Cipher not initialized exception while invoking the Salesforce service through OSB

Cipher not initialized exception while invoking the Salesforce service through OSB

We are getting the "Cipher not initialized" exception wile invoking the Salesforce services through OSB.

We are able to invoke the login.salesforce.com URL successfully and able to receive the session id, also this exception was thrown only for a particular sandbox but the all other sandbox invocation is successful.

The "Cipher not initialized" exception will be thrown when there is no common Ciphers available between the client and server while negotiating the SSL communication.

We have raised a case with Salesforce regarding this and receive the response as "We recently upgraded our Cipher suites for SSL. To resolve the issue upgrade latest version of Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files- 6 for JDK1.6 on middleware."

After upgrading the Unlimited Strength Jurisdiction Policy Files in all the servers nodes we are able to invoke the service successfully.

Steps to resolve the issue

• Download the Unlimited Strength Jurisdiction Policy Files from http://www.oracle.com/technetwork/java/javase/downloads/index.html(Under Additional Resources" section), for java 1.6 use http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html
• Unzip the downloaded zip 
• Copy local_policy.jar and US_export_policy.jar to the $JAVA_HOME/jre/lib/security in all the OSB nodes.
• Restarts the servers.

Now you will be able to invoke the service successfully.

Integrating Adobe Experience Manager(AEM) with REST services

Integrating Adobe Experience Manager(AEM) with REST services

The below document explains the approach to integrate Adobe CQ5 with REST services.



Download Integrating_CQ5_with_RESTServices.pdf

java.io.IOException: Server returned HTTP response code: 400 - While invoking the Salesforce login url from java to get the access token

java.io.IOException: Server returned HTTP response code: 400 - While invoking the Salesforce login url from java to get the access token

I was getting the below exception while invoking the Salesforce login url to get the OAuth access_token from java.

java.io.IOException: Server returned HTTP response code: 400 for URL: https://login.salesforce.com/services/oauth2/token
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1436)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
at RestCaller.execute(RestCaller.java:46)
at RestCaller.main(RestCaller.java:10)

This exception will happen normally when the values of client_id, client_security, username and password are not specified correctly while invoking the login url - https://login.salesforce.com/services/oauth2/token to get the OAuth access token.

"grant_type=password&client_id=13MVG9Y6d_xxxxxxx&client_secret=8039xxxxx&username=albinsharpxxxxx&password=Albinxxxx"

In my case, I have specified all the values properly but still it was not working, it worked after resetting the password and getting the new security token - password(password+security token)

Invoking Salesforce REST based web service from Java

Invoking Salesforce REST based web service from Java

This post will explain the approach to call the Salesfore REST based webservice through java.
I have exposed a Apex class as REST service from salesforce to fetch the account details.

@RestResource(urlMapping='/AccountDetails/*')
global with sharing class AccountDetails {

    @HttpGet
    global static Account doGet() {
        RestRequest req = RestContext.request;
        RestResponse res = RestContext.response;
        String accountId = req.requestURI.substring(req.requestURI.lastIndexOf('/')+1);
        System.debug('Account Id:'+accountId);
        Account result = [SELECT Id, Name, Phone, Website FROM Account WHERE Id = :accountId];
        return result;
    }
}

The communication is of two steps

•  getting the access_token 
•  invoking the service endpoint by attaching the access_token to the request.

To obtain an access token, we will send an HTTP POST request to the authentication endpoint exposed by Salesforce - https://login.salesforce.com/services/oauth2/token  with the details client_id, client_secret, username and password.This values can be get from the configured Connected Apps from salesforce.

Ignoring the Host Name verification while invoking the HTTPS service through HttpsURLConnection

Ignoring the Host Name verification while invoking the HTTPS service through HttpsURLConnection

Sometimes you may receive the Host Name mismatch exception while invoking the HTTPS service from the Java client even though the valid certificate is installed to the key store.

javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching <Host Name> found

The root cause of the exception is the CN name of the certificate is not matching with the host name used to connect the service.

In real scenario while the certificate is signed with third party certificate authority , the CN name will be specified as the host name of the server where the service is hosted or wildcard name will be specified e.g *.example.com to represent all sub domains in a domain. So there will not be any issue while connecting to the service.

This mismatch exception will happen most of the time communicating with self signed certificate, the certificate is signed with CN name that is not matching with the host name.

How to Fix the issue

To resolve the issue, the certificate should be signed with proper CN name or we can create a custom host name verifier to customize the host name verification functionality.

We have to return true from the custom host name verifier for the host name for which the CN name is mismatching.This will connect to the service irrespective of the host name used .

import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.URL;
import java.net.HttpURLConnection;

public class HTTPCaller {
static {
   javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(
   new javax.net.ssl.HostnameVerifier(){
       public boolean verify(String hostname,
               javax.net.ssl.SSLSession sslSession) {
           if (hostname.equals("localhost")) {
               return true;
           }
           return false;
       }
   });
}

    public static String execute() {
        String targetURL="https://localhost/test"
        URL url;
        HttpURLConnection connection = null;
        try {
            url = new URL(targetURL);
            url = new URL(url.toString());              

            connection = (HttpURLConnection)url.openConnection();
            connection.setRequestProperty("accept", "application/xml"); //for GET service to return xml payload

            InputStream is = connection.getInputStream();
            BufferedReader rd = new BufferedReader(new InputStreamReader(is));
            System.out.println("\n Received response" + System.currentTimeMillis());

            String line;
            StringBuffer response = new StringBuffer();
            while ((line = rd.readLine()) != null) {
                response.append(line);
                response.append('\r');
            }
            rd.close();
            return response.toString();
        } catch (Exception e) {
            e.printStackTrace();
            return (e.getClass().getName()+":"+e.getMessage().toString());
        }
        finally {
            if (connection != null) {
                connection.disconnect();
            }
        }
    }