I enabled DEBUG = 2 on EnsLib.HTTP.OutboundAdapter, but I am still not seeing the entire Request message being sent within the Foreground display that pops up when I execute the Test. 

I was able to $$$LOGINFO(tHTTPRequest.OutputHeaders()) and verified that the header segment is being sent, but it is still throwing a 403 Forbidden error back at me.

I have tried that but still unable to see the Request or Response being sent...

Class User.REST.Epic.EpicOperation Extends (EnsLib.REST.Operation, Ens.Util.JSON)

{

Parameter DEBUG As %Integer = 2;

Parameter INVOCATION = "Queue";

Method getPatientLocationRequest(pRequest As User.REST.Epic.Msg.GetPatientLocationRequest, Output pResponse As EnsLib.HTTP.GenericMessage) As %Status

{

    set tSC = $$$OK

    try{

      set tHTTPRequest = ##class(%Net.HttpRequest).%New()

      do tHTTPRequest.SetHeader("Epic-Client-ID","ed7ca30e-c16a-4053-9233-bff4f5661bb4")

      $$$TRACE("HttpRequest: "_tHTTPRequest) <this returns me just a pointer 8@%Net.HttpRequest>

      set tRequest = ##class(%DynamicObject).%New()

      set tRequest.PatientID = pRequest.PatientID

      set tRequest.PatientIDType = pRequest.PatientIDType

      set tRequest.ContactID = pRequest.ContactID

      set tRequest.ContactIDType = pRequest.ContactIDType

      set tRequest.UserID = pRequest.UserID

      set tRequest.UserIDType = pRequest.UserIDType

      set reqMsg = tHTTPRequest.EntityBody.Write(tRequest)

      $$$TRACE("reqMsg: "_reqMsg)

      set tSC = tHTTPRequest.EntityBody.Write(tRequest.%ToJSON())

      set tURL = ..Adapter.URL

      set tSC = ..Adapter.Post(tURL)

      set stream = "".....

The issue was with the Custom Header field I needed for connecting to Epic.

IRIS

I am able to call the API without any issues using POSTMAN using the same username/password.

I am not sure I understand... I was using the example that was provided in the documentation.

https://docs.intersystems.com/healthconnectlatest/csp/docbook/DocBook.UI.Page.cls?KEY=EREST_operation#EREST_operation_json

If I have to have a Custom Header do I not have to define in this case the Client ID as part of the %DynamicObject?

    set tRequest = ##class(%DynamicAbstractObject).%New()

    set tRequest.clientID = "Epic-Client-ID = xxxxxxxx"

if I am using a Request Class Structure (osuwmc.Epic.Access.Request.GetPatientLocationByVisit2JsonRequest) isn't the set tRequest.payload = pRequest line correct?

%ALL was the issue. Why will this only work in Chrome and not Microsoft Edge? Chrome is a pig when it comes to Memory so I have been looking for an alternative.

I did try Chrome, but now I am receiving...

WebTerminal lost connection with server (code 1006).

I don't think we will be going to 2023.2 anytime soon, as we just got to 2022.1 in May. It will be another year at least before we upgrade again. I am just trying to use this on the version we have currently and not through VSCode, I was trying to get this running for my team to use in edition to the Management Portal.

Thanks, we tried taking an existing connection that was using the Local Interface Address of the VIP (ens192:1) and tracing it through the firewall to see what IP address it was associated with.

When we changed the port on the existing connection even though the Local Interface was set to the VIP, it started to send the other IP address assocated with ens192.

But if we changed the port back to the original port with the Local Interface set to the VIP it reverted back to sending the VIP in the packet header. 

I am questioning if we truly stop/started the object after making the change, but that is here nor there. 

I did open a ticket with WRC to get more information on how to troubleshoot the Local Interface setting, and the TCP Adapters definitions.

Upgraded to the latest driver, without any luck. Everything I read says it is not possible to Authenticate against Active Directory when you are not coming from a non Windows environment.

6.2 is what I already had loaded so I went with it. I will try the latest.

I tried the URL and when I went to test the connection I got an error about "authenticationScheme=NTLM" being invalid. Once I removed attribute, I am now getting "Driver can not be loaded" at least from the Management Portal. If I try it manually via Terminal to test connection it fails with a -1. When I look at the JDBC Gateway log I am seeing the following..

.%Net.Remote.Gateway..%WriteOutput.....May 16, 2023 1:48:05 PM com.microsoft.sqlserver.jdbc.AuthenticationJNI <clinit>.WARNING: Failed to load the sqljdbc_auth.dll cause : no sqljdbc_auth in java.library.path.
 

• Driver name: com.microsoft.sqlserver.jdbc.SQLServerDriver
• URL: jdbc:sqlserver://CPDDB.osumc.edu:1739;database=CPD;trustServerCertificate=true;integratedSecurity=true;domain=osumc;authentication=NotSpecified
• Class path: 

Do I need a Certificate installed on Linux for that to work?

We were using a Local Windows Authentication account with a Hardcoded user name and password for our jobs to connect to MS SQL for the longest time, but it was frowned upon as everyone knew the user and password to sign into the database. So we were asked to make a Service Account on the Domain through Active Directory. In our AIX/Linux world we had not use Active Directory authentication so it became an issue to try to figure out how to make it work. That's when I discovered jTDS. I am going to try what @Jeff Morgan pointed out below to see if I can make it work as I could never find the correct connection string to make the Microsoft Driver to work for us.

Wow how did you pin point that down? I never did see a ERROR #5023: Remote Gateway Error: java.lang.AbstractMethodError within the Operation/Process that would of shown me that.

Is there a better method to using Domain Service Accounts in Active Directory to connect to MS SQL through JDBC on Unix/Linux other than jTDS?

We are using the  jTDS (jtds-1.3.1.jar) driver because we are using Domain Service Accounts to access the databases. We are doing this because I could not get the Microsoft JDBC drivers to authenticate properly using the Domain Service Accounts in Active Directory being on Unix/Linux. 

:>java -version
openjdk version "1.8.0_362"
OpenJDK Runtime Environment (build 1.8.0_362-b09)
OpenJDK 64-Bit Server VM (build 25.362-b09, mixed mode)
 

Yes with WRC we saw a new Connection using the %JDBCGateway created each time. So if we already had %JDBCGateway running and executed each statement it would spawn a new connection that would say Established when you do a netstat -anp at the OS Level.