I'm trying to POST to a https Web service from Delphi 7. Initially the error was "Unable to Load SSL library". So placed ssleay32.dll & libeay32.dll (from indy_openssl096k.zip in https://indy.fulgan.com/SSL/Archive/) in the folder containing my executable.
Now the error is "Error connecting to SSL". In the exception, I also used WhichFailedToLoad() function and below is also reported
"Failed To Load: EVP_md5 X509_digest X509_NAME_hash"
From different sites, I could understand, above functions is part of libeay32.dll. But why is this still reported as FailedToLoad ?
I saw suggestions that updating to Indy10 ca solve this. But the applications I'm working on uses Indy functions on large number of modules and I don't want to cause any issues if Indy update fails. Is there anyway to resolve this error with Indy9. Any help is greatly appreciated.
I have been trying to find out a solution for the past few days and can't get one. Could someone kindly help me please ?
My Code
Protocol := TIdHTTP.Create(nil);
try
jsonToSend := TStringList.create;
Id_HandlerSocket := TIdSSLIOHandlerSocket.create(nil);
Id_HandlerSocket.SSLOptions.Method := sslvTLSv1;
Id_HandlerSocket.SSLOptions.Mode := sslmClient;
Id_HandlerSocket.SSLOptions.VerifyMode := [];
Id_HandlerSocket.SSLOptions.VerifyDepth := 0;
try
jsonToSend.Add('{"Branch":"' + branch + '", "Country":"' + country + '"}');
Protocol.IOHandler := Id_HandlerSocket;
Protocol.Request.ContentType := 'application/json';
Protocol.Request.Accept := '*/*';
Protocol.Post(ServerURL,jsonToSend);
except
on E:EIdOSSLConnectError do
begin
showmessage(E.Message);
showmessage('Failed to Load: ' + IdSSLOpenSSLHeaders.WhichFailedToLoad);
end;
end;
finally
Protocol.Destroy;
Id_HandlerSocket.Free;
jsonToSend.Destroy;
end;
I have a web service client created with DELPHI XE 5, i used THTTPRIO, imported wsdl and created the ".pas" files.
The server of web service request a preemptive basic authentication (that work fine with SoapUI);
I know how to make authentication with user and password of THTTPReqResp.
rio := THTTPRIO.Create(nil);
HTTPReqResp1 := THTTPReqResp.Create(rio);
HTTPReqResp1.UserName := sUserName;
HTTPReqResp1.Password := sPasswordEncrypted;
But I don't connect to the web service because I don't know ho to make preemptive and if it's possible in Delphi.
Can anyone help me ? :)
I just found how It's possible to use "preemprive" connexion in DELPHI.
You have to modify the OnBeforePost of your "rio.HTTPWebNode" like this :
var
rio : THTTPRIO;
HTTPReqResp1: THTTPReqResp;
uselessObject: TUselessClass;
try
rio := THTTPRIO.Create(nil);
uselessObject := TUselessClass.Create();
rio.HTTPWebNode.GetHTTPReqResp.OnBeforePost :=
uselessObject.HTTPRIOHTTPWebNode1BeforePost;
With this procedure :
procedure TUselessClass.HTTPRIOHTTPWebNode1BeforePost(const HTTPReqResp: THTTPReqResp; Data: Pointer);
var
auth,toEncode: string;
begin
toEncode := Format('%s:%s',[sUserName,sPasswordEncrypted]);
auth := 'Authorization: Basic ' + TIdEncoderMIME.EncodeString(toEncode);
HttpAddRequestHeaders(Data, PChar(auth), Length(auth), HTTP_ADDREQ_FLAG_ADD);
end;
I have a piece of code written in Delphi 2005 that searches for a particular attribute on a user in LDAP. I get an access violation when this is run on either Windows 7 or Server 2008, but not on XP or 2003.
