Error from PAS using the Openedge.Web.WebRequest in the Hybr

Posted by on 02-Mar-2018 05:52

Hi All 

I am trying to use the Openedge.Web.WebRequest class to access header data passed in on a request.

I want to do this as part of the HybridRealm class so i can use the header data as part of the authentication.

My code syntax checks but when it runs in the PAS it causes all sorts of errors and hangs the PAS e.g.

11:35:20.727/4438 [localhost-startStop-1] WARN com.progress.appserv.Prop - Using default value for minAgents: 0
11:35:20.727/4438 [localhost-startStop-1] WARN com.progress.appserv.Prop - Using default value for agentStartLimit: 1
11:35:20.727/4438 [localhost-startStop-1] WARN com.progress.appserv.Prop - Development Server is limited to 1 agent
11:35:20.727/4438 [localhost-startStop-1] WARN com.progress.appserv.Prop - Development Server is limited to 5 concurrent requests
11:35:20.727/4438 [localhost-startStop-1] WARN com.progress.appserv.Prop - Using default value for agentWatchdogTimeout: 3000
11:35:22.765/6476 [localhost-startStop-1] WARN c.p.appserv.IdleResourceWatchdog - Idle resource watchdog disabled
11:35:57.268/40979 [4nPvP1wJQPG6VaguLVow1A-agent-watchdog] WARN c.p.appserv.PoolMgt.AgentWatchdog - AgentWatchdog(4nPvP1wJQPG6VaguLVow1A) : agent 8xs80egKSgeSmtbUd939Pw PID= 8572 has terminated.
11:35:57.280/40991 [catalina-exec-1] ERROR com.progress.appserv.Session - LocalSession(kUghJ_zEQcOgS6-AKRBf9Q) : error occurred while reading a message readMsg() = Socket operation on nonsocket: recv failed:Socket operation on nonsocket: recv failed. (18300)
11:35:57.281/40992 [catalina-exec-1] WARN com.progress.appserv.Agent - TcpAgentConnectionPool(W6FMmO2DSXy0Hc3fJbi5Cw) : removeAgentConnection() failed to remove connection : size= 0 max= 1
11:35:57.281/40992 [catalina-exec-1] ERROR com.progress.appserv.Session - LocalSession(kUghJ_zEQcOgS6-AKRBf9Q) : an error occurred while reading response message = Socket operation on nonsocket: recv failed:Socket operation on nonsocket: recv failed. (18296)
11:35:57.299/41010 [catalina-exec-1] ERROR c.p.a.s.s.OERealmUserDetailsImpl - Username load error for ibs re: Realm o4gl error: com.progress.open4gl.Open4GLException: Communication layer message: General Error: READPACKET IOException :$NetworkException: Agent (NetworkError[ Socket operation on nonsocket: recv failed : Error reading message for (kUghJ_zEQcOgS6-AKRBf9Q) = Socket operation on nonsocket: recv failed]:Agent). (7175)
11:35:57.300/41011 [catalina-exec-1] WARN - User not found: ibs

Code attached.




All Replies

Posted by Peter Judge on 02-Mar-2018 08:06

It looks like the agent failed to start (or crashed). Check the *.agent.log in the instance’s /logs/ folder.
That said, I am not sure that the calls made to the OERealm are via the WEB transport (so you won’t have access to the WebRequest).

Posted by Irfan on 02-Mar-2018 11:39

Hi Christian,

As Peter mentioned, the calls to HybridRealm does not pass any of the WebRequest objects. What is your use-case and what headers would you like to pass it to HybridRealm ?

Posted by on 05-Mar-2018 08:48

Hi Ifran

That is strange because i am sure i did have this working..

Also if i add the same code in the pasoe_activate procedure it crashes as well e.g.

The use case for being able to access this information is that i want ti use 2FA as part of the authentication process.

The Hybridrealm only checks the username and password as sent in the basic authentication header but i want the client to send a TOTP token as well in a separate header so i can validate this as well.


Posted by on 05-Mar-2018 09:03

Its a bit more nuanced.

If i try and use the following code:

ASSIGN oRequest = NEW Openedge.Web.WebRequest().
MESSAGE "Secret Key: " oRequest:GetHeader("secretkey").

in the pasoe_activate procedure just after the PAS has started then this crashes the PAS.

If i add this code in after a sucessful request then i start to see the secretkey appear in the log files and the PAS behaves normally.

This looks like a bug to me and i suspect this is the same issue with the HybridRealm.cls.


Posted by Peter Judge on 05-Mar-2018 10:38

This is logged as PSC00360762 (The WEB-CONTEXT system handle is not available in the activate procedure of PAS OE) . Please contact Tech Support to get yourself associated with the issue, especially if it’s causing a GPF/crash in the agent.

Posted by on 05-Mar-2018 14:35

Should it not be available in the Hybridrealm as well?

Posted by Irfan on 05-Mar-2018 14:42

HybridRealm class only gets executed by OERealmAuthProvider class from Spring and this is an internal appserver call. So for this call, it should not have any WEB-CONTEXT related information AFAIK.

For a use-case where you wanted to pass headers instead of user-id you go for CustomAuthoriization. It will allow you to pass header information like 'Authorization'  in the Custom Authorization class( a flavor of HybridRealm).

Posted by on 06-Mar-2018 04:46

Hi Irfan

Could you provide an example of how to do this?



Posted by Irfan on 06-Mar-2018 19:15

Hi Christian,

Please find attached the file that uses customAuthorization configuration. The use-case, that I have used here is to send a token using Authorization header which has schema 'Bearer' and validate that token in my CustomAuthorization class.Also, I have attached my CustomAuthorization class that validates the token.

Mike Jacobs gave a presentation on using 2FA with PASOE. I would recommend going through that presentation. Here is the link -


This thread is closed