You are viewing a plain text version of this content. The canonical link for it is here.
Posted to httpclient-users@hc.apache.org by Jo...@eu.nabgroup.com on 2005/05/25 09:59:52 UTC
SSL and NTLM problems
Thanks to you guys who helped me work out how to finally post to this
group - much appreciated!
Hi folks, I'm having all kinds of trouble trying to get a secure socket
connection to the outside world via our IAS proxy server.
It seems that the following code is not finding a route out to the outside
world through the IAS proxy.
It also seems (this maybe related) not to be performing any kind of
authentication at all, since I can use username="username" and
password="password" and it does not complain about these credentials being
incorrect??
I wonder if anyone could help me out here as I admit I'm a bit of a
newcomer to all this stuff.
public static void main(String[] args) throws Exception {
NTCredentials creds = new NTCredentials("user","password","www-cache.eu.nag.net", "nag-eur");
HttpClient client = new HttpClient();
PostMethod method = new PostMethod("https://wwwpp50.landg.com/OrigoTermV3/GatewayV3/");
AuthScope authscope = new AuthScope("www-cache.eu.nag.net",443); // ISA proxy address
client.getState().setCredentials(authscope,creds);
int statusCode = 0;
try {
method.setRequestHeader("Content-Type", "text/xml");
method.setRequestBody("someXML"); // deprecated
statusCode = client.executeMethod(method);
} catch (HttpException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
System.out.println("Status Code 1: " + statusCode);
String responseBody = method.getResponseBodyAsString();
System.out.println("******" + responseBody);
method.releaseConnection();
}
}
I get (seems to attempt this 4 times, this is extract of third attempt)
...
Attempt number 3 to process request
24 May 2005 17:54:44,498 45142 [main] DEBUG:
org.apache.commons.httpclient.HttpConnection - enter HttpConnection.open()
24 May 2005 17:54:44,498 45142 [main] DEBUG:
org.apache.commons.httpclient.HttpConnection - Open connection to
wwwpp50.landg.com:443
24 May 2005 17:55:05,421 66065 [main] DEBUG:
org.apache.commons.httpclient.HttpConnection - enter
HttpConnection.closeSockedAndStreams()
24 May 2005 17:55:05,421 66065 [main] DEBUG:
org.apache.commons.httpclient.HttpMethodDirector - Closing the connection.
24 May 2005 17:55:05,421 66065 [main] DEBUG:
org.apache.commons.httpclient.HttpConnection - enter
HttpConnection.close()
24 May 2005 17:55:05,421 66065 [main] DEBUG:
org.apache.commons.httpclient.HttpConnection - enter
HttpConnection.closeSockedAndStreams()
24 May 2005 17:55:05,421 66065 [main] INFO:
org.apache.commons.httpclient.HttpMethodDirector - I/O exception caught
when processing request: No route to host: connect
24 May 2005 17:55:05,421 66065 [main] DEBUG:
org.apache.commons.httpclient.HttpMethodDirector - No route to host:
connect
java.net.NoRouteToHostException: No route to host: connect
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:329)
at
java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:194)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:181)
at java.net.Socket.connect(Socket.java:459)
at java.net.Socket.connect(Socket.java:409)
at java.net.Socket.<init>(Socket.java:315)
at java.net.Socket.<init>(Socket.java:197)
at com.ibm.jsse.bg.<init>(Unknown Source)
at com.ibm.jsse.JSSESocketFactory.createSocket(Unknown Source)
at
org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.createSocket(SSLProtocolSocketFactory.java:81)
at
org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.createSocket(SSLProtocolSocketFactory.java:126)
at
org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:704)
at
org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:382)
at
org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:168)
at
org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:393)
at
org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:324)
at
AlternateAuthenticationExample.main(AlternateAuthenticationExample.java:162)
24 May 2005 17:55:05,421 66065 [main] INFO:
org.apache.commons.httpclient.HttpMethodDirector - Retrying request
24 May 2005 17:55:05,421 66065 [main] DEBUG:
org.apache.commons.httpclient.HttpMethodDirector - Attempt number 4 ...
Any ideas on why its not actually managing to authenticate? I guess this
is the reason why it says "can't find route to host"
Thanks in advance, Jon Andrews
===============================================================
National Australia Group Europe Limited (Company Number 02108635, Registered Office 88 Wood Street, London EC2V 7QQ) (NAGE) is a subsidiary of National Australia Bank Limited (an Australian registered company). The following UK companies are authorised and regulated by the Financial Services Authority: Clydesdale Bank PLC (trading as Clydesdale Bank and Yorkshire Bank), MLC Savings Limited, MLC Trust Management Company Limited, Clydesdale Bank Insurance Brokers Limited, Yorkshire Bank Financial Services Limited, National Australia Insurance Services Limited and Custom Fleet Limited.
