How To
Summary
Some web service servers require pre-emptive authentication, which is not used by default by sql http client functions
Objective
By Default non-preemptive authentication is used, which means that in the first step the request is sent without any authentication information. This is then replied with response 401 Unauthorized and a header with the required authentication information.
The second step then is sending a header with the authentication information that then gets a response of 200 OK.
This two step approach is considered safer as only servers that require authentication are getting credentials.
However, some servers do not allow the second step and close the connection after responding with 401 on the first request that failed because it did not provide authentication. These servers require pre-emptive authentication, so the credentials are already sent with the initial request.
Environment
Applications that make use of http sql functions like HTTPGETCLOB (or HTTPDELETE/POST/PUT-C/BLOB) which issue requests to consume webservices.
Steps
In order to switch to pre-emptive authentication for a job:
- Create this SQL function:
CREATE OR REPLACE FUNCTION setProperty(PROP VARCHAR(80),
value VARCHAR(80)) RETURNS VARCHAR(80) LANGUAGE java PARAMETER STYLE java EXTERNAL name 'java.lang.System.setProperty'; - Use this sql statement to set the property:
values setProperty('httpclient.authentication.preemptive', 'true');
After that, a select like this will work fine with servers requiring pre-emptive authentication:
select * from systools.HTTPGETCLOB (
'https://someurl.com/req?&prod=someprod',
Cast(('<httpHeader><header name="Authorization" value="Basic ' CONCAT
SYSTOOLS.BASE64ENCODE( cast ('someuser:somepassword' as varchar(128) ccsid 1208)) CONCAT'"/>
<header name="Content-Type" value="text/text;charset=utf-8"/></httpHeader>')
as VARCHAR(512) CCSID 1208));
Additional Information
Note: In order to make authentication work, the URL shouldn't require redirection.
Document Location
Worldwide
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SWG60","label":"IBM i"},"Component":"","Platform":[{"code":"PF012","label":"IBM i"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB57","label":"Power"}}]
Was this topic helpful?
Document Information
Modified date:
04 February 2020
UID
ibm11285186