asked on
HTTPS Authentication
I am trying to post to a aspx site and need some help generating the correct script in JAVA. HEre is what I have for instructions:
All clearinghouses will use ID and Password as the default authentication requirements. (e.g. no individual 3rd party certificates will be required beyond the normal ubiquitous SSL Internet certification process). User ID and Password authentication is based on a scripted process to be contained in the header of the HTTP Post Message, and not through a forms-based authentication model.
Certificate Information
All certificates are server side certificates that are generated internally. These certificates will not be verifiable through third party Certificate Authorities. The clearing house must accept the certificates as valid for the encryption process.
Authorization Process
Authorization is performed through HTTP Basic Authentication. In the Authentication request, the user agent supplies a header formatted in accordance with RFC 1617;
Authorization: Basic userid:password
The userid:password text is base64-encoded. The authorization request header for ;
Authorization: Basic joe:user will actually be transmitted as, Authorization Basic Q2hyaXNqOk1hcmlz.
The server will validate the user information and supply either a 200 : OK response with session cookies attached, or a 401 Not Authorized message. Once a user has been authorized, the user may then begin to post transactions
-----------------
I have the certificate correctly stored in the keystore, so tha part is ok. you may substitute the url for any known site, and create the test.txt file to have the code function. I have the following code so far:
import java.text.*;
import java.net.*;
import java.util.*;
import java.io.*;
import java.lang.*;
public class test
{
public static void main(String[] args)
{
try
{
URL PageUrl;
URLConnection GetConn = null;
GetConn = null;
PageUrl = new URL("https://mysecuresite.ashx");
//The above line returns error message:
//unable to find valid certification path to requested target
final String login ="login";
final String password ="password";
Authenticator.setDefault(n
protected PasswordAuthentication getPasswordAuthentication(
return new PasswordAuthentication (login, password.toCharArray());
}
});
GetConn = PageUrl.openConnection();
//establish connection:
GetConn.connect();
InputStreamReader ReadIn = new InputStreamReader(GetConn.
BufferedReader BufData = new BufferedReader(ReadIn);
String TextFileName = ("C:/test.txt");
FileWriter FWriter = new FileWriter(TextFileName);
BufferedWriter BWriter = new BufferedWriter(FWriter);
String UrlData = null;
while ((UrlData = BufData.readLine()) != null)
{
BWriter.write(UrlData);
BWriter.newLine();
}
BWriter.close();
}//end try
catch(IOException io)
{
System.out.println(io);
}
}
}
All clearinghouses will use ID and Password as the default authentication requirements. (e.g. no individual 3rd party certificates will be required beyond the normal ubiquitous SSL Internet certification process). User ID and Password authentication is based on a scripted process to be contained in the header of the HTTP Post Message, and not through a forms-based authentication model.
Certificate Information
All certificates are server side certificates that are generated internally. These certificates will not be verifiable through third party Certificate Authorities. The clearing house must accept the certificates as valid for the encryption process.
Authorization Process
Authorization is performed through HTTP Basic Authentication. In the Authentication request, the user agent supplies a header formatted in accordance with RFC 1617;
Authorization: Basic userid:password
The userid:password text is base64-encoded. The authorization request header for ;
Authorization: Basic joe:user will actually be transmitted as, Authorization Basic Q2hyaXNqOk1hcmlz.
The server will validate the user information and supply either a 200 : OK response with session cookies attached, or a 401 Not Authorized message. Once a user has been authorized, the user may then begin to post transactions
-----------------
I have the certificate correctly stored in the keystore, so tha part is ok. you may substitute the url for any known site, and create the test.txt file to have the code function. I have the following code so far:
import java.text.*;
import java.net.*;
import java.util.*;
import java.io.*;
import java.lang.*;
public class test
{
public static void main(String[] args)
{
try
{
URL PageUrl;
URLConnection GetConn = null;
GetConn = null;
PageUrl = new URL("https://mysecuresite.ashx");
//The above line returns error message:
//unable to find valid certification path to requested target
final String login ="login";
final String password ="password";
Authenticator.setDefault(n
protected PasswordAuthentication getPasswordAuthentication(
return new PasswordAuthentication (login, password.toCharArray());
}
});
GetConn = PageUrl.openConnection();
//establish connection:
GetConn.connect();
InputStreamReader ReadIn = new InputStreamReader(GetConn.