The views and opinions expressed in this email may not reflect the views and opinions of any member of the group of which NAGE forms part. The information contained in this message is confidential and may also be privileged. It is intended only for the addressee named above. The unauthorised use, disclosure, copying or alteration of this message is strictly prohibited. If you are not the addressee (or responsible for delivery of the message to the addressee), please notify the originator immediately by return message and destroy the original message. This message and any attachments have been scanned for viruses prior to leaving the NAGE network. However, NAGE does not guarantee the security of this message and will not be responsible for any damages arising as a result of any virus being passed on or arising from any alteration of this message by a third party. NAGE may monitor emails sent to and from the NAGE network.
Re: SSL and NTLM problems
Posted by "Bindul Bhowmik (GMail)" <bi...@gmail.com>.
Hi Jon,
NTCredentials creds = new NTCredentials("user","password","
> www-cache.eu.nag.net <http://www-cache.eu.nag.net>","nag-eur");
> HttpClient client = new HttpClient();
> PostMethod method = new PostMethod("
> https://wwwpp50.landg.com/OrigoTermV3/GatewayV3/");
> AuthScope authscope = new AuthScope("www-cache.eu.nag.net<http://www-cache.eu.nag.net>",443);
> // ISA proxy address
> client.getState().setCredentials(authscope,creds);
You are not specifying the proxy host to the HttpClient. Also, its better to
set the credentials for proxy using the setProxyCredentials method instead
of the setCredentials method.
Instead of
> client.getState().setCredentials(authscope,creds);
>
use the following:
HostConfiguration hostConfiguration = new HostConfiguration();
hostConfiguration.setProxy(proxyHost, proxyPort);
client.setHostConfiguration(hostConfiguration);
client.getState().setProxyCredentials(authscope, creds);
Hope this helps.
Regards,
Bindul
On 5/25/05, Jon.Andrews@eu.nabgroup.com <Jo...@eu.nabgroup.com> wrote:
>
> Thanks to you guys who helped me work out how to finally post to this
> group - much appreciated!
>
> Hi folks, I'm having all kinds of trouble trying to get a secure socket
> connection to the outside world via our IAS proxy server.
> It seems that the following code is not finding a route out to the outside
> world through the IAS proxy.
> It also seems (this maybe related) not to be performing any kind of
> authentication at all, since I can use username="username" and
> password="password" and it does not complain about these credentials being
> incorrect??
>
> I wonder if anyone could help me out here as I admit I'm a bit of a
> newcomer to all this stuff.
>
> public static void main(String[] args) throws Exception {
>
> NTCredentials creds = new NTCredentials("user","password","
> www-cache.eu.nag.net <http://www-cache.eu.nag.net>", "nag-eur");
> HttpClient client = new HttpClient();
> PostMethod method = new PostMethod("
> https://wwwpp50.landg.com/OrigoTermV3/GatewayV3/");
> AuthScope authscope = new AuthScope("www-cache.eu.nag.net<http://www-cache.eu.nag.net>",443);
> // ISA proxy address
> client.getState().setCredentials(authscope,creds);
> int statusCode = 0;
>
> try {
> method.setRequestHeader("Content-Type", "text/xml");
> method.setRequestBody("someXML"); // deprecated
> statusCode = client.executeMethod(method);
> } catch (HttpException e) {
> // TODO Auto-generated catch block
> e.printStackTrace();
> } catch (IOException e) {
> // TODO Auto-generated catch block
> e.printStackTrace();
> }
> System.out.println("Status Code 1: " + statusCode);
> String responseBody = method.getResponseBodyAsString();
> System.out.println("******" + responseBody);
> method.releaseConnection();
> }
> }
>
> I get (seems to attempt this 4 times, this is extract of third attempt)
>
> ...
>
> Attempt number 3 to process request
> 24 May 2005 17:54:44,498 45142 [main] DEBUG:
> org.apache.commons.httpclient.HttpConnection - enter HttpConnection.open()
> 24 May 2005 17:54:44,498 45142 [main] DEBUG:
> org.apache.commons.httpclient.HttpConnection - Open connection to
> wwwpp50.landg.com:443 <http://wwwpp50.landg.com:443>
> 24 May 2005 17:55:05,421 66065 [main] DEBUG:
> org.apache.commons.httpclient.HttpConnection - enter
> HttpConnection.closeSockedAndStreams()
> 24 May 2005 17:55:05,421 66065 [main] DEBUG:
> org.apache.commons.httpclient.HttpMethodDirector - Closing the connection.
> 24 May 2005 17:55:05,421 66065 [main] DEBUG:
> org.apache.commons.httpclient.HttpConnection - enter
> HttpConnection.close()
> 24 May 2005 17:55:05,421 66065 [main] DEBUG:
> org.apache.commons.httpclient.HttpConnection - enter
> HttpConnection.closeSockedAndStreams()
> 24 May 2005 17:55:05,421 66065 [main] INFO:
> org.apache.commons.httpclient.HttpMethodDirector - I/O exception caught
> when processing request: No route to host: connect
> 24 May 2005 17:55:05,421 66065 [main] DEBUG:
> org.apache.commons.httpclient.HttpMethodDirector - No route to host:
> connect
> java.net.NoRouteToHostException: No route to host: connect
> at java.net.PlainSocketImpl.socketConnect(Native Method)
> at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:329)
> at
> java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:194)
> at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:181)
> at java.net.Socket.connect(Socket.java:459)
> at java.net.Socket.connect(Socket.java:409)
> at java.net.Socket.<init>(Socket.java:315)
> at java.net.Socket.<init>(Socket.java:197)
> at com.ibm.jsse.bg.<init>(Unknown Source)
> at com.ibm.jsse.JSSESocketFactory.createSocket(Unknown Source)
> at
>
> org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.createSocket
> (SSLProtocolSocketFactory.java:81)
> at
>
> org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.createSocket
> (SSLProtocolSocketFactory.java:126)
> at
> org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:704)
> at
> org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(
> HttpMethodDirector.java:382)
> at
> org.apache.commons.httpclient.HttpMethodDirector.executeMethod(
> HttpMethodDirector.java:168)
> at
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java
> :393)
> at
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java
> :324)
> at
> AlternateAuthenticationExample.main(AlternateAuthenticationExample.java
> :162)
> 24 May 2005 17:55:05,421 66065 [main] INFO:
> org.apache.commons.httpclient.HttpMethodDirector - Retrying request
> 24 May 2005 17:55:05,421 66065 [main] DEBUG:
> org.apache.commons.httpclient.HttpMethodDirector - Attempt number 4 ...
>
> Any ideas on why its not actually managing to authenticate? I guess this
> is the reason why it says "can't find route to host"
>
> Thanks in advance, Jon Andrews
>
> ===============================================================
> National Australia Group Europe Limited (Company Number 02108635,
> Registered Office 88 Wood Street, London EC2V 7QQ) (NAGE) is a subsidiary of
> National Australia Bank Limited (an Australian registered company). The
> following UK companies are authorised and regulated by the Financial
> Services Authority: Clydesdale Bank PLC (trading as Clydesdale Bank and
> Yorkshire Bank), MLC Savings Limited, MLC Trust Management Company Limited,
> Clydesdale Bank Insurance Brokers Limited, Yorkshire Bank Financial Services
> Limited, National Australia Insurance Services Limited and Custom Fleet
> Limited.
>
> The views and opinions expressed in this email may not reflect the views
> and opinions of any member of the group of which NAGE forms part. The
> information contained in this message is confidential and may also be
> privileged. It is intended only for the addressee named above. The
> unauthorised use, disclosure, copying or alteration of this message is
> strictly prohibited. If you are not the addressee (or responsible for
> delivery of the message to the addressee), please notify the originator
> immediately by return message and destroy the original message. This message
> and any attachments have been scanned for viruses prior to leaving the NAGE
> network. However, NAGE does not guarantee the security of this message and
> will not be responsible for any damages arising as a result of any virus
> being passed on or arising from any alteration of this message by a third
> party. NAGE may monitor emails sent to and from the NAGE network.
>
>
Re: SSL and NTLM problems
Posted by Roland Weber <RO...@de.ibm.com>.
Hello Jon,
Jon.Andrews@eu.nabgroup.com wrote on 25.05.2005 09:59:52:
> java.net.NoRouteToHostException: No route to host: connect
> at java.net.PlainSocketImpl.socketConnect(Native Method)
> at com.ibm.jsse.JSSESocketFactory.createSocket(Unknown Source)
>
> Any ideas on why its not actually managing to authenticate? I guess this
> is the reason why it says "can't find route to host"
No, it's the other way round. The program cannot find a route to the host,
and if it can't connect to the host, how should it authenticate against
it?
First, check the proxy settings you specify for HttpClient. There is
nothing in your code, so HttpClient may be trying to connect to the
target host directly.
hope that helps,
Roland