Function IsSSOUser(UserId: String): Boolean;
var
S : string;
ADOQuery : TADOQuery;
ADOConnectionSSO: TADOConnection;
begin
result := false;
Setdomainname;
ADOQuery := TADOQuery.Create(nil);
ADOConnectionSSO := TADOConnection.Create(nil);
try
ADOConnectionSSO.LoginPrompt := false;
ADOConnectionSSO.Mode := cmRead;
ADOConnectionSSO.Provider := 'ADsDSOObject';
ADOQuery.Connection := ADOConnectionSSO;
ADOQuery.ConnectionString := 'Provider=ADsDSOObject;Encrypt Password=False;Mode=Read;Bind Flags=0;ADSI Flag=-2147483648';
ADOQuery.SQL.Clear;
try
S := 'SELECT AdsPath, CN, SN, SSOguid FROM '''
+ LDAPString + ''' WHERE objectClass=''user'' and CN = ''' + UserId + ''' ';
ADOQuery.SQL.Add(S);
ADOQuery.Open;
ADOQuery.ExecSQL;
if trim(ADOQuery.FieldByName('SSOguid').AsString) = '' then
result := false
else
result := true;
except
on e:Exception do
if e.ClassType <> EOleException then
Showmessage(format('[%s] Exception in IsSSOUser: [%s]',[e.ClassType.ClassName, e.Message]));
end;
finally
ADOQuery.Close;
ADOConnectionSSO.Close;
ADOQuery.free;
ADOConnectionSSO.free;
end;
end;
This code works fine on Windows XP and Windows Server 2003, but I get an access violation on both Windows 7 and Server 2008. I see a number of threads online about how changes to ADODB interface can break things on downstream OSes, but I am seemingly having the opposite problem. I'm building on a Windows 7 machine and the code only works on previous versions of Windows.
You will have to add
AdoQuery.ParamCheck := false;
before your
ADOQuery.SQL.Add(S);
since your LDAPString may contains a colon (:) eg. "LDAP://...." which causes the query to try create a parameter object for it. In addition there is no need for ADOQuery.ExecSQL after ADOQuery.Open.
I have built the worlds dumbest and most simple SOAP server, in about 3 clicks, in visual studio. The exact steps in visual studio 2010: First create a new project as a web application, Then add a new item of type web service. (See accepted answer here for picture.) That soap server service Service1 has a simple method GetData:
A snippet from clientService1.pas, created using WSDL importer...
IService1 = interface(IInvokable)
['{967498E8-4F67-AAA5-A38F-F74D8C7E346A}']
function GetData(const value: Integer): string; stdcall;
function GetDataUsingDataContract(const composite: CompositeType2): CompositeType2; stdcall;
end;
When I try to run this method, like this:
procedure TForm3.Button1Click(Sender: TObject);
var
rio : THTTPRIO;
sv:IService1;
addr : string;
data : string;
begin
//addr := '....'; // url from visual studio 2010 live debug instance.
rio := THTTPRIO.Create(nil);
sv := GetIService1( true, addr, rio );
try
data := sv.GetData( 0);
Button1.Caption := data;
finally
sv := nil;
rio.Free;
end;
end;
The error I get is this:
ESOAPHTTPException:
The handle is in the wrong state for the requested operation -
URL:http://localhost:8732/Design_Time_Addresses/WcfServiceLibrary1/Service1/ -
SOAPAction:http://tempuri.org/IService1/GetData'.
The URL works fine when I paste the url above into a web browser, so the usual answer that the SOAP code in Delphi has the tendency to not notice an HTTP failure, does not seem likely. Rather it seems that I am either (a) experiencing breakage in WinInet (known to happen in some versions of windows), or (b) doing something wrong?
It seems to me that anybody who has visual studio and delphi both installed, should be able to try to get the dummy starter Soap server in Visual Studio talking to the soap client in Delphi, without any effort at all. But I can not figure out the simplest things.
At one time there was a discussion about the error in a conversation now long since deleted from Embarcadero forums, by Bruneau Babet, an embarcadero staffer.
Bruno said:
Hello,
I've posted a patched version of SOAPHTTPTrans.pas that contains a fix
for this issue here:
[forum link redacted, it didn't work anymore anyways, the post is gone]
You may still override the event as described in the C++Builder
section referred; or, much simpler, at least for Delphi users, simply
add the updated SOAPHTTPTrans.pas to your app's project. Let us know
if that does not work for you.
Cheers,
Bruneau
You can get the repair and the notes about it in its original forum formatting from the following pastebin link and on bitbucket so you don't have to extract the file from the surrounding text.
Warren Update 2016: I have been informed by someone who tried to use the fix on Delphi XE that this fix does NOT work for them in Delphi XE. Any further updates to the code in bitbucket that resolve the remaining bugs would be appreciated.
I ran into the The handle is in the wrong state for the requested operation issue in November 2018 using Delphi Tokyo 10.2.3, then looked at the code patch in the pastebin link under Arjen's answer.
