You are viewing a plain text version of this content. The canonical link for it is here.

Posted to httpclient-users@hc.apache.org by Herman D'costa <hd...@digev.com> on 2005/01/05 00:15:43 UTC

Not able to send HTTPs through a proxy server

I have the following program, that sends a request through Apache HTTP Proxy Server with SSL. When the HTTPs request is sent directly to the target url, get a response back successfully.

Also I have an axis client program which can send HTTPs requests through the proxy server successfully.

However, I get the following response from the httpclient api program

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access hdcosta:9943
on this server.</p>
<hr>
<address>Apache/2.0.52 (Win32) mod_ssl/2.0.52 OpenSSL/0.9.7e Server at hdcosta Port 9943</address>
</body></html>

Also when I sniff the tcp request btw the client and proxy server, I just see HTTP headers but no body being sent to the proxy server.

CONNECT hdcosta:9943 HTTP/1.1
User-Agent: Jakarta Commons-HttpClient/3.0-beta1
Host: hdcosta:9943
Proxy-Connection: Keep-Alive

<No Body>

The axis client has HTTP headers with a garbled up body.

Am I using the httpclient api wrongly? I tried using the httpclient 2.0.2 and 3.0-beta1 jars, with the same effect. Find following the program


			HttpClient httpClient = new HttpClient();
			httpClient.setTimeout(readTimeout);
			httpClient.setConnectionTimeout(connectTimeout);
			
			HostConfiguration hostConfiguration = new HostConfiguration();
			
			if (targetProtocol.equalsIgnoreCase(PROTOCOL_HTTPS)) {
				HTTPsSocketFactory httpsSocketFactory = new HTTPsSocketFactory(privateKey, certChain, trustedCAs, 					connectTimeout, readTimeout);
				Protocol httpsProtocol = new Protocol(targetProtocol, httpsSocketFactory, targetURL.getDefaultPort));
				Protocol.registerProtocol(targetProtocol, httpsProtocol);
			}
			hostConfiguration.setHost(targetHost, targetPort, targetProtocol);
			
			if (proxyServerReqd) {
				hostConfiguration.setProxy(proxyHost, proxyPort);
				
				if (proxyServerAuthReqd) {
					HttpState httpState = new HttpState();
					Credentials cred = new UsernamePasswordCredentials(proxyServerAuthUser, proxyServerAuthPass);
					httpState.setProxyCredentials(proxyServerAuthRealm, proxyHost, cred);
					// httpState.setAuthenticationPreemptive(true);
					// httpState.setCredentials(proxyServerAuthRealm, proxyHost, cred);
										
					httpClient.setState(httpState);
				}
			}	
			httpClient.setHostConfiguration(hostConfiguration);						
						
			PostMethod postMethod = new PostMethod(targetUrl);
			DefaultMethodRetryHandler retryHandler = new DefaultMethodRetryHandler();
			retryHandler.setRequestSentRetryEnabled(false);
			retryHandler.setRetryCount(retries);
			
			if (headers != null) {
				Set keySet = headers.keySet();
				Iterator it = keySet.iterator();
				
				while (it.hasNext()) {
					String headerName = (String) it.next();
					String headerValue = (String) headers.get(headerName);
					postMethod.addRequestHeader(headerName, headerValue);
				}
			}
			
			postMethod.setRequestBody(fis);
			
			
			// Execute the method.
			int statusCode = httpClient.executeMethod(postMethod);

Re: Not able to send HTTPs through a proxy server

Posted by Oleg Kalnichevski <ol...@apache.org>.

Hi Herman,

See my comments inline

On Tue, Jan 04, 2005 at 03:15:43PM -0800, Herman D'costa wrote:
> I have the following program, that sends a request through Apache HTTP Proxy Server with SSL. When the HTTPs request is sent directly to the target url, get a response back successfully.
> 
> Also I have an axis client program which can send HTTPs requests through the proxy server successfully.
> 
> However, I get the following response from the httpclient api program
> 
> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
> <html><head>
> <title>403 Forbidden</title>
> </head><body>
> <h1>Forbidden</h1>
> <p>You don't have permission to access hdcosta:9943
> on this server.</p>
> <hr>
> <address>Apache/2.0.52 (Win32) mod_ssl/2.0.52 OpenSSL/0.9.7e Server at hdcosta Port 9943</address>
> </body></html>
>

As far as I can tell HttlClient returns a perfectly valid response 403,
which makes me belive this is a server (mis-)configuration problem.


> Also when I sniff the tcp request btw the client and proxy server, I just see HTTP headers but no body being sent to the proxy server.
> 
> CONNECT hdcosta:9943 HTTP/1.1
> User-Agent: Jakarta Commons-HttpClient/3.0-beta1
> Host: hdcosta:9943
> Proxy-Connection: Keep-Alive
> 
> <No Body>
> 

This is exactly the way it is supposed to be. CONNECT method is not an
entity enclosing method and MAY NOT have a request body. Its sole
purpose is to establish a secure tunnel via the proxy. Once the tunnel
is up, the traffic between the client and the server gets encrypted and
thus cannot be sniffed upon (easily).


> The axis client has HTTP headers with a garbled up body.
> 
> Am I using the httpclient api wrongly? I tried using the httpclient 2.0.2 and 3.0-beta1 jars, with the same effect. Find following the program
> 

I see nothing wrong in your code, which only reenforces my belief that
this is a server side problem.

Hope this helps somewhat.

Oleg


> 
> 			HttpClient httpClient = new HttpClient();
> 			httpClient.setTimeout(readTimeout);
> 			httpClient.setConnectionTimeout(connectTimeout);
> 			
> 			HostConfiguration hostConfiguration = new HostConfiguration();
> 			
> 			if (targetProtocol.equalsIgnoreCase(PROTOCOL_HTTPS)) {
> 				HTTPsSocketFactory httpsSocketFactory = new HTTPsSocketFactory(privateKey, certChain, trustedCAs, 					connectTimeout, readTimeout);
> 				Protocol httpsProtocol = new Protocol(targetProtocol, httpsSocketFactory, targetURL.getDefaultPort));
> 				Protocol.registerProtocol(targetProtocol, httpsProtocol);
> 			}
> 			hostConfiguration.setHost(targetHost, targetPort, targetProtocol);
> 			
> 			if (proxyServerReqd) {
> 				hostConfiguration.setProxy(proxyHost, proxyPort);
> 				
> 				if (proxyServerAuthReqd) {
> 					HttpState httpState = new HttpState();
> 					Credentials cred = new UsernamePasswordCredentials(proxyServerAuthUser, proxyServerAuthPass);
> 					httpState.setProxyCredentials(proxyServerAuthRealm, proxyHost, cred);
> 					// httpState.setAuthenticationPreemptive(true);
> 					// httpState.setCredentials(proxyServerAuthRealm, proxyHost, cred);
> 										
> 					httpClient.setState(httpState);
> 				}
> 			}	
> 			httpClient.setHostConfiguration(hostConfiguration);						
> 						
> 			PostMethod postMethod = new PostMethod(targetUrl);
> 			DefaultMethodRetryHandler retryHandler = new DefaultMethodRetryHandler();
> 			retryHandler.setRequestSentRetryEnabled(false);
> 			retryHandler.setRetryCount(retries);
> 			
> 			if (headers != null) {
> 				Set keySet = headers.keySet();
> 				Iterator it = keySet.iterator();
> 				
> 				while (it.hasNext()) {
> 					String headerName = (String) it.next();
> 					String headerValue = (String) headers.get(headerName);
> 					postMethod.addRequestHeader(headerName, headerValue);
> 				}
> 			}
> 			
> 			postMethod.setRequestBody(fis);
> 			
> 			
> 			// Execute the method.
> 			int statusCode = httpClient.executeMethod(postMethod);
> 
> 
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org