You are viewing a plain text version of this content. The canonical link for it is here.
Posted to httpclient-users@hc.apache.org by Herman D'costa <hd...@digev.com> on 2005/01/05 00:15:43 UTC
Not able to send HTTPs through a proxy server
I have the following program, that sends a request through Apache HTTP Proxy Server with SSL. When the HTTPs request is sent directly to the target url, get a response back successfully.
Also I have an axis client program which can send HTTPs requests through the proxy server successfully.
However, I get the following response from the httpclient api program
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access hdcosta:9943
on this server.</p>
<hr>
<address>Apache/2.0.52 (Win32) mod_ssl/2.0.52 OpenSSL/0.9.7e Server at hdcosta Port 9943</address>
</body></html>
Also when I sniff the tcp request btw the client and proxy server, I just see HTTP headers but no body being sent to the proxy server.
CONNECT hdcosta:9943 HTTP/1.1
User-Agent: Jakarta Commons-HttpClient/3.0-beta1
Host: hdcosta:9943
Proxy-Connection: Keep-Alive
<No Body>
The axis client has HTTP headers with a garbled up body.
Am I using the httpclient api wrongly? I tried using the httpclient 2.0.2 and 3.0-beta1 jars, with the same effect. Find following the program
HttpClient httpClient = new HttpClient();
httpClient.setTimeout(readTimeout);
httpClient.setConnectionTimeout(connectTimeout);
HostConfiguration hostConfiguration = new HostConfiguration();
if (targetProtocol.equalsIgnoreCase(PROTOCOL_HTTPS)) {
HTTPsSocketFactory httpsSocketFactory = new HTTPsSocketFactory(privateKey, certChain, trustedCAs, connectTimeout, readTimeout);
Protocol httpsProtocol = new Protocol(targetProtocol, httpsSocketFactory, targetURL.getDefaultPort));
Protocol.registerProtocol(targetProtocol, httpsProtocol);
}
hostConfiguration.setHost(targetHost, targetPort, targetProtocol);
if (proxyServerReqd) {
hostConfiguration.setProxy(proxyHost, proxyPort);
if (proxyServerAuthReqd) {
HttpState httpState = new HttpState();
Credentials cred = new UsernamePasswordCredentials(proxyServerAuthUser, proxyServerAuthPass);
httpState.setProxyCredentials(proxyServerAuthRealm, proxyHost, cred);
// httpState.setAuthenticationPreemptive(true);
// httpState.setCredentials(proxyServerAuthRealm, proxyHost, cred);
httpClient.setState(httpState);
}
}
httpClient.setHostConfiguration(hostConfiguration);
PostMethod postMethod = new PostMethod(targetUrl);
DefaultMethodRetryHandler retryHandler = new DefaultMethodRetryHandler();
retryHandler.setRequestSentRetryEnabled(false);
retryHandler.setRetryCount(retries);
if (headers != null) {
Set keySet = headers.keySet();
Iterator it = keySet.iterator();
while (it.hasNext()) {
String headerName = (String) it.next();
String headerValue = (String) headers.get(headerName);
postMethod.addRequestHeader(headerName, headerValue);
}
}
postMethod.setRequestBody(fis);
// Execute the method.
int statusCode = httpClient.executeMethod(postMethod);
Re: Not able to send HTTPs through a proxy server
Posted by Oleg Kalnichevski <ol...@apache.org>.
Hi Herman,
See my comments inline
On Tue, Jan 04, 2005 at 03:15:43PM -0800, Herman D'costa wrote:
> I have the following program, that sends a request through Apache HTTP Proxy Server with SSL. When the HTTPs request is sent directly to the target url, get a response back successfully.
>
> Also I have an axis client program which can send HTTPs requests through the proxy server successfully.
>
> However, I get the following response from the httpclient api program
>
> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
> <html><head>
> <title>403 Forbidden</title>
> </head><body>
> <h1>Forbidden</h1>
> <p>You don't have permission to access hdcosta:9943
> on this server.</p>
> <hr>
> <address>Apache/2.0.52 (Win32) mod_ssl/2.0.52 OpenSSL/0.9.7e Server at hdcosta Port 9943</address>
> </body></html>
>
As far as I can tell HttlClient returns a perfectly valid response 403,
which makes me belive this is a server (mis-)configuration problem.
> Also when I sniff the tcp request btw the client and proxy server, I just see HTTP headers but no body being sent to the proxy server.
>
> CONNECT hdcosta:9943 HTTP/1.1
> User-Agent: Jakarta Commons-HttpClient/3.0-beta1
> Host: hdcosta:9943
> Proxy-Connection: Keep-Alive
>
> <No Body>
>
This is exactly the way it is supposed to be. CONNECT method is not an
entity enclosing method and MAY NOT have a request body. Its sole
purpose is to establish a secure tunnel via the proxy. Once the tunnel
is up, the traffic between the client and the server gets encrypted and
thus cannot be sniffed upon (easily).
> The axis client has HTTP headers with a garbled up body.
>
> Am I using the httpclient api wrongly? I tried using the httpclient 2.0.2 and 3.0-beta1 jars, with the same effect. Find following the program
>
I see nothing wrong in your code, which only reenforces my belief that
this is a server side problem.
Hope this helps somewhat.
Oleg
>
> HttpClient httpClient = new HttpClient();
> httpClient.setTimeout(readTimeout);
> httpClient.setConnectionTimeout(connectTimeout);
>
> HostConfiguration hostConfiguration = new HostConfiguration();
>
> if (targetProtocol.equalsIgnoreCase(PROTOCOL_HTTPS)) {
> HTTPsSocketFactory httpsSocketFactory = new HTTPsSocketFactory(privateKey, certChain, trustedCAs, connectTimeout, readTimeout);
> Protocol httpsProtocol = new Protocol(targetProtocol, httpsSocketFactory, targetURL.getDefaultPort));
> Protocol.registerProtocol(targetProtocol, httpsProtocol);
> }
> hostConfiguration.setHost(targetHost, targetPort, targetProtocol);
>
> if (proxyServerReqd) {
> hostConfiguration.setProxy(proxyHost, proxyPort);
>
> if (proxyServerAuthReqd) {
> HttpState httpState = new HttpState();
> Credentials cred = new UsernamePasswordCredentials(proxyServerAuthUser, proxyServerAuthPass);
> httpState.setProxyCredentials(proxyServerAuthRealm, proxyHost, cred);
> // httpState.setAuthenticationPreemptive(true);
> // httpState.setCredentials(proxyServerAuthRealm, proxyHost, cred);
>
> httpClient.setState(httpState);
> }
> }
> httpClient.setHostConfiguration(hostConfiguration);
>
> PostMethod postMethod = new PostMethod(targetUrl);
> DefaultMethodRetryHandler retryHandler = new DefaultMethodRetryHandler();
> retryHandler.setRequestSentRetryEnabled(false);
> retryHandler.setRetryCount(retries);
>
> if (headers != null) {
> Set keySet = headers.keySet();
> Iterator it = keySet.iterator();
>
> while (it.hasNext()) {
> String headerName = (String) it.next();
> String headerValue = (String) headers.get(headerName);
> postMethod.addRequestHeader(headerName, headerValue);
> }
> }
>
> postMethod.setRequestBody(fis);
>
>
> // Execute the method.
> int statusCode = httpClient.executeMethod(postMethod);
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org