BufferedReader BufData = new BufferedReader(ReadIn);
String TextFileName = ("C:/test.txt");
FileWriter FWriter = new FileWriter(TextFileName);
BufferedWriter BWriter = new BufferedWriter(FWriter);
String UrlData = null;
while ((UrlData = BufData.readLine()) != null)
{
BWriter.write(UrlData);
BWriter.newLine();
}
BWriter.close();
}//end try
catch(IOException io)
{
System.out.println(io);
}
}
}
Java
Last Comment
CEHJ
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
let me look into it.
btw, having the real url would be a help
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
have u fixed your keystore?
ASKER
I beleive so....
java InstallCert devrt.neblueconnect.com
Loading KeyStore C:\Program Files\Java\jre1.6.0_05\lib
Opening connection to devrt.neblueconnect.com:44
Starting SSL handshake...
No errors, certificate is already trusted
Server sent 2 certificate(s):
1 Subject CN=devrt.neblueconnect.com
, L=Omaha, ST=Nebraska, C=US
Issuer CN=BCBSNEPRDCA, DC=BCBSNEPRD, DC=com
sha1 df 1c 67 44 a1 50 77 50 2d 7f 39 84 a1 de bc bb d5 9f 5d af
md5 13 39 c2 61 3c 35 00 a8 dc 4f 24 cd 61 2f 21 95
2 Subject CN=BCBSNEPRDCA, DC=BCBSNEPRD, DC=com
Issuer CN=BCBSNERootCA, DC=BCBSNEPRD, DC=COM
sha1 ad 89 60 5a d4 b8 0d 2d 36 3e 52 84 34 a3 e6 26 ad cc c4 e4
md5 5a 87 c2 56 60 71 2b c6 3f 34 79 ce ea 0a b8 fe
Enter certificate to add to trusted keystore or 'q' to quit: [1]
1
[
[
Version: V3
Subject: CN=devrt.neblueconnect.com
, L=Omaha, ST=Nebraska, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 10423883125751017177575849
75686350563393872462567460
83496482433359920158786259
21755018497124796169610661
public exponent: 65537
Validity: [From: Mon Feb 26 15:27:02 EST 2007,
To: Wed Feb 25 15:27:02 EST 2009]
Issuer: CN=BCBSNEPRDCA, DC=BCBSNEPRD, DC=com
SerialNumber: [ 15361097 00020000 030f]
Certificate Extensions: 7
[1]: ObjectId: 1.3.6.1.4.1.311.20.2 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 14 1E 12 00 57 00 65 00 62 00 53 00 65 00 72 .....W.e.b.S.e.r
0010: 00 76 00 65 00 72 .v.e.r
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 8C 8D 1E AF B9 0B 51 03 C6 1B C3 03 F8 EF E1 91 ......Q.........
0010: EB 6E 9D FA .n..
]
]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 77 1D D6 B2 8F 29 47 76 1C 59 68 3E 44 FE 68 5F w....)Gv.Yh>D.h_
0010: 03 B1 E2 6F ...o
]
]
[4]: ObjectId: 1.2.840.113549.1.9.15 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 37 30 35 30 0E 06 08 2A 86 48 86 F7 0D 03 02 .7050...*.H.....
0010: 02 02 00 80 30 0E 06 08 2A 86 48 86 F7 0D 03 04 ....0...*.H.....
0020: 02 02 00 80 30 07 06 05 2B 0E 03 02 07 30 0A 06 ....0...+....0..
0030: 08 2A 86 48 86 F7 0D 03 07 .*.H.....
