Highlighted

Coldfusion-2018 HTTP Token: Access denied

New Here ,
Oct 21, 2019

Copy link to clipboard

Copied

The cURL (cfhttp) command in Coldfusion-10 worked, but after migrating the same code to Coldfusion-2018 is not working.

 

I use the same Token value in CF-10 and CF-2018!!!

 

I have the below code working on CF10:

<cfset 
structContainer = {
    "container": {
        "number": "ABCD123456",
        "shipping_line": "ABCD",
        "sandbox_url": "http://api.myhost.com/"    }
}/>

<cfset structJson = serializeJSON(structContainer) />cfhttp
    url="https://customerurl/api/v1/"
    method="post"
    result="structResult"
    username="myaccount@myhost.com"
    password="12345">

    <cfhttpparam type="header" name="Content-Type" value="application/json">
    <cfhttpparam type="header" name="Authorization" value="Token token=x1x2x3x4x5x6">
    <cfhttpparam type="header" name="X-ApiVersion" value="1.0">
    <cfhttpparam type="header" name="Accept" value="*/*">
    <cfhttpparam type="body" encoded="false" value="#trim(structJson)#">
</cfhttp>


<html>
    <body>
<cfoutput>
    <cfdump
        var="#structResult#"
        label="HTTP Body"
        output="c:/result.txt"
    />
</cfoutput>

    </body>
</html>

 

But when I migrated to Coldfusion 2018 is returning the error below (structResult):

 

HTTP Body - struct

HTTP Body - struct

Charset: utf-8
Errordetail: [empty string]
Filecontent: HTTP Token: Access denied.
Header: HTTP/1.1 401 Unauthorized
Date: Mon, 21 Oct 2019 12:56:48 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
WWW-Authenticate: Token realm="Application"
Cache-Control: no-cache
X-Request-Id: 4539026e-8b8d-4f67-836b-153b8b9c58fc
X-Runtime: 0.006391
Strict-Transport-Security: max-age=31536000
Mimetype: text/html
Responseheader:
[struct]
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Mon, 21 Oct 2019 12:56:48 GMT
Explanation: Unauthorized
Http_Version: HTTP/1.1
Status_Code: 401
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
WWW-Authenticate: Token realm="Application"
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Request-Id: 4539026e-8b8d-4f67-836b-153b8b9c58fc
X-Runtime: 0.006391
X-XSS-Protection: 1; mode=block
Statuscode: 401 Unauthorized
Text: YES

 

Please, someone to give me a light?

Best Regards!

Views

85

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

Coldfusion-2018 HTTP Token: Access denied

New Here ,
Oct 21, 2019

Copy link to clipboard

Copied

The cURL (cfhttp) command in Coldfusion-10 worked, but after migrating the same code to Coldfusion-2018 is not working.

 

I use the same Token value in CF-10 and CF-2018!!!

 

I have the below code working on CF10:

<cfset 
structContainer = {
    "container": {
        "number": "ABCD123456",
        "shipping_line": "ABCD",
        "sandbox_url": "http://api.myhost.com/"    }
}/>

<cfset structJson = serializeJSON(structContainer) />cfhttp
    url="https://customerurl/api/v1/"
    method="post"
    result="structResult"
    username="myaccount@myhost.com"
    password="12345">

    <cfhttpparam type="header" name="Content-Type" value="application/json">
    <cfhttpparam type="header" name="Authorization" value="Token token=x1x2x3x4x5x6">
    <cfhttpparam type="header" name="X-ApiVersion" value="1.0">
    <cfhttpparam type="header" name="Accept" value="*/*">
    <cfhttpparam type="body" encoded="false" value="#trim(structJson)#">
</cfhttp>


<html>
    <body>
<cfoutput>
    <cfdump
        var="#structResult#"
        label="HTTP Body"
        output="c:/result.txt"
    />
</cfoutput>

    </body>
</html>

 

But when I migrated to Coldfusion 2018 is returning the error below (structResult):

 

HTTP Body - struct

HTTP Body - struct

Charset: utf-8
Errordetail: [empty string]
Filecontent: HTTP Token: Access denied.
Header: HTTP/1.1 401 Unauthorized
Date: Mon, 21 Oct 2019 12:56:48 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
WWW-Authenticate: Token realm="Application"
Cache-Control: no-cache
X-Request-Id: 4539026e-8b8d-4f67-836b-153b8b9c58fc
X-Runtime: 0.006391
Strict-Transport-Security: max-age=31536000
Mimetype: text/html
Responseheader:
[struct]
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Mon, 21 Oct 2019 12:56:48 GMT
Explanation: Unauthorized
Http_Version: HTTP/1.1
Status_Code: 401
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
WWW-Authenticate: Token realm="Application"
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Request-Id: 4539026e-8b8d-4f67-836b-153b8b9c58fc
X-Runtime: 0.006391
X-XSS-Protection: 1; mode=block
Statuscode: 401 Unauthorized
Text: YES

 

Please, someone to give me a light?

Best Regards!

Views

86

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Oct 21, 2019 0
Adobe Community Professional ,
Oct 21, 2019

Copy link to clipboard

Copied

I cannot say I know what's causing the problem. But I know one thing you can try: add the following flag to the java.args settings in your jvm.config file:

 

-Dcoldfusion.http.usepooling=false

 

That is a workaround suggested for a recent CFHTTP issue (https://tracker.adobe.com/#/view/CF-4205439).

Remember to restart the instance afterwards.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Oct 21, 2019 0
Enthusiast ,
Oct 22, 2019

Copy link to clipboard

Copied

I would guess it has to do with how CF is encoding the equals sign in the header value. Try adding encoded="false" to your cfhttpparam that contains the token.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Oct 22, 2019 0