponse.indexOf("</1ST-N");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X1ST-N" +
 aclsResponse.substring(open + 6, close) +
 "</X1ST-N" +
 aclsResponse.substring(close + 7);
 aclsResponse = newResponse;
 }

 open = aclsResponse.indexOf("<1ST-N");
 close = aclsResponse.indexOf("</1ST-N");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X1ST-N" +
 aclsResponse.substring(open + 6, close) +
 "</X1ST-N" +
 aclsResponse.substring(close + 7);
 aclsResponse = newResponse;
 }
 }

 //Change to the IVR screen

 if (tranCode.equals("IIVR"))
 {
 int open = aclsResponse.indexOf("<8-10-C");
 int close = aclsResponse.indexOf("</8-10-C");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X8-10-C" +
 aclsResponse.substring(open + 7, close) +
 "</X8-10-C" +
 aclsResponse.substring(close + 8);
 aclsResponse = newResponse;
 }

 open = aclsResponse.indexOf("<8-10-C");
 close = aclsResponse.indexOf("</8-10-C");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X8-10-C" +
 aclsResponse.substring(open + 7, close) +
 "</X8-10-C" +
 aclsResponse.substring(close + 8);
 aclsResponse = newResponse;
 }
 }
//******************* end of SSN and IVR screen change **********************************************

 if ( tranCode.equals("IDELQ")) {
 // Have DELQ transaction
 int open = aclsResponse.indexOf("<24-CY");
 int close = aclsResponse.indexOf("</24-CY");
 if ( open > 0 && close > 0 ) {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-CY" +
 aclsResponse.substring(open + 6, close) +
 "</X24-CY" +
 aclsResponse.substring(close + 7);
 aclsResponse = newResponse;
 }
 }

 if ( tranCode.equals("IIPHS")) {
 // Have PHS transaction
 int open = aclsResponse.indexOf("<1ST-L");
 int close = aclsResponse.indexOf("</1ST-L");
 if ( open > 0 && close > 0 ) {
 String newResponse = aclsResponse.substring(0, open) +
 "<X1ST-L" +
 aclsResponse.substring(open + 6, close) +
 "</X1ST-L" +
 aclsResponse.substring(close + 7);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<2ND-L");
 close = aclsResponse.indexOf("</2ND-L");
 if ( open > 0 && close > 0 ) {
 String newResponse = aclsResponse.substring(0, open) +
 "<X2ND-L" +
 aclsResponse.substring(open + 6, close) +
 "</X2ND-L" +
 aclsResponse.substring(close + 7);
 aclsResponse = newResponse;
 }

 }

 if ( tranCode.equals("LIPAY") || tranCode.equals("NIPAY") ){
 // Have PHS transaction
 int open = aclsResponse.indexOf("<1ST-L");
 int close = aclsResponse.indexOf("</1ST-L");
 if ( open > 0 && close > 0 ) {
 String newResponse = aclsResponse.substring(0, open) +
 "<X1ST-L" +
 aclsResponse.substring(open + 6, close) +
 "</X1ST-L" +
 aclsResponse.substring(close + 7);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<2ND-L");
 close = aclsResponse.indexOf("</2ND-L");
 if ( open > 0 && close > 0 ) {
 String newResponse = aclsResponse.substring(0, open) +
 "<X2ND-L" +
 aclsResponse.substring(open + 6, close) +
 "</X2ND-L" +
 aclsResponse.substring(close + 7);
 aclsResponse = newResponse;
 }

 }

 //Making changes to include the IIIC1, CIC1 and IIC1 screens
 //Made on 3/14 by Gunalan Vijayaratnam

 if ( tranCode.equals("IIIC1") || tranCode.equals("IIC1") || tranCode.equals("CIC1"))
 {

 int open = aclsResponse.indexOf("<1ST-D");
 int close = aclsResponse.indexOf("</1ST-D");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X1ST-D" +
 aclsResponse.substring(open + 6, close) +
 "</X1ST-D" +
 aclsResponse.substring(close + 7);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<1ST-P");
 close = aclsResponse.indexOf("</1ST-P");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X1ST-P" +
 aclsResponse.substring(open + 6, close) +
 "</X1ST-P" +
 aclsResponse.substring(close + 7);
 aclsResponse = newResponse;
 }
 }
 //End of changes

