You are viewing a plain text version of this content. The canonical link for it is here.
Posted to soap-dev@ws.apache.org by sn...@apache.org on 2002/08/01 05:07:32 UTC
cvs commit: xml-soap/java/src/org/apache/soap/util/net SSLUtils.java
snichol 2002/07/31 20:07:32
Modified: java/docs changes.html
java/src/org/apache/soap/util/net SSLUtils.java
Log:
Submitted by: Phil Bohnenkamp <pb...@centerpost.com>
Reviewed by: Scott Nichol
The attached modified class is to add support for https tunneling through
a proxy that requires authentication. Although tunneling that requires
authentication works with http, it didn't for https.
After sniffing around, I found that the standard system property for the
authentication string to pass to the proxy is https.proxyAuth. This
authentication string format is defined in the
"HTTP Authentication: Basic and Digest Access Authentication" specification
found at ftp://ftp.isi.edu/in-notes/rfc2617.txt. If https.proxyAuth is not
found it assumes proxy authentication is not required.
Revision Changes Path
1.35 +1 -0 xml-soap/java/docs/changes.html
Index: changes.html
===================================================================
RCS file: /home/cvs/xml-soap/java/docs/changes.html,v
retrieving revision 1.34
retrieving revision 1.35
diff -u -r1.34 -r1.35
--- changes.html 30 Jul 2002 20:32:04 -0000 1.34
+++ changes.html 1 Aug 2002 03:07:32 -0000 1.35
@@ -53,6 +53,7 @@
This dramatically decreases latency when the payload is smaller
than the TCP segment size, assuming the server platform uses
a long delayed ACK timer (typically 200 ms).</li>
+ <li>Support authentication for https proxies.</li>
</ul>
</li>
<li><A name="v2.3.1"><STRONG>Version 2.3.1</STRONG></A>
1.5 +30 -5 xml-soap/java/src/org/apache/soap/util/net/SSLUtils.java
Index: SSLUtils.java
===================================================================
RCS file: /home/cvs/xml-soap/java/src/org/apache/soap/util/net/SSLUtils.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- SSLUtils.java 21 Aug 2001 19:22:35 -0000 1.4
+++ SSLUtils.java 1 Aug 2002 03:07:32 -0000 1.5
@@ -67,6 +67,7 @@
* A bunch of utility stuff for doing SSL things.
*
* @author Chris Nelson (cnelson@synchrony.net)
+ * @author Phil Bohnenkamp (pbohnenkamp@centerpost.com)
*/
public class SSLUtils {
static String tunnelHost;
@@ -135,11 +136,34 @@
static private void doTunnelHandshake(Socket tunnel, String host, int port)
throws IOException
{
- OutputStream out = tunnel.getOutputStream();
- String msg = "CONNECT " + host + ":" + port + " HTTP/1.0\n"
- + "User-Agent: "
- + sun.net.www.protocol.http.HttpURLConnection.userAgent
- + "\r\n\r\n";
+ /*
+ * The proxy may need an authorization string. Check
+ * standard https property.
+ */
+ String proxyAuth = System.getProperty("https.proxyAuth");
+
+ String msg;
+ OutputStream out = tunnel.getOutputStream();
+
+ if (proxyAuth == null)
+ {
+ // Autherization not required
+
+ msg = "CONNECT " + host + ":" + port + " HTTP/1.0\n"
+ + "User-Agent: "
+ + sun.net.www.protocol.http.HttpURLConnection.userAgent
+ + "\r\n\r\n";
+ }
+ else
+ {
+ // need to specify an authorization string in http header
+ msg = "CONNECT " + host + ":" + port + " HTTP/1.0\n"
+ + "Proxy-Authorization: " + proxyAuth + "\n"
+ + "User-Agent: "
+ + sun.net.www.protocol.http.HttpURLConnection.userAgent
+ + "\r\n\r\n";
+ }
+
byte b[];
try {
/*
@@ -209,3 +233,4 @@
/* tunneling Handshake was successful! */
}
}
+
Re: cvs commit: xml-soap/java/src/org/apache/soap/util/net
SSLUtils.java
Posted by Scott Nichol <sn...@scottnichol.com>.
Simon,
Thanks. I guess our users have been working with forgiving servers thus
far.
