You are viewing a plain text version of this content. The canonical link for it is here.
Posted to httpclient-users@hc.apache.org by srihari na <na...@gmail.com> on 2014/10/14 15:57:17 UTC
HttpClient with CircularRedirectException
Hello,
We are trying a simple Get request to a server which is seems to be in
circular redirection and end up in CircularRedirectException, based on some
internet search hits there is a mechanism to disable the
circuralRedirectionException, however we hit maximum redirection hits(100)
occurred. We were able to hit the same server with a simple standalone java
program, Mozilla and Chrome ReST client which is working fine where as the
Apache client libraries is throwing the above mentioned exception. I have
pasted the code snippet below and java program, please help me overcome
this situation. The Authorization header is intentionally garbled for
security reasons however with the code error is reproduced and with proper
header also we see the problem.
DefaultHttpClient httpclient = new DefaultHttpClient();
try {
KeyStore trustStore =
KeyStore.getInstance(KeyStore.getDefaultType());
FileInputStream instream = new FileInputStream(new
File("C:\\IBMJDK7\\jre\\lib\\security\\cacerts"));
try {
trustStore.load(instream, "changeit".toCharArray());
} finally {
try { instream.close(); } catch (Exception ignore) {}
}
SSLSocketFactory socketFactory = new
SSLSocketFactory(trustStore);
Scheme sch = new Scheme("https", 443, socketFactory);
httpclient.getConnectionManager().getSchemeRegistry().register(sch);
HttpGet httpget = new HttpGet("https://login.eloqua.com:443/id/
");
httpget.addHeader("Authorization", "Basic
VGVjaG5vbG9neVBhcnRuZXJQZXJzaX");
httpget.addHeader("Accept","application/json");
System.out.println("executing request" +
httpget.getRequestLine());
HttpResponse response = httpclient.execute(httpget);
HttpEntity entity = response.getEntity();
System.out.println(response.getStatusLine());
if (entity != null) {
System.out.println("Response content length: " +
entity.getContentLength());
}
EntityUtils.consume(entity);
} finally {
httpclient.getConnectionManager().shutdown();
}
Sample Java Code
public class TestEloquaJavaHttpUrl {
public static void main(String [] args) throws Exception {
// configure the SSLContext with a TrustManager
SSLContext ctx = SSLContext.getInstance("SSLv3");
ctx.init(new KeyManager[0], new TrustManager[] {new
DefaultTrustManager()}, new SecureRandom());
SSLContext.setDefault(ctx);
URL url = new URL("https://login.eloqua.com:443/id/");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestProperty("Authorization", "Basic
VGVjaG5vbG9neVBhcnRuZXJQZXJzaX");
conn.setRequestProperty("Accept", "application/json");
conn.setHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
});
System.out.println(conn.getResponseCode());
conn.disconnect();
}
private static class DefaultTrustManager implements X509TrustManager {
@Override
public void checkClientTrusted(X509Certificate[] arg0, String arg1)
throws CertificateException {}
@Override
public void checkServerTrusted(X509Certificate[] arg0, String arg1)
throws CertificateException {}
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
}
}
--
Regards,
Srihari NA
Re: HttpClient with CircularRedirectException
Posted by Oleg Kalnichevski <ol...@apache.org>.
On Wed, 2014-10-29 at 12:02 +0530, srihari na wrote:
> Yes I accept unless one shows in code bug need not be raised. However I
> have clear prima facie evidence with sample program using Apache HTTP
> client and standalone java program where the destination server works fine
> with java code but not using HTTP client library. Also it has been verified
> to work with various HTTP and ReST clients. Atleast can anyone help me if
> there is any problem with the code I have or I would like to go for bug and
> at the same time dig in the code to find the issue.
>
You are not expected to dig in the code and point at the exact line
which you suspect to be wrong, but you are clearly expected to provide
clear evidence of HttpClient being non-compliant with the HTTP
specification. Vague statements about some other clients being 'right'
and HttpClient being 'wrong' are meaningless as far as I am concerned.
Oleg
> On Tue, Oct 28, 2014 at 6:28 PM, Todd W Lainhart <la...@us.ibm.com>
> wrote:
>
> > > Is it better i go ahead and raise a jira for this one.
> >
> > I wouldn't open a bug unless you can point to the code at fault.
