ExtendedPTVServlet unauthorized access

deals with geocoding and reverse geocoding in the context of PTV Geocoding&Places, PTV Geocoding&Places OSM and PTV xLocate 1 and 2
Post Reply
steiner
Posts: 15
Joined: Tue Mar 29, 2016 10:58 am
Contact:

ExtendedPTVServlet unauthorized access

Post by steiner »

Hello,

I have a problem with the xlocate-module from xServer. We use on our custom-server the Version 1.20.1.0. Now i'm testing the Version 1.22 on my pc. On both system i get following issue:

Every time when i search for a City with findAddressByText i get a unauthorized Access. But i get a result and no error-message in our application. We use http-Authentification.

When i changes the credentials in the users.properties, then i get no result and a error-messages in the application.

this is the log-entry in xlocate-server.log:
2016-03-29 11:04:21,077;WARN;com.ptvag.jabba.core.session.ExtendedPTVServlet;unauthorized access
2016-03-29 11:04:23,874;INFO;RequestTimes;cdbee04c-c0a4-4e0a-9f0a-71adb76e78bb;10.0.0.57;csuser;50020;unknown-cluster;XLocate.findAddressByText;true;;;;none;m0001;2;0;0;2788;0;2;2789;2794;NO-TXN;e,locating;4130012.964105,5284121.111163;4204076.977974,5268729.981817;;1;;-;-;-
The same issue i get with the Testclient xLocate, i have today downloaded from this forum:
2016-03-29 13:12:33,083;WARN;com.ptvag.jabba.core.session.ExtendedPTVServlet;unauthorized access
2016-03-29 13:12:33,279;INFO;RequestTimes;70a53b5d-2edb-40e2-847c-b0dca3ba9e20;127.0.0.1;csuser;50020;unknown-cluster;XLocate.findAddressByText;true;PTVXLocate Testclient;;;default;m0001;1;0;0;182;0;3;182;188;NO-TXN;locating;;;;1;;-;-;-
It's like the search tries a funktion we don't have lisenced or the search tries a second authentification, that doesn't work (ex https).

I hope someone can help me.

best regards
Jürgen
User avatar
Bernd Welter
Site Admin
Posts: 2695
Joined: Mon Apr 14, 2014 10:28 am
Contact:

Re: ExtendedPTVServlet unauthorized access

Post by Bernd Welter »

Hello Jürgen,

looks like this is a framework issue. I made some tests on my local machine but I need some backend experts for further statements. I already triggered them but due to easter vacancies it might take some days (most of them are out-of-order this week).

Best regards
Bernd

PS:
I used a C# client where I override some web request objects.
A single call in the source produces 2 succeeding XML postings. Strange.
Looks similar to what you describe: one malicious response due to failed authentication and one successful one
Used PORTMON tool to capture traffic. Within a single HTTP conn there are two XML requests send - and two responses received: one is an empty geocoder result list (successful), the other one is an exception
Used PORTMON tool to capture traffic. Within a single HTTP conn there are two XML requests send - and two responses received: one is an empty geocoder result list (successful), the other one is an exception
Bernd Welter
Technical Partner Manager Developer Components
PTV Logistics - Germany

Bernd at... The Forum,LinkedIn, Youtube, StackOverflow
I like the smell of PTV Developer in the morning... :twisted:
Joost
Posts: 310
Joined: Fri Apr 25, 2014 1:46 pm

Re: ExtendedPTVServlet unauthorized access

Post by Joost »

For C# the behavior of sending 2 request is pretty common. I found an article that explains this:

http://stackoverflow.com/questions/6338 ... redentials

It could be that this is also the cause for the behavior Jurgen is seeing.
Joost Claessen
Senior Technical Consultant
PTV Benelux
User avatar
Bernd Welter
Site Admin
Posts: 2695
Joined: Mon Apr 14, 2014 10:28 am
Contact:

Re: ExtendedPTVServlet unauthorized access

Post by Bernd Welter »

Hello together and thanks, Joost,

yeah, now we have a description of "what happens", but still no solution of "how to properly handle this" - do we?
Though some part of the HTTP communication looks successful the overall handling in the source is "there is an error".
How can we get rid of this?

Or are you (Jürgen) happy with Joosts hint?

Best regards Bernd
Bernd Welter
Technical Partner Manager Developer Components
PTV Logistics - Germany

Bernd at... The Forum,LinkedIn, Youtube, StackOverflow
I like the smell of PTV Developer in the morning... :twisted:
steiner
Posts: 15
Joined: Tue Mar 29, 2016 10:58 am
Contact:

Re: ExtendedPTVServlet unauthorized access

Post by steiner »

Hello,

thanks for your help.

Basically everything in our program works. So it isn't a real problem.

We use the same function to set the Credentials (request.Credentials). So i try to set HttpHeader instead of using request.Credentials.

Thanks Joosts for the link.

@Bernd, I'm happy :D
User avatar
Bernd Welter
Site Admin
Posts: 2695
Joined: Mon Apr 14, 2014 10:28 am
Contact:

Re: ExtendedPTVServlet unauthorized access

Post by Bernd Welter »

Thanks for the explizit "you're done", Jürgen

:mrgreen:
Bernd Welter
Technical Partner Manager Developer Components
PTV Logistics - Germany

Bernd at... The Forum,LinkedIn, Youtube, StackOverflow
I like the smell of PTV Developer in the morning... :twisted:
Post Reply