Scott Nichol
----- Original Message -----
From: "Simon Fell" <so...@zaks.demon.co.uk>
To: <so...@xml.apache.org>
Sent: Thursday, August 01, 2002 12:39 AM
Subject: Re: cvs commit: xml-soap/java/src/org/apache/soap/util/net
SSLUtils.java
FYI, there's some bugs in this, all the HTTP header line endings
should be \r\n not just \n
Cheers
Simon
On 1 Aug 2002 03:07:32 -0000, in soap you wrote:
>snichol 2002/07/31 20:07:32
>
> Modified: java/docs changes.html
> java/src/org/apache/soap/util/net SSLUtils.java
> Log:
> Submitted by: Phil Bohnenkamp <pb...@centerpost.com>
> Reviewed by: Scott Nichol
>
> The attached modified class is to add support for https tunneling through
> a proxy that requires authentication. Although tunneling that requires
> authentication works with http, it didn't for https.
>
> After sniffing around, I found that the standard system property for the
> authentication string to pass to the proxy is https.proxyAuth. This
> authentication string format is defined in the
> "HTTP Authentication: Basic and Digest Access Authentication"
specification
> found at ftp://ftp.isi.edu/in-notes/rfc2617.txt. If https.proxyAuth is
not
> found it assumes proxy authentication is not required.
>
> Revision Changes Path
> 1.35 +1 -0 xml-soap/java/docs/changes.html
>
> Index: changes.html
> ===================================================================
> RCS file: /home/cvs/xml-soap/java/docs/changes.html,v
> retrieving revision 1.34
> retrieving revision 1.35
> diff -u -r1.34 -r1.35
> --- changes.html 30 Jul 2002 20:32:04 -0000 1.34
> +++ changes.html 1 Aug 2002 03:07:32 -0000 1.35
> @@ -53,6 +53,7 @@
> This dramatically decreases latency when the payload is smaller
> than the TCP segment size, assuming the server platform uses
> a long delayed ACK timer (typically 200 ms).</li>
> + <li>Support authentication for https proxies.</li>
> </ul>
> </li>
> <li><A name="v2.3.1"><STRONG>Version 2.3.1</STRONG></A>
>
>
>
> 1.5 +30 -5
xml-soap/java/src/org/apache/soap/util/net/SSLUtils.java
>
> Index: SSLUtils.java
> ===================================================================
> RCS file:
/home/cvs/xml-soap/java/src/org/apache/soap/util/net/SSLUtils.java,v
> retrieving revision 1.4
> retrieving revision 1.5
> diff -u -r1.4 -r1.5
> --- SSLUtils.java 21 Aug 2001 19:22:35 -0000 1.4
> +++ SSLUtils.java 1 Aug 2002 03:07:32 -0000 1.5
> @@ -67,6 +67,7 @@
> * A bunch of utility stuff for doing SSL things.
> *
> * @author Chris Nelson (cnelson@synchrony.net)
> + * @author Phil Bohnenkamp (pbohnenkamp@centerpost.com)
> */
> public class SSLUtils {
> static String tunnelHost;
> @@ -135,11 +136,34 @@
> static private void doTunnelHandshake(Socket tunnel, String
host, int port)
> throws IOException
> {
> - OutputStream out = tunnel.getOutputStream();
> - String msg = "CONNECT " + host + ":" + port + " HTTP/1.0\n"
> - + "User-Agent: "
> - +
sun.net.www.protocol.http.HttpURLConnection.userAgent
> - + "\r\n\r\n";
> + /*
> + * The proxy may need an authorization string. Check
> + * standard https property.
> + */
> + String proxyAuth = System.getProperty("https.proxyAuth");
> +
> + String msg;
> + OutputStream out = tunnel.getOutputStream();
> +
> + if (proxyAuth == null)
> + {
> + // Autherization not required
> +
> + msg = "CONNECT " + host + ":" + port + " HTTP/1.0\n"
> + + "User-Agent: "
> + +
sun.net.www.protocol.http.HttpURLConnection.userAgent
> + + "\r\n\r\n";
> + }
> + else
> + {
> + // need to specify an authorization string in http header
> + msg = "CONNECT " + host + ":" + port + " HTTP/1.0\n"
> + + "Proxy-Authorization: " + proxyAuth + "\n"
> + + "User-Agent: "
> + +
sun.net.www.protocol.http.HttpURLConnection.userAgent
> + + "\r\n\r\n";
> + }
> +
> byte b[];
> try {
> /*
> @@ -209,3 +233,4 @@
> /* tunneling Handshake was successful! */
> }
> }
> +
>
>
>
--
To unsubscribe, e-mail: <ma...@xml.apache.org>
For additional commands, e-mail: <ma...@xml.apache.org>
--
To unsubscribe, e-mail: <ma...@xml.apache.org>
For additional commands, e-mail: <ma...@xml.apache.org>
Re: cvs commit: xml-soap/java/src/org/apache/soap/util/net
SSLUtils.java
Posted by Scott Nichol <sn...@scottnichol.com>.