[5]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
]
[6]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_Encipherment
]
[7]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[accessMethod: 1.3.6.1.5.5.7.48.2
accessLocation: URIName: ldap:///CN=BCBSNEPRDCA,CN=
ices,CN=Services,CN=Config
lass=certificationAuthorit
accessLocation: URIName: http://mgtoma04prd.bcbsneprd.com/CertEnroll/mgtoma04
prd.BCBSNEPRD.COM_BCBSNEPR
]
Unparseable certificate extensions: 1
[1]: ObjectId: 2.5.29.31 Criticality=false
Unparseable CRLDistributionPoints extension due to
java.io.IOException: invalid URI name:file://\\mgtoma04prd.
oll\BCBSNEPRDCA.crl
0000: 30 82 01 43 30 82 01 3F A0 82 01 3B A0 82 01 37 0..C0..?...;...7
0010: 86 81 B8 6C 64 61 70 3A 2F 2F 2F 43 4E 3D 42 43 ...ldap:///CN=BC
0020: 42 53 4E 45 50 52 44 43 41 2C 43 4E 3D 6D 67 74 BSNEPRDCA,CN=mgt
0030: 6F 6D 61 30 34 70 72 64 2C 43 4E 3D 43 44 50 2C oma04prd,CN=CDP,
0040: 43 4E 3D 50 75 62 6C 69 63 25 32 30 4B 65 79 25 CN=Public%20Key%
0050: 32 30 53 65 72 76 69 63 65 73 2C 43 4E 3D 53 65 20Services,CN=Se
0060: 72 76 69 63 65 73 2C 43 4E 3D 43 6F 6E 66 69 67 rvices,CN=Config
0070: 75 72 61 74 69 6F 6E 2C 44 43 3D 42 43 42 53 4E uration,DC=BCBSN
0080: 45 50 52 44 2C 44 43 3D 63 6F 6D 3F 63 65 72 74 EPRD,DC=com?cert
0090: 69 66 69 63 61 74 65 52 65 76 6F 63 61 74 69 6F ificateRevocatio
00A0: 6E 4C 69 73 74 3F 62 61 73 65 3F 6F 62 6A 65 63 nList?base?objec
00B0: 74 43 6C 61 73 73 3D 63 52 4C 44 69 73 74 72 69 tClass=cRLDistri
00C0: 62 75 74 69 6F 6E 50 6F 69 6E 74 86 3B 68 74 74 butionPoint.;htt
00D0: 70 3A 2F 2F 6D 67 74 6F 6D 61 30 34 70 72 64 2E p://mgtoma04prd.
00E0: 62 63 62 73 6E 65 70 72 64 2E 63 6F 6D 2F 43 65 bcbsneprd.com/Ce
00F0: 72 74 45 6E 72 6F 6C 6C 2F 42 43 42 53 4E 45 50 rtEnroll/BCBSNEP
0100: 52 44 43 41 2E 63 72 6C 86 3D 66 69 6C 65 3A 2F RDCA.crl.=file:/
0110: 2F 5C 5C 6D 67 74 6F 6D 61 30 34 70 72 64 2E 42 /\\mgtoma04prd.B
0120: 43 42 53 4E 45 50 52 44 2E 43 4F 4D 5C 43 65 72 CBSNEPRD.COM\Cer
0130: 74 45 6E 72 6F 6C 6C 5C 42 43 42 53 4E 45 50 52 tEnroll\BCBSNEPR
0140: 44 43 41 2E 63 72 6C DCA.crl
]
Algorithm: [SHA1withRSA]
Signature:
0000: 0C F3 BF 46 F3 8D 34 9B 2D 3B BA EC 08 39 80 6A ...F..4.-;...9.j
0010: 7E 64 3A AC F8 5C 98 D3 9C D3 8B 5E 2E CF AD 82 .d:..\.....^....
0020: B0 38 9A 50 21 05 4C FB CB 98 96 35 B7 DA F8 20 .8.P!.L....5...
0030: 6D 0C F9 FA B1 52 12 10 5B D9 EA 72 EC 7E 92 8D m....R..[..r....
0040: B3 81 5E 5F 04 66 40 DB 48 FB FC 2A DB 98 40 4C ..^_.f@.H..*..@L
0050: BE 3F 21 81 70 AB 33 9B 6F 03 5E 18 EA 0D 37 E4 .?!.p.3.o.^...7.