 //Making changes to include the ICBR Screens
 //Made on 3/14 by Gunalan Vijayaratnam

 if ( tranCode.equals("IICBR"))
 {

 int open = aclsResponse.indexOf("<24-"); //1st
 int close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //2nd
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //3rd
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //4th
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //5th
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //6th
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //7th
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //8th
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //9th
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //10th
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //11th
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //12th
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //13th
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //14th
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //15th
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //16th
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //17th
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //18th
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //19th
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //20th
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //21st
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //22nd
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //23rd
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //24th
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }
 open = aclsResponse.indexOf("<24-"); //25th
 close = aclsResponse.indexOf("</24-");
 if ( open > 0 && close > 0 )
 {
 String newResponse = aclsResponse.substring(0, open) +
 "<X24-" +
 aclsResponse.substring(open + 4, close) +
 "</X24-" +
 aclsResponse.substring(close + 5);
 aclsResponse = newResponse;
 }

 }//closes out the entire ICBR screen change to servlet

 return aclsResponse;
}
/**
* Insert the method's description here.
* Creation date: (1/24/01 2:15:44 PM)
* @param so javax.servlet.ServletOutputStream
* @param myXMLString java.lang.String
*/
private void processXSLTError(ServletOutputStream so, String myXMLString) throws IOException {

 StringTokenizer st = new StringTokenizer(myXMLString, "<>", true);

 int spaceCount = 0;
 String token1, token2, token3, token4, token5, token6, token7;
 String saveToken1 = "";

 so.print("");

 try {

 while (st.hasMoreTokens()) {
 if ( saveToken1.equals("") ) {
 token1 = st.nextToken();
 }
 else {
 token1 = saveToken1;
 }
 token2 = st.nextToken();
 token3 = st.nextToken();
 if ( token2.substring(0, 1).equals("/") ) {
 saveToken1 = "";
 spaceCount -= 4;
 for ( int i = 0 ; i < spaceCount ; i++ ) {
 so.print(" ");
 }
 so.print("<" + token2 + "> ");
 }
 else {
 token4 = st.nextToken();
 if ( token4.equals("<") ) {
 for ( int i = 0 ; i < spaceCount ; i++ ) {
 so.print(" ");
 }
 so.print("<" + token2 + "> ");
 spaceCount += 4;
 saveToken1 = token4;
 }
 else {
 saveToken1 = "";
 token5 = st.nextToken();
 token6 = st.nextToken();
 token7 = st.nextToken();
 for ( int i = 0 ; i < spaceCount ; i++ ) {
 so.print(" ");
 }
 so.print("<" + token2 + ">" + token4 + "<" + token6 + "> ");
 }
 }
 }

 }
 catch (NoSuchElementException nsee) {
 so.print("Unable to tokenize XML. ");
 }
 catch (Exception e) {
 so.print("Unable to tokenize XML. " + e.toString() + " ");
 }
 so.print("");

}

//*****************************************************************************************
//Code changed on 4/9 to display new html page when error occurs during processing
//Change made by Guna Vijayaratnam
//*****************************************************************************************

public void DefaultErrorProcess(ServletOutputStream so, String errorMessage) throws IOException
{
 so.print
 ("<HTML>\n"+
 "<HEAD>\n"+
 "<TITLE>ERROR!!</TITLE>\n"+
 "</HEAD>\n"+
 "<BODY>\n"+
 "<CENTER>\n"+
 ""+errorMessage+"\n"+
 "</CENTER>\n"+
 "</BODY></HTML>");
}

public void askForPassword(HttpServletResponse response)
{
 response.setStatus( response.SC_UNAUTHORIZED ); //ie 401 Error Code
 response.setHeader("WWW-Authenticate", "BASIC realm=\"privileged-few\"");
}

}//closes out the entire XMLTransaction class

viswa081400

Do you have a servlet log??
I guess you might be having more details about the exception logged into that.

Anyway from your code, I see that you do not exit if authentication fails. I guess the following changes are required.

1. Do not open the output stream until you are ready to write it. ie, for writing out authentication failure message open htmloutput stream in askForPassword method.
In your doGet method open stream only upon sucessful validation.

2. In your doGet method, you should end servicing the request upon calling askForPassword method. I see that the program seems to continue even after you call that method. I guess that methos should be followed by a return statement.

And your control can be somehting like this to avoid calling askForPassword method at multiple places.

if (authorization == null ) // can also add code to check ""
{
user_text = "invalid user";
password_text = "invalid password";
}
else
{
// extract userid and passowrd
}

//validate
if( !( user_text.equals( "valid" ) && validate_password ) )
{
askForPassword( response );
return;
}
// valid userid ... continue process
// open your output stream to write your data

gvijay1

ASKER

hi viswa,

I tried ur examplle and this is how the code looks now.