That code is very old and the test code no longer works (SOAP service unavailable). Also, it is unclear from Bruneau's code what he patched exactly.
Comparing that source and the one from my Delphi version it seems that these are the (two) required modifications in the HandleWinInetError procedure ('PATCH HERE'):
function THTTPReqResp.HandleWinInetError(LastError: DWord;
Request: HINTERNET;
RaiseError: Boolean): DWord;
function CallInternetErrorDlg: DWord;
var
P: Pointer;
begin
Result := InternetErrorDlg(GetDesktopWindow(), Request, LastError,
FLAGS_ERROR_UI_FILTER_FOR_ERRORS or
FLAGS_ERROR_UI_FLAGS_CHANGE_OPTIONS or
FLAGS_ERROR_UI_FLAGS_GENERATE_DATA, P);
{ After selecting client certificate send request again,
Note: InternetErrorDlg always returns ERROR_SUCCESS when called with
ERROR_INTERNET_CLIENT_AUTH_CERT_NEEDED }
if LastError = ERROR_INTERNET_CLIENT_AUTH_CERT_NEEDED then
Result := ERROR_INTERNET_FORCE_RETRY;
end;
const
{ Missing from our WinInet currently }
INTERNET_OPTION_CLIENT_CERT_CONTEXT = 84;
var
Flags, FlagsLen, DWCert, DWCertLen: DWord;
ClientCertInfo: IClientCertInfo;
CertSerialNum: string;
{$IFDEF CLIENT_CERTIFICATE_SUPPORT}
hStore: HCERTSTORE;
CertContext: PCERT_CONTEXT;
{$ENDIF}
begin
{ Dispatch to custom handler, if there's one }
if Assigned(FOnWinInetError) then
Result := FOnWinInetError(LastError, Request)
else
begin
Result := ERROR_INTERNET_FORCE_RETRY;
{ Handle INVALID_CA discreetly }
if (LastError = ERROR_INTERNET_INVALID_CA) and (soIgnoreInvalidCerts in InvokeOptions) then
begin
FlagsLen := SizeOf(Flags);
InternetQueryOption(Request, INTERNET_OPTION_SECURITY_FLAGS, Pointer(#Flags), FlagsLen);
Flags := Flags or SECURITY_FLAG_IGNORE_UNKNOWN_CA;
InternetSetOption(Request, INTERNET_OPTION_SECURITY_FLAGS, Pointer(#Flags), FlagsLen);
end
else if (LastError = ERROR_INTERNET_SEC_CERT_REV_FAILED) and (soIgnoreInvalidCerts in InvokeOptions) then
begin
FlagsLen := SizeOf(Flags);
InternetQueryOption(Request, INTERNET_OPTION_SECURITY_FLAGS, Pointer(#Flags), FlagsLen);
Flags := Flags or SECURITY_FLAG_IGNORE_REVOCATION;
InternetSetOption(Request, INTERNET_OPTION_SECURITY_FLAGS, Pointer(#Flags), FlagsLen);
end
{$IFDEF CLIENT_CERTIFICATE_SUPPORT}
else if (LastError = ERROR_INTERNET_CLIENT_AUTH_CERT_NEEDED) and
Supports(Self, IClientCertInfo, ClientCertInfo) and
(ClientCertInfo.GetCertSerialNumber <> '') then
begin
CertSerialNum := ClientCertInfo.GetCertSerialNumber();
hStore := ClientCertInfo.GetCertStore();
if hStore = nil then
begin
hStore := CertOpenSystemStore(0, PChar('MY'));
ClientCertInfo.SetCertStore(hStore);
end;
CertContext := FindCertWithSerialNumber(hStore, CertSerialNum);
if CertContext <> nil then
begin
ClientCertInfo.SetCertContext(CertContext);
InternetSetOption(Request, INTERNET_OPTION_CLIENT_CERT_CONTEXT,
CertContext, SizeOf(CERT_CONTEXT));
end
else
begin
if RaiseError then RaiseCheck(LastError); // PATCH HERE
Result := CallInternetErrorDlg;
end;
end
{$ENDIF}
else if (LastError = ERROR_INTERNET_CLIENT_AUTH_CERT_NEEDED) and (soPickFirstClientCertificate in InvokeOptions) then
begin
{ This instructs WinInet to pick the first (a random?) client cerficate }
DWCertLen := SizeOf(DWCert);
DWCert := 0;
InternetSetOption(Request, INTERNET_OPTION_SECURITY_SELECT_CLIENT_CERT,
Pointer(#DWCert), DWCertLen);
end
else
begin
if RaiseError then RaiseCheck(LastError); // PATCH HERE
Result := CallInternetErrorDlg;
end;
end;
end;
Note that the RaiseError procedure parameter was not even used before this patch ;-)