> >
> >
> >
> > Todd Lainhart
> > Senior Software Engineer - ExperienceOne, Digital Analytics
> >
> > Phone: 1-978-899-4705 | Mobile: 1-508-331-1110
> > E-mail: lainhart@us.ibm.com
> > 550 King St
> > Littleton, MA 01460-1250
> > United States
> >
> >
> >
> >
> > From: srihari na <na...@gmail.com>
> > To: HttpClient User Discussion <ht...@hc.apache.org>
> > Date: 10/28/2014 05:47 AM
> > Subject: Re: HttpClient with CircularRedirectException
> >
> >
> >
> > I am still not convinced that it is a server side problem because other
> > clients are able to handle the redirects to some sort of solution. I
> > believe there might be some issue in the redirect strategy of the HTTP
> > client. Is it better i go ahead and raise a jira for this one.
> >
> > On Wed, Oct 15, 2014 at 6:58 PM, Todd W Lainhart <la...@us.ibm.com>
> > wrote:
> >
> > > srihari na <na...@gmail.com> wrote on 10/15/2014 04:38:23 AM:
> > >
> > > > My concern is why the Http Client library is hitting Circular redirect
> > > or
> > > > maximum redirect issue where as normal rest client or simple java
> > > program
> > > > does not have any issue while invoking the URL.
> > > >
> > >
> > > An obvious guess is that the other clients are following the redirects
> > to
> > > some sort of resolution. Take a look at network traffic between the
> > > client and the server to confirm this. An excessive number of redirects
> > > (circular or otherwise) might be an indication of some sort of problem
> > on
> > > the server, which the circularRedirects property can alert you to. From
> > > RequestConfig:
> > >
> > > /**
> > > * Determines whether circular redirects (redirects to the same
> > > location) should
> > > * be allowed. The HTTP spec is not sufficiently clear whether
> > > circular redirects
> > > * are permitted, therefore optionally they can be enabled
> > > * <p/>
> > > * Default: <code>false</code>
> > > */
> >
> >
> >
> >
> > --
> > Regards,
> > Srihari NA
> >
> >
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org
Re: HttpClient with CircularRedirectException
Posted by srihari na <na...@gmail.com>.
Yes I accept unless one shows in code bug need not be raised. However I
have clear prima facie evidence with sample program using Apache HTTP
client and standalone java program where the destination server works fine
with java code but not using HTTP client library. Also it has been verified
to work with various HTTP and ReST clients. Atleast can anyone help me if
there is any problem with the code I have or I would like to go for bug and
at the same time dig in the code to find the issue.
On Tue, Oct 28, 2014 at 6:28 PM, Todd W Lainhart <la...@us.ibm.com>
wrote:
> > Is it better i go ahead and raise a jira for this one.
>
> I wouldn't open a bug unless you can point to the code at fault.
>
>
>
> Todd Lainhart
> Senior Software Engineer - ExperienceOne, Digital Analytics
>
> Phone: 1-978-899-4705 | Mobile: 1-508-331-1110
> E-mail: lainhart@us.ibm.com
> 550 King St
> Littleton, MA 01460-1250
> United States
>
>
>
>
> From: srihari na <na...@gmail.com>
> To: HttpClient User Discussion <ht...@hc.apache.org>
> Date: 10/28/2014 05:47 AM
> Subject: Re: HttpClient with CircularRedirectException
>
>
>
> I am still not convinced that it is a server side problem because other
> clients are able to handle the redirects to some sort of solution. I
> believe there might be some issue in the redirect strategy of the HTTP
> client. Is it better i go ahead and raise a jira for this one.
>
> On Wed, Oct 15, 2014 at 6:58 PM, Todd W Lainhart <la...@us.ibm.com>
> wrote:
>
> > srihari na <na...@gmail.com> wrote on 10/15/2014 04:38:23 AM:
> >
> > > My concern is why the Http Client library is hitting Circular redirect
> > or
> > > maximum redirect issue where as normal rest client or simple java
> > program
> > > does not have any issue while invoking the URL.
> > >
> >
> > An obvious guess is that the other clients are following the redirects
> to
> > some sort of resolution. Take a look at network traffic between the
> > client and the server to confirm this. An excessive number of redirects
> > (circular or otherwise) might be an indication of some sort of problem
> on
> > the server, which the circularRedirects property can alert you to. From
> > RequestConfig:
> >
> > /**
> > * Determines whether circular redirects (redirects to the same
> > location) should
> > * be allowed. The HTTP spec is not sufficiently clear whether
> > circular redirects
> > * are permitted, therefore optionally they can be enabled
> > * <p/>
> > * Default: <code>false</code>
> > */
>
>
>
>
> --
> Regards,
> Srihari NA
>
>
--
Regards,
Srihari NA
Re: HttpClient with CircularRedirectException
Posted by Todd W Lainhart <la...@us.ibm.com>.
