ColdFusion 9 CFHTTP Connection Failure

Question

I am experiencing and issue when i try to connect to a webservice for the second time. I am getting the Connection Failure message. I have asked a similar question but after pulling together all the info I wanted to clearly ask it differently.

Background: The script below first connects to the API to get an access token. It then takes that access token and places it in the header when it request more data from the same service. I don't think it has anything to do with the authentication token connecting because I get a Status 200 code but the only thing in the body is Connection Failure.

My Script (I have set the Auth Token statically below for testing):

<cfhttp url="https://mywebsite.com/criminal_api//1.0/oauth/token?grant_type=password&username=ABchecks&password=seven2eleven" method="GET"  
    username="****" password="****" result="result">
</cfhttp>

<cfset content = deserializeJSON(result.filecontent)>

<cfdump var="#content#">


    <cfhttp method="get" url="https://mywebsite.com/criminal_api//1.0/service/requests" result="orderList">
        <cfhttpparam type="HEADER" name="Authorization"  value="Bearer 82FA1AF6FCBECED1B3D91C48C416AF97"> 
        <cfhttpparam type="header" name="Accept-Encoding" value="*" />
        <cfhttpparam type="Header" name="TE" value="deflate;q=0">   
    </cfhttp>



    <cfset CurrentOrders = orderList.filecontent>

    <cfdump var="#orderList#">

What I have tried:

I tried changing the encoding type since the webservice uses GZIP compression

<cfhttpparam type="header" name="accept-encoding" value="no-compression"/>

<cfhttpparam type="header" name="Accept-Encoding" value="*" />
<cfhttpparam type="Header" name="TE" value="deflate;q=0">

I have also navigated to the api url from a browser on the webserver and i am not getting any warnings about ssl certs.

My Output:

The code above outputs the following

struct
access_token    82FA1AF6FCBECED1B3D91C48C416AF97
expires_in  6497
refresh_token   2D79C001FD844A361C038D56408355FE
scope   read write
token_type  bearer


struct
Charset     UTF-8
ErrorDetail     [empty string]
Filecontent     Connection Failure
Header  HTTP/1.1 200 OK Connection: close Expires: Wed, 31 Dec 1969 16:00:00 PST Date: Wed, 18 May 2016 16:21:49 GMT Server: hws Pragma: No-cache Cache-Control: no-cache Set-Cookie: X-HR-ClientSessionId=3_12.161.115.226_1463588509419;Secure; path=/; HttpOnly Content-Type: application/json;charset=UTF-8
Mimetype    application/json
Responseheader  
struct
Cache-Control   no-cache
Connection  close
Content-Type    application/json;charset=UTF-8
Date    Wed, 18 May 2016 16:21:49 GMT
Expires     Wed, 31 Dec 1969 16:00:00 PST
Explanation     OK
Http_Version    HTTP/1.1
Pragma  No-cache
Server  hws
Set-Cookie  X-HR-ClientSessionId=3_12.161.115.226_1463588509419;Secure; path=/; HttpOnly
Status_Code     200
Statuscode  200 OK
Text    NO

Does anyone know what else could be giving me the Connection Failure error?

When using Fiddler's Composer on the server that host the ColdFusion file I put in the endpoint the only header I added was the Authorization Token and it returned the JSON data successfully.

Below is the Raw headers:

GET https://mywebsite.com/criminal_api//1.0/service/requests HTTP/1.1
User-Agent: Fiddler
Authorization: Bearer 8A34A2398869EC2689514553EFFBE592
Host: mywebsite.com

I am not sure why the coldfusion file still won't work if I put those exact headers in?

_I have also navigated to the api url from a browser on the webserver and i am not getting any warnings about ssl certs_ - That is good but the browser on that machine does not use the same certificate store as the ColdFusion server when it makes a cfhttp request. You still need to have the certificate stored in the JVM's keystore. — Miguel-F, May 18 '16 at 17:40
Well the first request to the same service (different method) to get the Auth Token worked but I did supply the username and password would that mean I didn't need the cert for that cfhttp request? The auth Token is supposed to be my ticket in for all of the request following the first one using the username and password. — Denoteone, May 18 '16 at 17:44
Is the first request over `https` ? The certificate is only needed for TLS/SSL requests that use `https`. Your example here show that to be the case. If the first request worked over `https` then you do not have a certificate issue. — Miguel-F, May 18 '16 at 17:45
That is correct the first request is over https. So I will continue to trouble shoot. The only other thing I can find is the GZIP compression issue. Which they are using but the header I added should fix that. Any ideas? — Denoteone, May 18 '16 at 17:49
I saw on your other question that someone mentioned debugging the network traffic from your server to their api. Did you do that? At this point, that would be my next step. Fire up Fiddler (or whatever) and browse to that endpoint using the browser that works on the server. Then look at the communication that happened. Hopefully that will shine a light on something that you are missing or have incorrectly set. — Miguel-F, May 18 '16 at 17:53
I added the output from Fiddler which I have running on the webserver using composer in Fiddler. Not sure what else to look for. — Denoteone, May 18 '16 at 18:24
I did a quick search for the OAuth Bearer Token Usage (https://tools.ietf.org/html/rfc6750#section-2) and it mentions that you can pass the token within the header field or as a form-encoded body parameter. Have you tried the latter? Something like `` In fact I would try sending just that field/value and omit the others. That way ColdFusion will send the request with a Content Type of application/x-www-form-urlencoded which is also required for this format. Be sure to use the `POST` method. — Miguel-F, May 18 '16 at 18:58
Thanks again for all the help but still no luck I got the following: error_description="An Authentication object was not found in the SecurityContext" I am going to look over the link you provided and see if anything catches my eye. — Denoteone, May 18 '16 at 19:08
It looks like the header method is preferred and the form-encoded method _may_ not be supported on some resource servers. Hopefully that link will provide you with some more information on it anyway. Good luck! — Miguel-F, May 18 '16 at 19:14
I have new information regarding the SSL certs. I created a new question specific about SSL certs and how to handle them here: http://stackoverflow.com/questions/37313011/coldfusion-cfhttp-and-ssl-certs Thanks again for all your help. — Denoteone, May 19 '16 at 02:34

ColdFusion 9 CFHTTP Connection Failure

0 Answers0