troubleshooting Question

Coldfusion, RETS, and MRIS MLS

Avatar of ColdfusionAdmins
ColdfusionAdmins asked on
ColdFusion Language
2 Comments1 Solution943 ViewsLast Modified:
I need help logging into a RETS - Real Estate Transaction Server using Coldfusion.

http://ptest.mris.com:6103/ptest/login
ID = MRISTEST
PW = PMRISTEST
User-Agent = RETS Test/1.0

I know the above information is correct because its documented on their website.

<cfscript>
userAgent = 'RETS Test/1.0';
retsVersion = 'RETS/1.7';
hostname = 'ptest.mris.com';
port = '6103';
username = 'MRISTEST';
password = 'PMRISTEST';
loginArea = 'GET:/ptest/login';
loginUri = '/ptest/login';
realm = 'MRIS';
nc = '00000001';

A1 = Lcase(Hash(username & ':' & realm & ':' & password,"MD5"));
A2 = Lcase(Hash(loginArea,"MD5"));

cnonce = '';

function initial_Auth()
{
	qop = 'auth';
	nonce = '';
	opaque = '';
	response = '';
	rawDigest = 'Digest username=' & chr(34) & username & chr(34) & ',' &
	'realm=' & chr(34) & realm & chr(34) & ',' &
	'nonce=' & nonce & ',' &
	'uri=' & chr(34) & '/rets/login' & chr(34) & ',' &
	'response=' & Lcase(Hash(A1,"MD5")) & ':' & nonce & ':' & Lcase(Hash(A2,"MD5"));
	
	return rawDigest;
}

function create_Auth()
{
	tempList = Replace(cfhttp.responseHeader["WWW-Authenticate"],"Digest ",'','All');
	headerArr = ListToArray(Trim(tempList));
	auth_Temp = ListToArray(Trim(cfhttp.responseHeader["WWW-Authenticate"]),' ');
	auth_Type = auth_Temp[1];
	
	if (auth_Type eq 'Basic')
	{
		auth = username & ':' & password;
		encodedAuth = 'Authorization: Basic ' & toBase64(auth);
		return encodedAuth;
	}

	if(auth_Type eq 'Digest')
	{
		authStc = structNew();
		
		for(i=1;i lte ArrayLen(headerArr);i=i+1)
		{
			key = Trim(Replace(Left(headerArr[i],Find('=',headerArr[i])),'=','','ALL'));
			value = Replace(RemoveChars(headerArr[i],1,Find('=',headerArr[i],"1")),'"','','ALL');
			authStc[key] = value;
		}

		auth_Nonce = authStc['nonce'];
		auth_Opaque = authStc['opaque'];
			
		cnonce = ToString("#userAgent#:::#auth_Nonce#");
		cnonce = LCase(Hash(cnonce,"MD5"));
	
		is2069 = false;
		
		if(structKeyExists(authStc,'qop') and NOT structKeyExists(authStc,'auth_qop'))
		{
			is2069 = true;
		}
	
		if(is2069)
		{
			rawDigest = A1 & ':' & auth_Nonce & ':' & nc & ':' & cnonce & ':' & qop & ':' & A2;
			encodedAuth = 'Digest username=' & chr(34) & username & chr(34) & ',' &
			'realm=' & chr(34) & realm & chr(34) & ',' &
			'nonce=' & chr(34) & auth_Nonce & chr(34) & ',' &
			'uri=' & chr(34) & loginUri & chr(34) & ',' &
			'cnonce=' & chr(34) & cnonce & chr(34) & ',' &
			'nc=' & nc & ',' &
			'qop=' & chr(34) & qop & chr(34) & ',' &
			'response=' & chr(34) & Lcase(Hash(rawDigest,"MD5")) & chr(34) & ',' &
			'opaque=' & chr(34) & auth_Opaque & chr(34);
			
		}
		else
		{
			return 'Does not meet 2029 standards';
		}
	
		return encodedAuth;
	}
}
</cfscript>

<cfset initAuth = initial_Auth()>

<cfhttp url="http://#hostname#:#port#/#loginUri#" method="GET">
  <cfhttpparam name="User-Agent" type="header" value="#userAgent#">
  <cfhttpparam name="Accept" type="header" value="*/*">
  <cfhttpparam name="RETS-Version" type="header" value="#retsVersion#">
</cfhttp>

HTTP/1.1 401 Unauthorized Cache-Control: private Connection: close Date: Mon, 09 Sep 2013 23:25:07 GMT Content-Length: 0 Content-Type: text/html WWW-Authenticate: Digest realm="users@mris.com", nonce="313337383736393130373236312047c2846051a26d6b96df77059344b986", opaque="6e6f742075736564" X-Copyright: Copyright 2013 Metropolitan Regional Information Systems, Inc., unauthorized use is prohibited. RETS-Version: RETS/1.5 X-Powered-By: Servlet/2.5 JSP/2.1

I am receiving the above response from RETS.

Any help will be appreciated.

Sincerely,
Travis Walters
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 2 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 2 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros