You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@ws.apache.org by Richard Vanek <ri...@piskoftak.sk> on 2002/11/25 16:18:55 UTC
xml-rpc /htts /proxy - problem
Hello,
I try to use apache xml-rpc through https, to access data from my server. I
am getting error from proxy which is in between. Maybe yousaw already such
a problem and could help me. I wasn't find archive of this mailing list, so
please excuse me if I am asking question whihc was already answered.
SecureXmlRpcClient xmlrpc = null;
try
{
xmlrpc = new
SecureXmlRpcClient("https://********/edit/.photo-update.php");
xmlrpc.setBasicAuthentication("***", "****");
XmlRpc.setDebug(true);
}
catch( Exception ex)
{
System.out.println("Error in creation:");
ex.printStackTrace();
System.exit(-1);
}
Vector params = new Vector();
params.addElement (args[0]);
// this method returns a string
try
{
String result = (String) xmlrpc.execute ("photo.getPhoto",
params);
System.out.println("\nResult: "+result);
}
catch( Exception ex)
{
System.out.println("Error in request:");
ex.printStackTrace();
System.exit(-1);
}
The error I am getting is following:
Client calling procedure 'photo.getPhoto' with parameters [2002-11-11]
java.io.IOException: Unable to tunnel through proxy. Proxy returns
"HTTP/1.0 400 Bad Request"
at
sun.net.www.protocol.http.HttpURLConnection.doTunneling(HttpURLConnection.java:813)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(DashoA6275)
at
sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:528)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(DashoA6275)
at org.apache.xmlrpc.XmlRpcClient$Worker.execute(XmlRpcClient.java)
at org.apache.xmlrpc.XmlRpcClient.execute(XmlRpcClient.java)
at UpdWebPhoto.main(UpdWebPhoto.java:43)
Error in request:
java.io.IOException: Unable to tunnel through proxy. Proxy returns
"HTTP/1.0 400 Bad Request"
at org.apache.xmlrpc.XmlRpcClient$Worker.execute(XmlRpcClient.java)
at org.apache.xmlrpc.XmlRpcClient.execute(XmlRpcClient.java)
at UpdWebPhoto.main(UpdWebPhoto.java:43)
If I use the same URL in browser it is going ok. I can't see any sign of
activity on my server side. Certificate whic is used at my server is signed
only localy. I am using -DproxySet=true -Dhttps.proxyHost= options on
java command line when starting up application
Thank you very much for any help suggestion.
--
-richo-
Re: xml-rpc /htts /proxy - problem
Posted by Richard Vanek <ri...@piskoftak.sk>.
Hello there,
I am agina answering myself, maybe somebody find this usefull. I made it
working without proxy. Throught proxy I am getting exeception can't tunnel
https request.
The problem with invalid certificate and solved by installing that
certificate (obtained as save from dialog in Internet explorer).
I install certificate following this advice found in java forum:
You have to install the certificate as a "trusted certificate". To do
this: obtain a .cer file with the public key. In general, I don't know how
you can do this (maybe using your web browser), but if you're accessing to
a tomcat with https of your own, and you've generated the certificate
using 'keytool' --see JDK tools documentation-- you can get it following
these steps: 1.- Export the certificate with keytool -export -alias
YourAlias -file AFile.cer 2.- Go to $JAVA_HOME/jre/lib/security
3.- Import the certificate: keytool -import -keystore cacerts -storepass
changeit -alias AnotherAlias -file YourFile.cer
P.S.: Anybody get experience https through proxy? Looks like https POST
request is problem. P.S.S.: Is anybody listening?
--
-richo-
Re: xml-rpc /htts /proxy - problem
Posted by Richard Vanek <ri...@piskoftak.sk>.
Hello there,
I am agina answering myself, maybe somebody find this usefull. I made it
working without proxy. Throught proxy I am getting exeception can't tunnel
https request.
The problem with invalid certificate and solved by installing that
certificate (obtained as save from dialog in Internet explorer).
I install certificate following this advice found in java forum:
You have to install the certificate as a "trusted certificate". To do
this: obtain a .cer file with the public key. In general, I don't know how
you can do this (maybe using your web browser), but if you're accessing to
a tomcat with https of your own, and you've generated the certificate
using 'keytool' --see JDK tools documentation-- you can get it following
these steps: 1.- Export the certificate with keytool -export -alias
YourAlias -file AFile.cer 2.- Go to $JAVA_HOME/jre/lib/security
3.- Import the certificate: keytool -import -keystore cacerts -storepass
changeit -alias AnotherAlias -file YourFile.cer
P.S.: Anybody get experience https through proxy? Looks like https POST
request is problem. P.S.S.: Is anybody listening?
--
-richo-
Re: xml-rpc /htts /proxy - problem
Posted by Richard Vanek <ri...@piskoftak.sk>.
Hi
I am replying myself. I worked bit more on it and tryied without proxy.
Than there is a different exception, which is probably hidden by proxy.
Because new exception is about Could not find tructed certificate I tried
to set
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier()
{
public boolean verify(String hostname, SSLSession session)
{
System.out.println("PeerHost: "+session.getPeerHost());
return true;
}
});
But this is not called. From stack trace I can see that httpsURLconnection
is not created but something like
sun.net.www.protocol.https.HttpsURLConnectionImpl is.
I am using xml-rpc 1.1 with jdk 1.4.
Anybody? Thank you!
Now expcetion is:
javax.net.ssl.SSLHandshakeException: Could not find trusted certificate
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.a(DashoA6275)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(DashoA6275)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at
com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275) at
java.io.OutputStream.write(OutputStream.java:58) at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275)
at sun.net.www.protocol.https.HttpsClient.afterConnect(DashoA6275)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Das
hoA6275) at
sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnec
tion.java:510) at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(DashoA6
275) at
org.apache.xmlrpc.XmlRpcClient$Worker.execute(XmlRpcClient.java) at
org.apache.xmlrpc.XmlRpcClient.execute(XmlRpcClient.java) at
UpdWebPhoto.main(UpdWebPhoto.java:82) Error in request:
java.io.IOException: Could not find trusted certificate
at
org.apache.xmlrpc.XmlRpcClient$Worker.execute(XmlRpcClient.java) at
org.apache.xmlrpc.XmlRpcClient.execute(XmlRpcClient.java) at
UpdWebPhoto.main(UpdWebPhoto.java:82)
--
-richo-
Re: xml-rpc /htts /proxy - problem
Posted by Richard Vanek <ri...@piskoftak.sk>.
Dear friends,
I have found a problem which do not allows to use https throught proxy when
doing xml-rpc request. When I commented out lines which are setting Content-Length
everything is working fine. These are lines in XmlRpcClient.java 424-425 in
version 1.2b1 of xml-rpc.
Maybe somebody could have explanation, I don't. It works now. I am using JDK
1.4.1_01.
--
-richo-
Re: xml-rpc /htts /proxy - problem
Posted by Richard Vanek <ri...@piskoftak.sk>.
Hello all,
maybe few of you remember my message from about half year ago. I again find
a need to solve this which I didn't finished before as I was busy with
other things. So problem was that I can't make connection to mus xml-rpc
server throught proxy using https. You can find all messages with the same
subject in archive of mailing list. Thank you in advance for you help!
Here is the last message from me and more after this quote:
On Wed, Nov 27, 2002 at 09:27:12AM +0100, Richard Vanek wrote:
> Hi,
>
> On Wed, Nov 27, 2002 at 09:05:15AM +0100, Rupp,Heiko wrote:
> >
> > Do you have access to the proxy and can somehow trace what
> > is going on?
>
> Unfortunately not, but I can do some net sniffering. I let you know. Here
> is the exception I am getting when go through proxy.