> Is it better i go ahead and raise a jira for this one.
I wouldn't open a bug unless you can point to the code at fault.
Todd Lainhart
Senior Software Engineer - ExperienceOne, Digital Analytics
Phone: 1-978-899-4705 | Mobile: 1-508-331-1110
E-mail: lainhart@us.ibm.com
550 King St
Littleton, MA 01460-1250
United States
From: srihari na <na...@gmail.com>
To: HttpClient User Discussion <ht...@hc.apache.org>
Date: 10/28/2014 05:47 AM
Subject: Re: HttpClient with CircularRedirectException
I am still not convinced that it is a server side problem because other
clients are able to handle the redirects to some sort of solution. I
believe there might be some issue in the redirect strategy of the HTTP
client. Is it better i go ahead and raise a jira for this one.
On Wed, Oct 15, 2014 at 6:58 PM, Todd W Lainhart <la...@us.ibm.com>
wrote:
> srihari na <na...@gmail.com> wrote on 10/15/2014 04:38:23 AM:
>
> > My concern is why the Http Client library is hitting Circular redirect
> or
> > maximum redirect issue where as normal rest client or simple java
> program
> > does not have any issue while invoking the URL.
> >
>
> An obvious guess is that the other clients are following the redirects
to
> some sort of resolution. Take a look at network traffic between the
> client and the server to confirm this. An excessive number of redirects
> (circular or otherwise) might be an indication of some sort of problem
on
> the server, which the circularRedirects property can alert you to. From
> RequestConfig:
>
> /**
> * Determines whether circular redirects (redirects to the same
> location) should
> * be allowed. The HTTP spec is not sufficiently clear whether
> circular redirects
> * are permitted, therefore optionally they can be enabled
> * <p/>
> * Default: <code>false</code>
> */
--
Regards,
Srihari NA
Re: HttpClient with CircularRedirectException
Posted by srihari na <na...@gmail.com>.
I am still not convinced that it is a server side problem because other
clients are able to handle the redirects to some sort of solution. I
believe there might be some issue in the redirect strategy of the HTTP
client. Is it better i go ahead and raise a jira for this one.
On Wed, Oct 15, 2014 at 6:58 PM, Todd W Lainhart <la...@us.ibm.com>
wrote:
> srihari na <na...@gmail.com> wrote on 10/15/2014 04:38:23 AM:
>
> > My concern is why the Http Client library is hitting Circular redirect
> or
> > maximum redirect issue where as normal rest client or simple java
> program
> > does not have any issue while invoking the URL.
> >
>
> An obvious guess is that the other clients are following the redirects to
> some sort of resolution. Take a look at network traffic between the
> client and the server to confirm this. An excessive number of redirects
> (circular or otherwise) might be an indication of some sort of problem on
> the server, which the circularRedirects property can alert you to. From
> RequestConfig:
>
> /**
> * Determines whether circular redirects (redirects to the same
> location) should
> * be allowed. The HTTP spec is not sufficiently clear whether
> circular redirects
> * are permitted, therefore optionally they can be enabled
> * <p/>
> * Default: <code>false</code>
> */
--
Regards,
Srihari NA
Re: HttpClient with CircularRedirectException
Posted by Todd W Lainhart <la...@us.ibm.com>.
srihari na <na...@gmail.com> wrote on 10/15/2014 04:38:23 AM:
> My concern is why the Http Client library is hitting Circular redirect
or
> maximum redirect issue where as normal rest client or simple java
program
> does not have any issue while invoking the URL.
>
An obvious guess is that the other clients are following the redirects to
some sort of resolution. Take a look at network traffic between the
client and the server to confirm this. An excessive number of redirects
(circular or otherwise) might be an indication of some sort of problem on
the server, which the circularRedirects property can alert you to. From
RequestConfig:
/**
* Determines whether circular redirects (redirects to the same
location) should
* be allowed. The HTTP spec is not sufficiently clear whether
circular redirects
* are permitted, therefore optionally they can be enabled
* <p/>
* Default: <code>false</code>
*/
Re: HttpClient with CircularRedirectException
Posted by srihari na <na...@gmail.com>.
Hi All,
My concern is why the Http Client library is hitting Circular redirect or
maximum redirect issue where as normal rest client or simple java program
does not have any issue while invoking the URL.
On Tue, Oct 14, 2014 at 8:25 PM, Todd W Lainhart <la...@us.ibm.com>
wrote:
> >
> > We are using HttpClient version 4.2.5 and we did try the
> > option
> client.getParams().setParameter(ClientPNames.ALLOW_CIRCULAR_REDIRECTS,
> > true);, however this hits maximum redirects hits occurred around 100.
