EldoS | Feel safer!

Software components for data protection, secure storage and transfer

SSL Soap Authentication

Also by EldoS: Rethync
The cross-platform framework that simplifies synchronizing data between mobile and desktop applications and servers and cloud storages
#4558
Posted: 12/21/2007 14:21:25
by Marcos Lima (Standard support level)
Joined: 12/21/2007
Posts: 13

Gentlemen
My problem is almost the same another user have told you.

We need to use a WebService that must connect by SSL (exchanging SSL certificates) with a server.

You have told that Delphi (we are using Delphi 7) doesn't have this operation without changing the source code.

My question is: Do you have in your suite of components any one that could help us in this endeavour? If not, is there any other site or maybe in your documentation any clues that could help us change Delphi's source code?

Best Regards

Marcos
#4559
Posted: 12/21/2007 14:48:48
by Eugene Mayevski (EldoS Corp.)

As I described in the other thread, we don't deal with SOAP. You need to find out the SOAP client that can either work via HTTPS (and provide client-side authentication) or that can use third-party transports. I also mentioned RemObjects as one of the possible candidates.

As for changing the source code - you can use Delphi SOAP classes, but you will need to modify them.

You can investigate the SoapHTTPTrans.pas and make the necessary modifications to the THTTPReqResp class. You need to find THTTPReqResp.SetupIndy method and replace the IOHandler creation code there with the new code, which will create an instance of ElIndySSLIOHandler class and setup the properties of this instance.


Sincerely yours
Eugene Mayevski
#4579
Posted: 12/27/2007 07:21:49
by Marcos Lima (Standard support level)
Joined: 12/21/2007
Posts: 13

Eugene

Thanks for the promptness!
I thing we'll change the source code and use ElIndySSLIoHandler. Do you have any sample of how to make it?

Best regards

Marcos
#4581
Posted: 12/27/2007 10:46:55
by Eugene Mayevski (EldoS Corp.)

If I even had a sample, we would not be allowed to give it away in any case, as this is property of Borland. That's why I didn't make it after your initial question.


Sincerely yours
Eugene Mayevski
#4589
Posted: 12/28/2007 07:08:24
by Marcos Lima (Standard support level)
Joined: 12/21/2007
Posts: 13

Eugene

I have modified myself and are getting error HTTP - 501.
What I have made is:

1) Recompiled Delphi (version 7, BTW) with USE_INDY defined.
2) Changed the procedure SetupIndy creating a new IO handler as follows:

if IsHttps then begin
IoHandler := TElIndySSLIoHandlerSocket.Create(Nil);
IoHandler.OnCertificateNeededEx := ClientCertificateNeededEx;
IndyHttp.IOHandler := IoHandler;// TIdSSLIOHandlerSocket.Create(Nil);
end;

3) Configured the event OnCertificateNeededEx to fill the certificate first time and null after that (as in your SSL Client sample).

4) Recompiled again. I debbuged it and it's running the event - ClientCertificateNeededEx - two times.

Do I have missed something?

Best Regards

Marcos
#4590
Posted: 12/28/2007 10:16:10
by Eugene Mayevski (EldoS Corp.)

First steps look fine, except the missing OnCertificateValidate handler. You must validate the server certificate as well.


Sincerely yours
Eugene Mayevski
#4591
Posted: 12/28/2007 11:48:35
by Marcos Lima (Standard support level)
Joined: 12/21/2007
Posts: 13

Eugene

I have changed the code to validade (just fill the variable Validade to true) the server certificate hooking into the event OnCertificateValidate.

Is there any other fields that must be changed as now we are using Indy?

Best regards

Marcos

PS: The error is 500 and not 501.
#4592
Posted: 12/28/2007 12:01:42
by Marcos Lima (Standard support level)
Joined: 12/21/2007
Posts: 13

I noted that this event (validate) is called four times and the exchange certificate event is called only two times.
#4593
Posted: 12/28/2007 12:37:52
by Eugene Mayevski (EldoS Corp.)

If you can create a small test sample with your modified code, you can post it to helpdesk and we will investigate the issue here. Please don't post the code here. Use the HelpDesk.


Sincerely yours
Eugene Mayevski
#4594
Posted: 12/28/2007 12:52:08
by Marcos Lima (Standard support level)
Joined: 12/21/2007
Posts: 13

I just created the ticket.

regards
Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.

Reply

Statistics

Topic viewed 6365 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!