How to call a Web Service from CF7 using Client Certificate based ("Bilateral") authentication (Win)

Posted At : 16 February 2010 22:42 | Posted By : Dan Lancelot
Related Categories: XML,ColdFusion

If you have to call a web service from ColdFusion 7 - and the destination web service enforces bilateral SSL authentication (i.e. the caller has to supply a client certificate to prove who they are, as well as the destination supplying a server certificate to prove who it is...) - then the options, in descending order of preference are:

  1. Check / ask really nicely / beg / etc. to see if there is a way of calling the web service without passing a client SSL certificate
  2. Use CF8 (or later) - I believe that you will still need to do the SOAP generation by hand, as cfobject / cfinvoke do not appear to allow a client certificate to be set - but you can use cfhttp and specify the clientcert and clientcertpassword attributes - which avoids having to use the WinHttp.WinHttpRequest COM object as shown below.
  3. Use the WinHttp.WinHttpRequest COM object as shown below...

ColdFusion (when running on windows) allows (and has allowed for several versions) COM objects to be called from within CF code, using the CFOBJECT tag or CreateObject() function.

Built into the following versions of windows, is the WinHTTP 5.1 COM object:

WinHTTP 5.1 is available only with Windows Server 2003, Windows XP with Service Pack 1 (SP1), and Windows 2000 Professional with Service Pack 3 (SP3). (I suspect that it may also be available in Windows 2008)

This provides similar functionality to CFHTTP - but at a lower level.  In particular it allows a client certificate to be specified, using the SetClientCetificate function.

This is not as simple as it seems - where as in CF8 using CFHTTP you just have to specify the physical location of the client certificate file - the WinHttp object requires that the client certificate is first imported into a certificate store - and then the reference to the certificate provided to the SetClientCetificate function:

ClientCertificate [in]

Specifies the location, certificate store, and subject of a client certificate

To cut a very long (well around 5 hours) story short, this is how I finally got it to work:

[More]

Comments (3) | Print | Send | del.icio.us | Linking Blogs | 1083 Views

SQL Server DB documentation from schema

Posted At : 11 May 2009 20:54 | Posted By : Dan Lancelot
Related Categories: Documentation,XML,Database

I am in the (fun!) process of documenting an application I created nearly 5 years ago, in which the majority of the functionality is controlled by the database (it's a business workflow automation tool).

Reverse engineering substantially reduces the size of the task - Visio's Database > Reverse Engineer... command is a real time saver when you have foreign key constraints defined, makes generation of an ERD no more complicated than arranging all the boxes so that none (or few!) of the relationship lines cross!

A little utility contributed to the Code Project website makes the process of creating table and field documentation much easier: http://www.codeproject.com/KB/database/sqldoc.aspx

This utility can be pointed at a SQL server database, and will generate an HTML document listing all the tables and fields in the database, together with data types, nullable, default values and description fields from the db schema.

It uses an XSLT transformation to convert the xml generated to an HTML document. This can be edited so that it's closer to final requirements - I have updated the XSLT to place anchors on each table name, and links at the top of the file to each table.

This makes it a much less arduous task to document each table and field - I can edit the file in dreamweaver and just add descriptions for each field and table.

Comments (3) | Print | Send | del.icio.us | Linking Blogs | 1870 Views

XML for application planning???

Posted At : 03 April 2007 19:44 | Posted By : Dan Lancelot
Related Categories: Best Practice?,XML,ColdFusion

I am in the process of converting a Fusebox 5.1 application to an MVC implementation.

This is a relatively complex task, as I am also wanting to split the application into 2 - in order to allow shared functionality to be implemented once, and create another instance of the application with a different controller, and some unique functionality.

I was a little stumped at first to know how to visualise the folder structure for the application - I started laying it out within Visio - but quickly realised that this was not sustainable - Visio is great for visualising many aspects of an application design - but its not ideal for representing a large tree structure.

Then I thought - what about using XML - XML is great for representing hierarchical structures - and using the design view within the Eclipse WTP XML editor, its very quick to add, edit, move, and duplicate elements.

[More]

Comments (0) | Print | Send | del.icio.us | Linking Blogs | 2328 Views

Using Eclipse Web Tools XML editor for fusebox xml.cfm files

Posted At : 02 April 2007 23:51 | Posted By : Dan Lancelot
Related Categories: XML,CFEclipse

I've been looking for a decent XML editor for Eclipse since I started working with Fusebox 5.

My main requirements are:

  • Validation of XML syntax
  • Validation of XML against a DTD
  • Location aware content assist - that only prompts with elements that are actually valid for the current location

I tried a few plugins

  • Oribe XML - Not bad, validates against DTD, provides basic content assist, but not location aware

    • I'm Impressed :)

  • Aptana Plugin - this offers an excellent all round web dev IDE for CSS, HTML, Javascript etc. - and also comes with an XML editor. Unfortunately this seems a little lacklustre in comparison to the other tools - no content assist or DTD validation as far as I could see

Reading through the Transfer Documentation, I noticed a link to the Web Tools Platform for Eclipse.

I was amazed - this seems to offer so much out of the box - I'm surprised I hadn't heard more hype about it.

To install, its simply a matter of going to the Help > Software Updates > Find and Install menu item, and selecting Callisto Discovery Site. This gives a huge list of available plugins - including the WTP. Selecting this prompts that there are other dependencies - clicking the Select Required selects them for you.

It is common practice within fusebox, to suffix the fusebox.xml and circuit.xml files with .cfm - this does prevent eclipse from associating the files with the XML editor.

This can be achieved by:

  • Selecting General > Content types from the Preferences dialogue box
  • Selecting Text > XML from the Content types: tree
  • Click the Add... button, and adding the File associations &quo;fusebox.xml.cfm&quo; and &quo;circuit.xml.cfm&quo;
  • Click the File Associations link at the top of the dialogue box
  • Click the top Add... button, and add the &quo;fusebox.xml.cfm&quo; and &quo;circuit.xml.cfm&quo; file types
  • Select each of the file types in turn, and the associated editors should appear in the Associated Editors list at the bottom.
  • Click on XML Editor, and then click the Default button

Now fusebox.xml.cfm and circuit.xml.cfm should open with the WTP XML editor by default.

This offers all my specified features, plus a "Design" view - unfortunately this seems to load by default - but its no problem to click the tab and get the Source view.

NB In order for DTD validation and content assist to operate, there must be a reference to the Doctype at the top of the XML document.

I believe the reference DTD's are located at http://www.fusebox.org/fusebox.dtd and http://www.fusebox.org/circuit.dtd

UPDATE: The files available from http://www.fusebox.org/ are not the latest - the latest DTD's should be included in the framework download, or can be downloaded directly from the repository: http://trac.fuseboxframework.org/fusebox/browser/framework/trunk/fusebox.dtd?format=raw and http://trac.fuseboxframework.org/fusebox/browser/framework/trunk/circuit.dtd?format=raw

I have a copy hosted locally on my development machine, so that the XML editor is not repeatedly retrieving the document from the internet - which can be a problem if i am working offline:

<!DOCTYPE circuit SYSTEM "http://localhost/dtds/circuit.dtd">

Comments (3) | Print | Send | del.icio.us | Linking Blogs | 4581 Views
BlogCFC was created by Raymond Camden. This blog is running version 5.5.1, hosted by TalkWebSolutions.