> >
>
> Don't you want to set that to 'false'? I believe that you can also set
> MAX_REDIRECTS.
>
> I have been successful in disabling circular redirect checking.
--
Regards,
Srihari NA
Re: HttpClient with CircularRedirectException
Posted by Todd W Lainhart <la...@us.ibm.com>.
>
> We are using HttpClient version 4.2.5 and we did try the
> option
client.getParams().setParameter(ClientPNames.ALLOW_CIRCULAR_REDIRECTS,
> true);, however this hits maximum redirects hits occurred around 100.
>
Don't you want to set that to 'false'? I believe that you can also set
MAX_REDIRECTS.
I have been successful in disabling circular redirect checking.
Re: HttpClient with CircularRedirectException
Posted by srihari na <na...@gmail.com>.
Hi,
We are using HttpClient version 4.2.5 and we did try the
option client.getParams().setParameter(ClientPNames.ALLOW_CIRCULAR_REDIRECTS,
true);, however this hits maximum redirects hits occurred around 100.
On Tue, Oct 14, 2014 at 7:44 PM, Todd W Lainhart <la...@us.ibm.com>
wrote:
> You can turn off circular redirect checking. You haven't said what
> version of the library you're using. Assuming the latest, take a look at
> RequestConfig.Builder. There are other options/mechanisms for raising the
> limits, or taking part in the analysis process.
>
>
>
>
>
> Todd Lainhart
> Rational software
> IBM Corporation
> 550 King Street, Littleton, MA 01460-1250
> 1-978-899-4705
> 2-276-4705 (T/L)
> lainhart@us.ibm.com
>
>
>
>
> From: srihari na <na...@gmail.com>
> To: HttpClient User Discussion <ht...@hc.apache.org>
> Date: 10/14/2014 10:04 AM
> Subject: HttpClient with CircularRedirectException
>
>
>
> Hello,
>
> We are trying a simple Get request to a server which is seems to be in
> circular redirection and end up in CircularRedirectException, based on
> some
> internet search hits there is a mechanism to disable the
> circuralRedirectionException, however we hit maximum redirection hits(100)
> occurred. We were able to hit the same server with a simple standalone
> java
> program, Mozilla and Chrome ReST client which is working fine where as the
> Apache client libraries is throwing the above mentioned exception. I have
> pasted the code snippet below and java program, please help me overcome
> this situation. The Authorization header is intentionally garbled for
> security reasons however with the code error is reproduced and with proper
> header also we see the problem.
>
> DefaultHttpClient httpclient = new DefaultHttpClient();
> try {
> KeyStore trustStore =
> KeyStore.getInstance(KeyStore.getDefaultType());
> FileInputStream instream = new FileInputStream(new
> File("C:\\IBMJDK7\\jre\\lib\\security\\cacerts"));
> try {
> trustStore.load(instream, "changeit".toCharArray());
> } finally {
> try { instream.close(); } catch (Exception ignore) {}
> }
>
> SSLSocketFactory socketFactory = new
> SSLSocketFactory(trustStore);
> Scheme sch = new Scheme("https", 443, socketFactory);
>
> httpclient.getConnectionManager().getSchemeRegistry().register(sch);
>
> HttpGet httpget = new HttpGet("
> https://login.eloqua.com:443/id/
> ");
> httpget.addHeader("Authorization", "Basic
> VGVjaG5vbG9neVBhcnRuZXJQZXJzaX");
> httpget.addHeader("Accept","application/json");
> System.out.println("executing request" +
> httpget.getRequestLine());
>
> HttpResponse response = httpclient.execute(httpget);
> HttpEntity entity = response.getEntity();
> System.out.println(response.getStatusLine());
> if (entity != null) {
> System.out.println("Response content length: " +
> entity.getContentLength());
> }
> EntityUtils.consume(entity);
>
> } finally {
> httpclient.getConnectionManager().shutdown();
> }
>
> Sample Java Code
>
> public class TestEloquaJavaHttpUrl {
>
> public static void main(String [] args) throws Exception {
> // configure the SSLContext with a TrustManager
> SSLContext ctx = SSLContext.getInstance("SSLv3");
> ctx.init(new KeyManager[0], new TrustManager[] {new
> DefaultTrustManager()}, new SecureRandom());
> SSLContext.setDefault(ctx);
>
> URL url = new URL("https://login.eloqua.com:443/id/");
> HttpsURLConnection conn = (HttpsURLConnection)
> url.openConnection();
> conn.setRequestProperty("Authorization", "Basic
> VGVjaG5vbG9neVBhcnRuZXJQZXJzaX");
> conn.setRequestProperty("Accept", "application/json");
> conn.setHostnameVerifier(new HostnameVerifier() {
> @Override
> public boolean verify(String arg0, SSLSession arg1) {
> return true;
> }
> });
> System.out.println(conn.getResponseCode());
> conn.disconnect();
> }
>
> private static class DefaultTrustManager implements X509TrustManager {
>
> @Override
> public void checkClientTrusted(X509Certificate[] arg0, String
> arg1)
> throws CertificateException {}
>
> @Override
> public void checkServerTrusted(X509Certificate[] arg0, String
> arg1)
> throws CertificateException {}
>
> @Override
> public X509Certificate[] getAcceptedIssuers() {
> return null;
> }
> }
> }
>
> --
> Regards,
> Srihari NA
>
>
--
Regards,
Srihari NA
Re: HttpClient with CircularRedirectException
Posted by Todd W Lainhart <la...@us.ibm.com>.