0060: EC 63 7E ED EC FC C2 96 CD 9D DD 6F 2F 65 51 76 .c.........o/eQv
0070: 44 10 8B 0C EE 16 59 40 D6 26 23 CB 72 93 5E 47 D.....Y@.&#.r.^G
]
Added certificate to keystore 'jssecacerts' using alias 'devrt.neblueconnect.com
-1'
java InstallCert devrt.neblueconnect.com
Loading KeyStore C:\Program Files\Java\jre1.6.0_05\lib
Opening connection to devrt.neblueconnect.com:44
Starting SSL handshake...
No errors, certificate is already trusted
Server sent 2 certificate(s):
1 Subject CN=devrt.neblueconnect.com
, L=Omaha, ST=Nebraska, C=US
Issuer CN=BCBSNEPRDCA, DC=BCBSNEPRD, DC=com
sha1 df 1c 67 44 a1 50 77 50 2d 7f 39 84 a1 de bc bb d5 9f 5d af
md5 13 39 c2 61 3c 35 00 a8 dc 4f 24 cd 61 2f 21 95
2 Subject CN=BCBSNEPRDCA, DC=BCBSNEPRD, DC=com
Issuer CN=BCBSNERootCA, DC=BCBSNEPRD, DC=COM
sha1 ad 89 60 5a d4 b8 0d 2d 36 3e 52 84 34 a3 e6 26 ad cc c4 e4
md5 5a 87 c2 56 60 71 2b c6 3f 34 79 ce ea 0a b8 fe
Enter certificate to add to trusted keystore or 'q' to quit: [1]
1
[
[
Version: V3
Subject: CN=devrt.neblueconnect.com
, L=Omaha, ST=Nebraska, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 10423883125751017177575849
75686350563393872462567460
83496482433359920158786259
21755018497124796169610661
public exponent: 65537
Validity: [From: Mon Feb 26 15:27:02 EST 2007,
To: Wed Feb 25 15:27:02 EST 2009]
Issuer: CN=BCBSNEPRDCA, DC=BCBSNEPRD, DC=com
SerialNumber: [ 15361097 00020000 030f]
Certificate Extensions: 7
[1]: ObjectId: 1.3.6.1.4.1.311.20.2 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 14 1E 12 00 57 00 65 00 62 00 53 00 65 00 72 .....W.e.b.S.e.r
0010: 00 76 00 65 00 72 .v.e.r
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 8C 8D 1E AF B9 0B 51 03 C6 1B C3 03 F8 EF E1 91 ......Q.........
0010: EB 6E 9D FA .n..
]
]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 77 1D D6 B2 8F 29 47 76 1C 59 68 3E 44 FE 68 5F w....)Gv.Yh>D.h_
0010: 03 B1 E2 6F ...o
]
]
[4]: ObjectId: 1.2.840.113549.1.9.15 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 37 30 35 30 0E 06 08 2A 86 48 86 F7 0D 03 02 .7050...*.H.....
0010: 02 02 00 80 30 0E 06 08 2A 86 48 86 F7 0D 03 04 ....0...*.H.....
0020: 02 02 00 80 30 07 06 05 2B 0E 03 02 07 30 0A 06 ....0...+....0..
0030: 08 2A 86 48 86 F7 0D 03 07 .*.H.....
[5]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
]
[6]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_Encipherment
]
[7]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[accessMethod: 1.3.6.1.5.5.7.48.2
accessLocation: URIName: ldap:///CN=BCBSNEPRDCA,CN=
ices,CN=Services,CN=Config
lass=certificationAuthorit
accessLocation: URIName: http://mgtoma04prd.bcbsneprd.com/CertEnroll/mgtoma04
prd.BCBSNEPRD.COM_BCBSNEPR
]
Unparseable certificate extensions: 1
[1]: ObjectId: 2.5.29.31 Criticality=false
Unparseable CRLDistributionPoints extension due to
java.io.IOException: invalid URI name:file://\\mgtoma04prd.