Here is some test code using the SOAP service from NOAA's National Digital Forecast Database (NDFD) SOAP Web Service:
Uses SOAP.SOAPHTTPTrans;
const Request2 =
'<soapenv:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ndf="http://graphical.weather.gov/xml/DWMLgen/wsdl/ndfdXML.wsdl">' +
' <soapenv:Header/>' +
' <soapenv:Body>' +
' <ndf:NDFDgenByDay soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">' +
' <latitude xsi:type="xsd:decimal">38.9936</latitude>' +
' <longitude xsi:type="xsd:decimal">-77.0224</longitude>' +
' <startDate xsi:type="xsd:date">%tomorrow%</startDate>' +
' <numDays xsi:type="xsd:integer">5</numDays>' +
' <Unit xsi:type="dwml:unitType" xmlns:dwml="http://graphical.weather.gov/xml/DWMLgen/schema/DWML.xsd">e</Unit>' +
' <format xsi:type="dwml:formatType" xmlns:dwml="http://graphical.weather.gov/xml/DWMLgen/schema/DWML.xsd">12 hourly</format>' +
' </ndf:NDFDgenByDay>' +
' </soapenv:Body>' +
'</soapenv:Envelope>';
const URL2= 'https://graphical.weather.gov:443/xml/SOAP_server/ndfdXMLserver.php';
procedure TFrmHandleWinINetError.Button1Click(Sender: TObject);
var
RR: THTTPReqResp;
Response: TMemoryStream;
U8: UTF8String;
begin
RR := THTTPReqResp.Create(nil);
try
try
RR.URL := URL2;
RR.UseUTF8InHeader := True;
RR.SoapAction := 'NDFDgenByDay';
Response := TMemoryStream.Create;
RR.Execute(Request2, Response);
SetLength(U8, Response.Size);
Response.Position := 0;
Response.Read(U8[1], Length(U8));
ShowMessage(String(U8));
except
on E:Exception do ShowMessage('ERROR CAUGHT: ' + e.message);
end;
finally
Response.Free;
RR.Free;
end;
end;
end;
Without the patch errors in the tail end of the URL are caught, but errors in the domain name just trigger an empty error message.
With the patch those are also caught.
I have a reported the issue in the RAD Studio Quality Portal under number RSP-21862
Use at your own risk and please report any additional findings.
Addition: The issue was fixed in Dec 2018 in Delphi 10.3 Rio and the Quality Portal issue was closed with the following remark:
In RAD Studio 10.3 the implementation of THTTPReqResp was changed and replaced with THTTPClient. So, this issue no longer applies.
I have not verified this.
I'm upgrading from Delphi 2005 to Delphi 2010.
I'm having this problem : the following procedure works well on D2005 but on D2010 I got always the result :
<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>
<BODY><H1>401 Unauthorized</H1>
Your client does not have permission to get URL /axis-cgi/date.cgi from this server.
</BODY></HTML>
On the procedure, I try to connect twice because on D2005, sometimes I got an Unauthorized answer at my first try, and then I can connect at the second time with no problem. With D2010 I always get the Unauthorized answer.
The Url = 'http://user:pass#xxx.xxx.xxx.xxx/axis-cgi/date.cgi?action=get'
function TViewCameraForm.HttpGet(idHTTP : TidHTTP; Url : AnsiString): AnsiString;
Var
Res : AnsiString;
Begin
idHTTP1.Disconnect;
try
Res := idHTTP1.Get(Url);
If Pos('Unauthorized', Res) > 0 Then
Res := idHTTP1.Get(Url);
Result := Res;
except
on E: EIdHTTPProtocolException do begin
Result := E.ErrorMessage
end;
on E: Exception do begin
Result := E.message;
end;
end;
End;
Thanks
Sam
Did you try to authenticate using Basic Auth?
...
idHTTP1.Request.BasicAuthentication := True;
idHTTP1.Request.Username := 'user';
idHTTP1.Request.Password := 'pass';
Res := idHTTP1.Get(Url);
(using user:pass#website does not conform to the HTTP specification btw)