You can turn off circular redirect checking. You haven't said what
version of the library you're using. Assuming the latest, take a look at
RequestConfig.Builder. There are other options/mechanisms for raising the
limits, or taking part in the analysis process.
Todd Lainhart
Rational software
IBM Corporation
550 King Street, Littleton, MA 01460-1250
1-978-899-4705
2-276-4705 (T/L)
lainhart@us.ibm.com
From: srihari na <na...@gmail.com>
To: HttpClient User Discussion <ht...@hc.apache.org>
Date: 10/14/2014 10:04 AM
Subject: HttpClient with CircularRedirectException
Hello,
We are trying a simple Get request to a server which is seems to be in
circular redirection and end up in CircularRedirectException, based on
some
internet search hits there is a mechanism to disable the
circuralRedirectionException, however we hit maximum redirection hits(100)
occurred. We were able to hit the same server with a simple standalone
java
program, Mozilla and Chrome ReST client which is working fine where as the
Apache client libraries is throwing the above mentioned exception. I have
pasted the code snippet below and java program, please help me overcome
this situation. The Authorization header is intentionally garbled for
security reasons however with the code error is reproduced and with proper
header also we see the problem.
DefaultHttpClient httpclient = new DefaultHttpClient();
try {
KeyStore trustStore =
KeyStore.getInstance(KeyStore.getDefaultType());
FileInputStream instream = new FileInputStream(new
File("C:\\IBMJDK7\\jre\\lib\\security\\cacerts"));
try {
trustStore.load(instream, "changeit".toCharArray());
} finally {
try { instream.close(); } catch (Exception ignore) {}
}
SSLSocketFactory socketFactory = new
SSLSocketFactory(trustStore);
Scheme sch = new Scheme("https", 443, socketFactory);
httpclient.getConnectionManager().getSchemeRegistry().register(sch);
HttpGet httpget = new HttpGet("
https://login.eloqua.com:443/id/
");
httpget.addHeader("Authorization", "Basic
VGVjaG5vbG9neVBhcnRuZXJQZXJzaX");
httpget.addHeader("Accept","application/json");
System.out.println("executing request" +
httpget.getRequestLine());
HttpResponse response = httpclient.execute(httpget);
HttpEntity entity = response.getEntity();
System.out.println(response.getStatusLine());
if (entity != null) {
System.out.println("Response content length: " +
entity.getContentLength());
}
EntityUtils.consume(entity);
} finally {
httpclient.getConnectionManager().shutdown();
}
Sample Java Code
public class TestEloquaJavaHttpUrl {
public static void main(String [] args) throws Exception {
// configure the SSLContext with a TrustManager
SSLContext ctx = SSLContext.getInstance("SSLv3");
ctx.init(new KeyManager[0], new TrustManager[] {new
DefaultTrustManager()}, new SecureRandom());
SSLContext.setDefault(ctx);
URL url = new URL("https://login.eloqua.com:443/id/");
HttpsURLConnection conn = (HttpsURLConnection)
url.openConnection();
conn.setRequestProperty("Authorization", "Basic
VGVjaG5vbG9neVBhcnRuZXJQZXJzaX");
conn.setRequestProperty("Accept", "application/json");
conn.setHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
});
System.out.println(conn.getResponseCode());
conn.disconnect();
}
private static class DefaultTrustManager implements X509TrustManager {
@Override
public void checkClientTrusted(X509Certificate[] arg0, String
arg1)
throws CertificateException {}
@Override
public void checkServerTrusted(X509Certificate[] arg0, String
arg1)
throws CertificateException {}
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
}
}
--
Regards,
Srihari NA