Avatar of ColdfusionAdmins
ColdfusionAdmins asked on

Coldfusion, RETS, and MRIS MLS

I need help logging into a RETS - Real Estate Transaction Server using Coldfusion.

http://ptest.mris.com:6103/ptest/login
ID = MRISTEST
PW = PMRISTEST
User-Agent = RETS Test/1.0

I know the above information is correct because its documented on their website.

<cfscript>
userAgent = 'RETS Test/1.0';
retsVersion = 'RETS/1.7';
hostname = 'ptest.mris.com';
port = '6103';
username = 'MRISTEST';
password = 'PMRISTEST';
loginArea = 'GET:/ptest/login';
loginUri = '/ptest/login';
realm = 'MRIS';
nc = '00000001';

A1 = Lcase(Hash(username & ':' & realm & ':' & password,"MD5"));
A2 = Lcase(Hash(loginArea,"MD5"));

cnonce = '';

function initial_Auth()
{
	qop = 'auth';
	nonce = '';
	opaque = '';
	response = '';
	rawDigest = 'Digest username=' & chr(34) & username & chr(34) & ',' &
	'realm=' & chr(34) & realm & chr(34) & ',' &
	'nonce=' & nonce & ',' &
	'uri=' & chr(34) & '/rets/login' & chr(34) & ',' &
	'response=' & Lcase(Hash(A1,"MD5")) & ':' & nonce & ':' & Lcase(Hash(A2,"MD5"));
	
	return rawDigest;
}

function create_Auth()
{
	tempList = Replace(cfhttp.responseHeader["WWW-Authenticate"],"Digest ",'','All');
	headerArr = ListToArray(Trim(tempList));
	auth_Temp = ListToArray(Trim(cfhttp.responseHeader["WWW-Authenticate"]),' ');
	auth_Type = auth_Temp[1];
	
	if (auth_Type eq 'Basic')
	{
		auth = username & ':' & password;
		encodedAuth = 'Authorization: Basic ' & toBase64(auth);
		return encodedAuth;
	}

	if(auth_Type eq 'Digest')
	{
		authStc = structNew();
		
		for(i=1;i lte ArrayLen(headerArr);i=i+1)
		{
			key = Trim(Replace(Left(headerArr[i],Find('=',headerArr[i])),'=','','ALL'));
			value = Replace(RemoveChars(headerArr[i],1,Find('=',headerArr[i],"1")),'"','','ALL');
			authStc[key] = value;
		}

		auth_Nonce = authStc['nonce'];
		auth_Opaque = authStc['opaque'];
			
		cnonce = ToString("#userAgent#:::#auth_Nonce#");
		cnonce = LCase(Hash(cnonce,"MD5"));
	
		is2069 = false;
		
		if(structKeyExists(authStc,'qop') and NOT structKeyExists(authStc,'auth_qop'))
		{
			is2069 = true;
		}
	
		if(is2069)
		{
			rawDigest = A1 & ':' & auth_Nonce & ':' & nc & ':' & cnonce & ':' & qop & ':' & A2;
			encodedAuth = 'Digest username=' & chr(34) & username & chr(34) & ',' &
			'realm=' & chr(34) & realm & chr(34) & ',' &
			'nonce=' & chr(34) & auth_Nonce & chr(34) & ',' &
			'uri=' & chr(34) & loginUri & chr(34) & ',' &
			'cnonce=' & chr(34) & cnonce & chr(34) & ',' &
			'nc=' & nc & ',' &
			'qop=' & chr(34) & qop & chr(34) & ',' &
			'response=' & chr(34) & Lcase(Hash(rawDigest,"MD5")) & chr(34) & ',' &
			'opaque=' & chr(34) & auth_Opaque & chr(34);
			
		}
		else
		{
			return 'Does not meet 2029 standards';
		}
	
		return encodedAuth;
	}
}
</cfscript>

<cfset initAuth = initial_Auth()>

<cfhttp url="http://#hostname#:#port#/#loginUri#" method="GET">
  <cfhttpparam name="User-Agent" type="header" value="#userAgent#">
  <cfhttpparam name="Accept" type="header" value="*/*">
  <cfhttpparam name="RETS-Version" type="header" value="#retsVersion#">
</cfhttp>

Open in new window


HTTP/1.1 401 Unauthorized Cache-Control: private Connection: close Date: Mon, 09 Sep 2013 23:25:07 GMT Content-Length: 0 Content-Type: text/html WWW-Authenticate: Digest realm="users@mris.com", nonce="313337383736393130373236312047c2846051a26d6b96df77059344b986", opaque="6e6f742075736564" X-Copyright: Copyright 2013 Metropolitan Regional Information Systems, Inc., unauthorized use is prohibited. RETS-Version: RETS/1.5 X-Powered-By: Servlet/2.5 JSP/2.1

I am receiving the above response from RETS.

Any help will be appreciated.

Sincerely,
Travis Walters
ColdFusion Language

Avatar of undefined
Last Comment
ColdfusionAdmins

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
ColdfusionAdmins

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER
ColdfusionAdmins

RFC 2069 was later replaced by RFC 2617

Thus, I had to implement the later version.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy