You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by bu...@apache.org on 2002/03/22 22:22:06 UTC
DO NOT REPLY [Bug 7373] New: -
HTTPSender does not support HTTPS through an Auth. Proxy
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7373>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7373
HTTPSender does not support HTTPS through an Auth. Proxy
Summary: HTTPSender does not support HTTPS through an Auth. Proxy
Product: Axis
Version: beta-1
Platform: PC
OS/Version: Windows NT/2K
Status: NEW
Severity: Normal
Priority: Other
Component: Basic Architecture
AssignedTo: axis-dev@xml.apache.org
ReportedBy: dale5540@hotmail.com
HTTPSender needs to supply the Proxy-Authorization String when connecting to an
Authenticating proxy when doing HTTPS.
Consider changing:
out.print("CONNECT " + host + ":" + port + " HTTP/1.0\n"
+ "User-Agent: AxisClient"
+ "\r\n\r\n");
To:
String tunnelUser = System.getProperty("https.proxyUser");
String tunnelPassword = System.getProperty("https.proxyPassword");
if (tunnelUser == null) tunnelUser =
System.getProperty("http.proxyUser");
if (tunnelPassword == null) tunnelPassword =
System.getProperty("http.proxyPassword");
String msg = "CONNECT " + host + ":" + port + " HTTP/1.0\n"
+ "User-Agent: AxisClient";
if (tunnelUser != null && tunnelPassword != null) {
//add basic authentication header for the proxy
sun.misc.BASE64Encoder enc = new sun.misc.BASE64Encoder();
String encodedPassword =
enc.encode((tunnelUser + ":" + tunnelPassword).getBytes());
msg = msg + "\nProxy-Authorization: Basic " + encodedPassword;
}
msg = msg + "\nContent-Length: 0";
msg = msg + "\nPragma: no-cache";
msg = msg + "\r\n\r\n";
out.print(msg);
Or even better lookup the UserName and Password from the java.net.Authenticator
class instead of System Properties (more secure, cant see password with a ps)
PasswordAuthentication pa =
Authenticator.requestPasswordAuthentication(
InetAddress.getByName(tunnelHost),
tunnelPort, "SOCK", "Proxy","HTTP");
if(pa == null){
printDebug("No Authenticator set.");
}else{
printDebug("Using Authenticator.");
tunnelUserName = pa.getUserName();
tunnelPassword = new String(pa.getPassword());
}