>
> java.io.IOException: Unable to tunnel through proxy. Proxy returns
> "HTTP/1.0 400 Bad Request"
> at org.apache.xmlrpc.XmlRpcClient$Worker.execute(XmlRpcClient.java)
> at org.apache.xmlrpc.XmlRpcClient.execute(XmlRpcClient.java)
> at UpdWebPhoto.main(UpdWebPhoto.java:67)
>
I did ether sniff first with simple program which request same page
throught proxy using https and basic authentication and than using xml-rpc
jar.
In first case i observe following behaviour and correctly optained xml file
indicating error as I do not submit any method.
CONNECT piskoftak.sk:443 HTTP/1.1
User-Agent: Java/1.4.1_01
Host: piskoftak.sk:443
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
HTTP/1.1 200 Connection established
Proxy-agent: BlueCoat-Security-Appliance
After this there is some handshaking with certificate and than next request
from client comes:
CONNECT piskoftak.sk:443 HTTP/1.1
GET /edit/.photo-update.php HTTP/1.1
User-Agent: Java/1.4.1_01
Host: piskoftak.sk:443
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Connection: keep-alive
Authorization: Basic xxxxxxxxxxxxxxxxxxxxxxxxx
HTTP/1.1 200 Connection established
Proxy-agent: BlueCoat-Security-Appliance
After this my program just dump xml file indicating error that mehtod
(empty) was not found whic is correct.
In a case when I am using xmlrpc to connect and request call on the same
url this is what happen:
first request from my program which never get reply:
CONNECT piskoftak.sk:443 HTTP/1.1
Content-Length: 163
Content-Type: text/xml
Authorization: Basic xxxxxxx
User-Agent: Java/1.4.1_01
Host: piskoftak.sk:443
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
and than second request which is not-correct and that one get error reply
whic is also reson for exception and program exit:
Content-Length: 163
Content-Type: text/xml
Authorization: Basic xxxxxxxxxxx[B
User-Agent: Java/1.4.1_01
Host: piskoftak.sk:443
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
HTTP/1.1 400 Bad Request
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 1193
Content-Type: text/html
Connection: close
--
-richo-
Re: xml-rpc /htts /proxy - problem
Posted by Richard Vanek <ri...@piskoftak.sk>.
Hi
I am replying myself. I worked bit more on it and tryied without proxy.
Than there is a different exception, which is probably hidden by proxy.
Because new exception is about Could not find tructed certificate I tried
to set
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier()
{
public boolean verify(String hostname, SSLSession session)
{
System.out.println("PeerHost: "+session.getPeerHost());
return true;
}
});
But this is not called. From stack trace I can see that httpsURLconnection
is not created but something like
sun.net.www.protocol.https.HttpsURLConnectionImpl is.
I am using xml-rpc 1.1 with jdk 1.4.
Anybody? Thank you!
Now expcetion is:
javax.net.ssl.SSLHandshakeException: Could not find trusted certificate
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.a(DashoA6275)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(DashoA6275)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at
com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275) at
java.io.OutputStream.write(OutputStream.java:58) at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275)
at sun.net.www.protocol.https.HttpsClient.afterConnect(DashoA6275)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Das
hoA6275) at
sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnec
tion.java:510) at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(DashoA6
275) at
org.apache.xmlrpc.XmlRpcClient$Worker.execute(XmlRpcClient.java) at
org.apache.xmlrpc.XmlRpcClient.execute(XmlRpcClient.java) at
UpdWebPhoto.main(UpdWebPhoto.java:82) Error in request:
java.io.IOException: Could not find trusted certificate
at
org.apache.xmlrpc.XmlRpcClient$Worker.execute(XmlRpcClient.java) at
org.apache.xmlrpc.XmlRpcClient.execute(XmlRpcClient.java) at
UpdWebPhoto.main(UpdWebPhoto.java:82)
--
-richo-