You are viewing a plain text version of this content. The canonical link for it is here.
Posted to httpclient-users@hc.apache.org by Bogdan Mihaila <bm...@yahoo.com> on 2005/12/07 10:04:04 UTC
ssl with proxy
Hello!
I am trying to connect to a resource using https and port 8443 in tomcat. I am also using ssl. When I connect without a proxy it works fine. When I connect through a proxy, but don't use ssl, it also works fine. But when I try to use both features, it gives me the following error:
Method failed: HTTP/1.0 403 Forbidden
What can be the problem?
---------------------------------
Yahoo! Personals
Skip the bars and set-ups and start using Yahoo! Personals for free
Re: ssl with proxy
Posted by Oleg Kalnichevski <ol...@apache.org>.
> 2005/12/07 12:19:09:421 EET [DEBUG] header - << "HTTP/1.0 403 Forbidden[\r][\n]"
> 2005/12/07 12:19:09:421 EET [DEBUG] header - << "Server: squid/2.5.STABLE1[\r][\n]"
> 2005/12/07 12:19:09:421 EET [DEBUG] header - << "Mime-Version: 1.0[\r][\n]"
> 2005/12/07 12:19:09:421 EET [DEBUG] header - << "Date: Wed, 07 Dec 2005 11:14:59 GMT[\r][\n]"
Can you hit the same URL via the same proxy with a browser and see what
happens? The way I interpret the log the proxy has been configured (1)
either to disallow tunneling (HTTP CONNECT) altogether or (2) require a
set of credentials to authenticate the user requesting to establish a
tunnel via this proxy
Oleg
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
Re: ssl with proxy
Posted by Bogdan Mihaila <bm...@yahoo.com>.
2005/12/07 12:19:03:578 EET [DEBUG] HttpClient - Java version: 1.5.0
2005/12/07 12:19:03:593 EET [DEBUG] HttpClient - Java vendor: Sun Microsystems Inc.
2005/12/07 12:19:03:593 EET [DEBUG] HttpClient - Java class path: C:\workspace\actz2;C:\actualizari\jdom.jar;C:\actualizari\commons-httpclient-3.0-rc4.jar;C:\actualizari\commons-logging.jar;C:\actualizari\commons-net-1.4.0.jar;C:\actualizari\jakarta-oro-2.0.8.jar;C:\actualizari\commons-codec-1.3.jar;C:\workspace\actz2\actz2\axis.jar;C:\workspace\actz2\actz2\jaxrpc.jar;C:\workspace\actz2\actz2\wsdl4j-1.5.1.jar;C:\workspace\actz2\actz2\activation.jar;C:\workspace\actz2\actz2\commons-discovery-0.2.jar;C:\workspace\actz2\actz2\commons-el.jar;C:\workspace\actz2\actz2\log4j-1.2.8.jar;C:\workspace\actz2\actz2\mail.jar;C:\workspace\actz2\actz2\saaj.jar;C:\workspace\actz2\actz2\commons-logging-api.jar;C:\workspace\actz2\actz2\axis-ant.jar;C:\workspace\actz2\actz2\axis-schema.jar;C:\workspace\actz2\actz2\postgresql-8.0-311.jdbc3.jar
2005/12/07 12:19:03:593 EET [DEBUG] HttpClient - Operating system name: Windows XP
2005/12/07 12:19:03:593 EET [DEBUG] HttpClient - Operating system architecture: x86
2005/12/07 12:19:03:593 EET [DEBUG] HttpClient - Operating system version: 5.1
2005/12/07 12:19:03:765 EET [DEBUG] HttpClient - SUN 1.5: SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores)
2005/12/07 12:19:03:765 EET [DEBUG] HttpClient - SunRsaSign 1.5: Sun RSA signature provider
2005/12/07 12:19:03:765 EET [DEBUG] HttpClient - SunJSSE 1.5: Sun JSSE provider(PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
2005/12/07 12:19:03:765 EET [DEBUG] HttpClient - SunJCE 1.5: SunJCE Provider (implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE, Diffie-Hellman, HMAC)
2005/12/07 12:19:03:765 EET [DEBUG] HttpClient - SunJGSS 1.0: Sun (Kerberos v5)
2005/12/07 12:19:03:765 EET [DEBUG] HttpClient - SunSASL 1.5: Sun SASL provider(implements client mechanisms for: DIGEST-MD5, GSSAPI, EXTERNAL, PLAIN, CRAM-MD5; server mechanisms for: DIGEST-MD5, GSSAPI, CRAM-MD5)
2005/12/07 12:19:03:765 EET [DEBUG] DefaultHttpParams - Set parameter http.useragent = Jakarta Commons-HttpClient/3.0-rc4
2005/12/07 12:19:03:765 EET [DEBUG] DefaultHttpParams - Set parameter http.protocol.version = HTTP/1.1
2005/12/07 12:19:03:765 EET [DEBUG] DefaultHttpParams - Set parameter http.connection-manager.class = class org.apache.commons.httpclient.SimpleHttpConnectionManager
2005/12/07 12:19:03:765 EET [DEBUG] DefaultHttpParams - Set parameter http.protocol.cookie-policy = rfc2109
