Link to home
Start Free TrialLog in
Avatar of ColdfusionAdmins
ColdfusionAdmins

asked on

Coldfusion, RETS, and MRIS MLS

I need help logging into a RETS - Real Estate Transaction Server using Coldfusion.

http://ptest.mris.com:6103/ptest/login
ID = MRISTEST
PW = PMRISTEST
User-Agent = RETS Test/1.0

I know the above information is correct because its documented on their website.

<cfscript>
userAgent = 'RETS Test/1.0';
retsVersion = 'RETS/1.7';
hostname = 'ptest.mris.com';
port = '6103';
username = 'MRISTEST';
password = 'PMRISTEST';
loginArea = 'GET:/ptest/login';
loginUri = '/ptest/login';
realm = 'MRIS';
nc = '00000001';

A1 = Lcase(Hash(username & ':' & realm & ':' & password,"MD5"));
A2 = Lcase(Hash(loginArea,"MD5"));

cnonce = '';

function initial_Auth()
{
	qop = 'auth';
	nonce = '';
	opaque = '';
	response = '';
	rawDigest = 'Digest username=' & chr(34) & username & chr(34) & ',' &
	'realm=' & chr(34) & realm & chr(34) & ',' &
	'nonce=' & nonce & ',' &
	'uri=' & chr(34) & '/rets/login' & chr(34) & ',' &
	'response=' & Lcase(Hash(A1,"MD5")) & ':' & nonce & ':' & Lcase(Hash(A2,"MD5"));
	
	return rawDigest;
}

function create_Auth()
{
	tempList = Replace(cfhttp.responseHeader["WWW-Authenticate"],"Digest ",'','All');
	headerArr = ListToArray(Trim(tempList));
	auth_Temp = ListToArray(Trim(cfhttp.responseHeader["WWW-Authenticate"]),' ');
	auth_Type = auth_Temp[1];
	
	if (auth_Type eq 'Basic')
	{
		auth = username & ':' & password;
		encodedAuth = 'Authorization: Basic ' & toBase64(auth);
		return encodedAuth;
	}

	if(auth_Type eq 'Digest')
	{
		authStc = structNew();
		
		for(i=1;i lte ArrayLen(headerArr);i=i+1)
		{
			key = Trim(Replace(Left(headerArr[i],Find('=',headerArr[i])),'=','','ALL'));
			value = Replace(RemoveChars(headerArr[i],1,Find('=',headerArr[i],"1")),'"','','ALL');
			authStc[key] = value;
		}

		auth_Nonce = authStc['nonce'];
		auth_Opaque = authStc['opaque'];
			
		cnonce = ToString("#userAgent#:::#auth_Nonce#");
		cnonce = LCase(Hash(cnonce,"MD5"));
	
		is2069 = false;
		
		if(structKeyExists(authStc,'qop') and NOT structKeyExists(authStc,'auth_qop'))
		{
			is2069 = true;
		}
	
		if(is2069)
		{
			rawDigest = A1 & ':' & auth_Nonce & ':' & nc & ':' & cnonce & ':' & qop & ':' & A2;
			encodedAuth = 'Digest username=' & chr(34) & username & chr(34) & ',' &
			'realm=' & chr(34) & realm & chr(34) & ',' &
			'nonce=' & chr(34) & auth_Nonce & chr(34) & ',' &
			'uri=' & chr(34) & loginUri & chr(34) & ',' &
			'cnonce=' & chr(34) & cnonce & chr(34) & ',' &
			'nc=' & nc & ',' &
			'qop=' & chr(34) & qop & chr(34) & ',' &
			'response=' & chr(34) & Lcase(Hash(rawDigest,"MD5")) & chr(34) & ',' &
			'opaque=' & chr(34) & auth_Opaque & chr(34);
			
		}
		else
		{
			return 'Does not meet 2029 standards';
		}
	
		return encodedAuth;
	}
}
</cfscript>

<cfset initAuth = initial_Auth()>

<cfhttp url="http://#hostname#:#port#/#loginUri#" method="GET">
  <cfhttpparam name="User-Agent" type="header" value="#userAgent#">
  <cfhttpparam name="Accept" type="header" value="*/*">
  <cfhttpparam name="RETS-Version" type="header" value="#retsVersion#">
</cfhttp>

Open in new window


HTTP/1.1 401 Unauthorized Cache-Control: private Connection: close Date: Mon, 09 Sep 2013 23:25:07 GMT Content-Length: 0 Content-Type: text/html WWW-Authenticate: Digest realm="users@mris.com", nonce="313337383736393130373236312047c2846051a26d6b96df77059344b986", opaque="6e6f742075736564" X-Copyright: Copyright 2013 Metropolitan Regional Information Systems, Inc., unauthorized use is prohibited. RETS-Version: RETS/1.5 X-Powered-By: Servlet/2.5 JSP/2.1

I am receiving the above response from RETS.

Any help will be appreciated.

Sincerely,
Travis Walters
ASKER CERTIFIED SOLUTION
Avatar of ColdfusionAdmins
ColdfusionAdmins

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of ColdfusionAdmins
ColdfusionAdmins

ASKER

RFC 2069 was later replaced by RFC 2617

Thus, I had to implement the later version.