String authorization = request.getHeader("Authorization");
String user_text=new String("valid user");
String password_text=new String("valid password");

ServletOutputStream htmlOutputStream = response.getOutputStream();

if (authorization == null ) // can also add code to check ""
{
user_text = "invalid user";
password_text = "invalid password";
}
else
{
String userInfo = authorization.substring(6).trim();
BASE64Decoder decoder = new BASE64Decoder();
String namePassword = new String(decoder.decodeBuffer(userInfo));
int index = namePassword.indexOf(":");
user_text = namePassword.substring(0, index);
password_text = namePassword.substring(index+1);
}

// validate
if( user_text.equals("invalid user") && password_text.equals("invalid password") )
{
askForPassword( response);
return;
}
// valid userid ... continue process
//**************************************************************************************
//
//
public void askForPassword(HttpServletResponse response)
{
response.setStatus( response.SC_UNAUTHORIZED ); //ie 401 Error Code
response.setHeader("WWW-Authenticate", "BASIC realm=\"privileged-few\"");
}

This time, when I try to make a servlet call, I get a message box saying that the "Document contains no data. Try again later...blah, blah. Seems like I have done everything the same way, what is the issue now?

viswa081400

Hi vijay,

I have copied your code and made a few changes and tested it. It works fine. I'm attaching the piece of code for your reference. The only change is that i'm using different Base64Util class. And you have to use your actual validation parameters to validate.

public void service( HttpServletRequest req, HttpServletResponse res )
throws IOException, ServletException
{

String authorization = req.getHeader( "Authorization" );
String user_text = "";
String password_text = "";
if (authorization == null ) // can also add code to check ""
{
user_text = "invalid user";
password_text = "invalid password";
}
else
{
String userInfo = authorization.substring(6).trim();
//BASE64Decoder decoder = new BASE64Decoder();
//String namePassword = new String(decoder.decodeBuffer(userInfo));
String namePassword = Base64Util.Decode( userInfo );
int index = namePassword.indexOf(":");
user_text = namePassword.substring(0, index);
password_text = namePassword.substring(index+1);
}

// validate
if( ! ( user_text.equalsIgnoreCase("user") && password_text.equalsIgnoreCase("password") ))
{
askForPassword( res );
return;
}
ServletOutputStream htmlOutputStream = res.getOutputStream();
htmlOutputStream.print( "Success " );
// valid userid ... continue process
//**************************************************************************************
//
//

}

public void askForPassword(HttpServletResponse response) throws IOException
{
String unauthorized_msg = "<HTML><HEAD><TITLE>Authorization Failure</TITLE></HEAD><BODY> Authentication required to enter!!</BODY></HTML>";
ServletOutputStream sos = response.getOutputStream( );
response.setStatus( response.SC_UNAUTHORIZED ); //ie 401 Error Code
response.setHeader("WWW-Authenticate", "BASIC realm=\"privileged-few\"");
response.setContentType( "text/html" );
response.setContentLength( unauthorized_msg.length( ) );
byte[] ab = unauthorized_msg.getBytes( );
sos.print( unauthorized_msg );
sos.flush( );
sos.close();
}

gvijay1

ASKER

Hi Viswa,

First of all, I appreciate ur time and help in this matter. When I first enter the website the authentication message popps up and asks the user to validate himself. This is handled by WebSphere itself. After that point, I am merely trying to get the user name and password that was initially entered and use it to run transactions. Thus, I do not need to authenticate that the user is valid. It is handled initially. I am not sure if this changes how I approach this problem.

I tried the code u sent me, but I am still getting an unhandled exception and I am not sure at all where this is happening. Also, I am not sure if this is a websphere problem. Pls let me know if there is an easier way to do this??

gvijay1

ASKER

Viswa,

Another note...I notice u are doing this in the service method and not in the Get method. Does this make a difference? If so, how can I incorporate this into the existing servlet??

-Guna

viswa081400

Did you try looking into websphere log's??
The logs might contains more details about the exception.
If you can find that, it would be helpful to analyze the problem

gvijay1

ASKER

Hi Viswa,

I managed to look into the error logs and found the issue. The reason for the exception is that after the decoding, the following string is returned...

?ea?????EA?EE?

Thus, the substring function is not working and it gives the following exception..

?java.lang.StringIndexOutOfBoundsException: String index out of range: -1

DO you know how to convert this data back to regular text. That will solve my problem, I am sure.

-gvijay1

viswa081400

Check if the authorization header value starts with BASIC

gvijay1

ASKER

Hi,

I am pretty sure that the header starts with BASIC. Here is how the header is being set.

response.setHeader("WWW-Authenticate", "BASIC realm=\"privileged-few\"");

Could this be a server configuration issue??

gvijay1

ASKER

Thanks Viswa,

I will talk to the our server management guy to see if the settings are correct on the server.