2005/12/07 12:19:03:781 EET [DEBUG] DefaultHttpParams - Set parameter http.protocol.element-charset = US-ASCII
2005/12/07 12:19:03:781 EET [DEBUG] DefaultHttpParams - Set parameter http.protocol.content-charset = ISO-8859-1
2005/12/07 12:19:03:781 EET [DEBUG] DefaultHttpParams - Set parameter http.method.retry-handler = org.apache.commons.httpclient.DefaultHttpMethodRetryHandler@f1bb78
2005/12/07 12:19:03:781 EET [DEBUG] DefaultHttpParams - Set parameter http.dateparser.patterns = [EEE, dd MMM yyyy HH:mm:ss zzz, EEEE, dd-MMM-yy HH:mm:ss zzz, EEE MMM d HH:mm:ss yyyy, EEE, dd-MMM-yyyy HH:mm:ss z, EEE, dd-MMM-yyyy HH-mm-ss z, EEE, dd MMM yy HH:mm:ss z, EEE dd-MMM-yyyy HH:mm:ss z, EEE dd MMM yyyy HH:mm:ss z, EEE dd-MMM-yyyy HH-mm-ss z, EEE dd-MMM-yy HH:mm:ss z, EEE dd MMM yy HH:mm:ss z, EEE,dd-MMM-yy HH:mm:ss z, EEE,dd-MMM-yyyy HH:mm:ss z, EEE, dd-MM-yyyy HH:mm:ss z]
2005/12/07 12:19:04:890 EET [DEBUG] DefaultHttpParams - Set parameter http.method.retry-handler = org.apache.commons.httpclient.DefaultHttpMethodRetryHandler@29ce8c
2005/12/07 12:19:04:906 EET [DEBUG] HttpConnection - Open connection to 192.168.1.1:8080
2005/12/07 12:19:09:421 EET [DEBUG] header - >> "CONNECT 192.168.1.102:8443 HTTP/1.1"
2005/12/07 12:19:09:421 EET [DEBUG] HttpMethodBase - Adding Host request header
2005/12/07 12:19:09:421 EET [DEBUG] header - >> "User-Agent: Jakarta Commons-HttpClient/3.0-rc4[\r][\n]"
2005/12/07 12:19:09:421 EET [DEBUG] header - >> "Host: 192.168.1.102:8443[\r][\n]"
2005/12/07 12:19:09:421 EET [DEBUG] header - >> "Proxy-Connection: Keep-Alive[\r][\n]"
2005/12/07 12:19:09:421 EET [DEBUG] header - >> "[\r][\n]"
2005/12/07 12:19:09:421 EET [DEBUG] header - << "HTTP/1.0 403 Forbidden[\r][\n]"
2005/12/07 12:19:09:421 EET [DEBUG] header - << "Server: squid/2.5.STABLE1[\r][\n]"
2005/12/07 12:19:09:421 EET [DEBUG] header - << "Mime-Version: 1.0[\r][\n]"
2005/12/07 12:19:09:421 EET [DEBUG] header - << "Date: Wed, 07 Dec 2005 11:14:59 GMT[\r][\n]"
2005/12/07 12:19:09:421 EET [DEBUG] header - << "Content-Type: text/html[\r][\n]"
2005/12/07 12:19:09:421 EET [DEBUG] header - << "Content-Length: 1039[\r][\n]"
2005/12/07 12:19:09:437 EET [DEBUG] header - << "Expires: Wed, 07 Dec 2005 11:14:59 GMT[\r][\n]"
2005/12/07 12:19:09:437 EET [DEBUG] header - << "X-Squid-Error: ERR_ACCESS_DENIED 0[\r][\n]"
2005/12/07 12:19:09:437 EET [DEBUG] header - << "X-Cache: MISS from linux.ctce.ro[\r][\n]"
2005/12/07 12:19:09:437 EET [DEBUG] header - << "X-Cache-Lookup: NONE from linux.ctce.ro:3128[\r][\n]"
2005/12/07 12:19:09:437 EET [DEBUG] header - << "Proxy-Connection: keep-alive[\r][\n]"
2005/12/07 12:19:09:437 EET [DEBUG] ConnectMethod - CONNECT status code 403
2005/12/07 12:19:09:437 EET [DEBUG] HttpMethodDirector - CONNECT failed, fake the response for the original method
Method failed: HTTP/1.0 403 Forbidden
2005/12/07 12:19:09:453 EET [DEBUG] HttpMethodBase - Should NOT close connection in response to directive: keep-alive
2005/12/07 12:19:09:453 EET [DEBUG] HttpConnection - Releasing connection back to connection manager.
---------------------------------
Yahoo! Personals
Single? There's someone we'd like you to meet.
Lots of someones, actually. Try Yahoo! Personals
Re: ssl with proxy
Posted by Oleg Kalnichevski <ol...@apache.org>.
On Wed, Dec 07, 2005 at 01:04:04AM -0800, Bogdan Mihaila wrote:
> Hello!
>
> I am trying to connect to a resource using https and port 8443 in tomcat. I am also using ssl. When I connect without a proxy it works fine. When I connect through a proxy, but don't use ssl, it also works fine. But when I try to use both features, it gives me the following error:
>
> Method failed: HTTP/1.0 403 Forbidden
>
> What can be the problem?
>
>
Bogdan,
Please post a wire/context log of the HTTP session. See the HttpClient
logging guide for details:
http://jakarta.apache.org/commons/httpclient/logging.html
Oleg
>
> ---------------------------------
> Yahoo! Personals
> Skip the bars and set-ups and start using Yahoo! Personals for free
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org