2

I'm trying to download a .csv file on a remote server location using ColdFusion (version 2016). I used the cfhttp tag to perform this operation but I keep getting the following error:

401 UNAUTHORIZED

I checked with the server admin of the remote server to verify that I have the right domain name, userid and password and the admin confirmed it. I couldn't find anything similar on SO, hence posting this question. Hoping someone can help me out.

PS: I don't have access to the ColdFusion Administrator since it is hosted by a separate team.

Below is my code (actual values replaced with dummy data for security):

  <cfhttp  url="https://xxx.yyy.com/abcd/xyz/myfolder/myFile.csv">
    <cfhttpparam type="header" name="Authorization"  
        value="Basic #ToBase64("MydomainName\Myuserid:Mypassword")#" />
  </cfhttp>
  <cfdump  var="#cfhttp.filecontent#" label="CSV file content">
  <cfabort>
Roger Dodger
  • 927
  • 2
  • 16
  • 37
  • 2
    The web server that hosts the .csv file needs to be configured to serve .csv files. Are you confident that it is? – Redtopia Sep 25 '18 at 22:03
  • Redtopia - yes, I'm able to open the csv file if I type in the url in a browser, which means that the server is configured to serve csv files. – Roger Dodger Sep 25 '18 at 22:29
  • 1
    Is it the https connection? And is the auth header in the correct format? EDIT: 401 means you aren't properly logged in. – Shawn Sep 25 '18 at 22:34
  • 1
    Check https://stackoverflow.com/questions/20469194/coldfusion-https-connection-failure – Shawn Sep 25 '18 at 22:45
  • @Shawn - I'm able to successfully connect to a different remote location with the same csv file using https; it's just this remote server I'm having a problem with. – Roger Dodger Sep 25 '18 at 23:40
  • If you're certain it uses "Basic Authentication", [cfhttp](https://helpx.adobe.com/coldfusion/cfml-reference/coldfusion-tags/tags-g-h/cfhttp.html) supports that. Rather than trying to generate the "Authorization" header manually, have you tried using the `username` and `password` attributes instead? *".. Use to pass a user name to the target URL for Basic Authentication. Combined with password to form a base64 encoded string that is passed in the Authenticate header. "* – SOS Sep 26 '18 at 03:57
  • @Ageax - tried that approach as well (separate username & password params) - still get the same '401 UNAUTHORIZED' error. – Roger Dodger Sep 26 '18 at 13:52
  • Did you verify the other end is using "Basic Authentication" (default)? If they're using NTLM, try specifying `authType="NTML"` (may also need to specify the `domain`). https://helpx.adobe.com/coldfusion/cfml-reference/coldfusion-tags/tags-g-h/cfhttp.html – SOS Oct 01 '18 at 14:49

1 Answers1

2

It might be that your auth string is wrong. To avoid confusion and while debugging, I would suggest something like this:

<cfset myDomainName = "MydomainName" />
<cfset myUserId = "Myuserid" />
<cfset myPassword = "Mypassword" />

<cfset authString = "Basic " & ToBase64('#myDomainName#' & '\' & '#myUserId#' & ':' & '#myPassword#') />

<cfhttp  url="https://xxx.yyy.com/abcd/xyz/myfolder/myFile.csv">

  <cfhttpparam type="header" name="Authorization"  
        value="#authString#" />

</cfhttp>

<cfdump  var="#cfhttp.filecontent#" label="CSV file content">
<cfabort>

I hope this helps.

Alex Baban
  • 11,312
  • 4
  • 30
  • 44
  • I used a different url (that is working) by mistake and it read the file. Getting the same 401 Unauthorized error with the right url. – Roger Dodger Sep 25 '18 at 21:54
  • 1
    @RogerDodger Is that URL on a different domain or not HTTPS? – Shawn Sep 25 '18 at 22:41
  • @Shawn - it is https because when I type the full url in a browser, I'm able to access the csv file without any problem; the domain name is different from the url - that shouldn't be an issue, correct? – Roger Dodger Sep 25 '18 at 23:32
  • 1
    You can access `https://xxx.yyy.com/abcd/xyz/myfolder/myFile.csv` from a browser? How about from a browser on the ColdFusion server? It sounds like you may need to import the certificate into CF. – Shawn Sep 26 '18 at 13:57
  • I don't have access to the CF server as it is hosted externally; importing the cert is not an option for me. I'm now switching over to cfsharepoint to see if I have any luck with that. – Roger Dodger Sep 27 '18 at 17:22