oll\BCBSNEPRDCA.crl
0000: 30 82 01 43 30 82 01 3F A0 82 01 3B A0 82 01 37 0..C0..?...;...7
0010: 86 81 B8 6C 64 61 70 3A 2F 2F 2F 43 4E 3D 42 43 ...ldap:///CN=BC
0020: 42 53 4E 45 50 52 44 43 41 2C 43 4E 3D 6D 67 74 BSNEPRDCA,CN=mgt
0030: 6F 6D 61 30 34 70 72 64 2C 43 4E 3D 43 44 50 2C oma04prd,CN=CDP,
0040: 43 4E 3D 50 75 62 6C 69 63 25 32 30 4B 65 79 25 CN=Public%20Key%
0050: 32 30 53 65 72 76 69 63 65 73 2C 43 4E 3D 53 65 20Services,CN=Se
0060: 72 76 69 63 65 73 2C 43 4E 3D 43 6F 6E 66 69 67 rvices,CN=Config
0070: 75 72 61 74 69 6F 6E 2C 44 43 3D 42 43 42 53 4E uration,DC=BCBSN
0080: 45 50 52 44 2C 44 43 3D 63 6F 6D 3F 63 65 72 74 EPRD,DC=com?cert
0090: 69 66 69 63 61 74 65 52 65 76 6F 63 61 74 69 6F ificateRevocatio
00A0: 6E 4C 69 73 74 3F 62 61 73 65 3F 6F 62 6A 65 63 nList?base?objec
00B0: 74 43 6C 61 73 73 3D 63 52 4C 44 69 73 74 72 69 tClass=cRLDistri
00C0: 62 75 74 69 6F 6E 50 6F 69 6E 74 86 3B 68 74 74 butionPoint.;htt
00D0: 70 3A 2F 2F 6D 67 74 6F 6D 61 30 34 70 72 64 2E p://mgtoma04prd.
00E0: 62 63 62 73 6E 65 70 72 64 2E 63 6F 6D 2F 43 65 bcbsneprd.com/Ce
00F0: 72 74 45 6E 72 6F 6C 6C 2F 42 43 42 53 4E 45 50 rtEnroll/BCBSNEP
0100: 52 44 43 41 2E 63 72 6C 86 3D 66 69 6C 65 3A 2F RDCA.crl.=file:/
0110: 2F 5C 5C 6D 67 74 6F 6D 61 30 34 70 72 64 2E 42 /\\mgtoma04prd.B
0120: 43 42 53 4E 45 50 52 44 2E 43 4F 4D 5C 43 65 72 CBSNEPRD.COM\Cer
0130: 74 45 6E 72 6F 6C 6C 5C 42 43 42 53 4E 45 50 52 tEnroll\BCBSNEPR
0140: 44 43 41 2E 63 72 6C DCA.crl
]
Algorithm: [SHA1withRSA]
Signature:
0000: 0C F3 BF 46 F3 8D 34 9B 2D 3B BA EC 08 39 80 6A ...F..4.-;...9.j
0010: 7E 64 3A AC F8 5C 98 D3 9C D3 8B 5E 2E CF AD 82 .d:..\.....^....
0020: B0 38 9A 50 21 05 4C FB CB 98 96 35 B7 DA F8 20 .8.P!.L....5...
0030: 6D 0C F9 FA B1 52 12 10 5B D9 EA 72 EC 7E 92 8D m....R..[..r....
0040: B3 81 5E 5F 04 66 40 DB 48 FB FC 2A DB 98 40 4C ..^_.f@.H..*..@L
0050: BE 3F 21 81 70 AB 33 9B 6F 03 5E 18 EA 0D 37 E4 .?!.p.3.o.^...7.
0060: EC 63 7E ED EC FC C2 96 CD 9D DD 6F 2F 65 51 76 .c.........o/eQv
0070: 44 10 8B 0C EE 16 59 40 D6 26 23 CB 72 93 5E 47 D.....Y@.&#.r.^G
]
Added certificate to keystore 'jssecacerts' using alias 'devrt.neblueconnect.com
-1'
ASKER
Getting there...
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Untitled Page
</title></head>
<body>
<form name="form1" method="post" action="default.aspx" id="form1">
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJNzgzNDMwNTM
<div>
</div>
</form>
</body>
</html>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Untitled Page
</title></head>
<body>
<form name="form1" method="post" action="default.aspx" id="form1">
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJNzgzNDMwNTM
<div>
</div>
</form>
</body>
</html>
ASKER
I was able to accomplish my goal. I ended up using HttpURLConnection. I will split the points
:-)