Simon,
Thanks. I guess our users have been working with forgiving servers thus
far.
Scott Nichol
----- Original Message -----
From: "Simon Fell" <so...@zaks.demon.co.uk>
To: <so...@xml.apache.org>
Sent: Thursday, August 01, 2002 12:39 AM
Subject: Re: cvs commit: xml-soap/java/src/org/apache/soap/util/net
SSLUtils.java
FYI, there's some bugs in this, all the HTTP header line endings
should be \r\n not just \n
Cheers
Simon
On 1 Aug 2002 03:07:32 -0000, in soap you wrote:
>snichol 2002/07/31 20:07:32
>
> Modified: java/docs changes.html
> java/src/org/apache/soap/util/net SSLUtils.java
> Log:
> Submitted by: Phil Bohnenkamp <pb...@centerpost.com>
> Reviewed by: Scott Nichol
>
> The attached modified class is to add support for https tunneling through
> a proxy that requires authentication. Although tunneling that requires
> authentication works with http, it didn't for https.
>
> After sniffing around, I found that the standard system property for the
> authentication string to pass to the proxy is https.proxyAuth. This
> authentication string format is defined in the
> "HTTP Authentication: Basic and Digest Access Authentication"
specification
> found at ftp://ftp.isi.edu/in-notes/rfc2617.txt. If https.proxyAuth is
not
> found it assumes proxy authentication is not required.
>
> Revision Changes Path
> 1.35 +1 -0 xml-soap/java/docs/changes.html
>
> Index: changes.html
> ===================================================================
> RCS file: /home/cvs/xml-soap/java/docs/changes.html,v
> retrieving revision 1.34
> retrieving revision 1.35
> diff -u -r1.34 -r1.35
> --- changes.html 30 Jul 2002 20:32:04 -0000 1.34
> +++ changes.html 1 Aug 2002 03:07:32 -0000 1.35
> @@ -53,6 +53,7 @@
> This dramatically decreases latency when the payload is smaller
> than the TCP segment size, assuming the server platform uses
> a long delayed ACK timer (typically 200 ms).</li>
> + <li>Support authentication for https proxies.</li>
> </ul>
> </li>
> <li><A name="v2.3.1"><STRONG>Version 2.3.1</STRONG></A>
>
>
>
> 1.5 +30 -5
xml-soap/java/src/org/apache/soap/util/net/SSLUtils.java
>
> Index: SSLUtils.java
> ===================================================================
> RCS file:
/home/cvs/xml-soap/java/src/org/apache/soap/util/net/SSLUtils.java,v
> retrieving revision 1.4
> retrieving revision 1.5
> diff -u -r1.4 -r1.5
> --- SSLUtils.java 21 Aug 2001 19:22:35 -0000 1.4
> +++ SSLUtils.java 1 Aug 2002 03:07:32 -0000 1.5
> @@ -67,6 +67,7 @@
> * A bunch of utility stuff for doing SSL things.
> *
> * @author Chris Nelson (cnelson@synchrony.net)
> + * @author Phil Bohnenkamp (pbohnenkamp@centerpost.com)
> */
> public class SSLUtils {
> static String tunnelHost;
> @@ -135,11 +136,34 @@
> static private void doTunnelHandshake(Socket tunnel, String
host, int port)
> throws IOException
> {
> - OutputStream out = tunnel.getOutputStream();
> - String msg = "CONNECT " + host + ":" + port + " HTTP/1.0\n"
> - + "User-Agent: "
> - +
sun.net.www.protocol.http.HttpURLConnection.userAgent
> - + "\r\n\r\n";
> + /*
> + * The proxy may need an authorization string. Check
> + * standard https property.
> + */
> + String proxyAuth = System.getProperty("https.proxyAuth");
> +
> + String msg;
> + OutputStream out = tunnel.getOutputStream();
> +
> + if (proxyAuth == null)
> + {
> + // Autherization not required
> +
> + msg = "CONNECT " + host + ":" + port + " HTTP/1.0\n"
> + + "User-Agent: "
> + +
sun.net.www.protocol.http.HttpURLConnection.userAgent
> + + "\r\n\r\n";
> + }
> + else
> + {
> + // need to specify an authorization string in http header
> + msg = "CONNECT " + host + ":" + port + " HTTP/1.0\n"
> + + "Proxy-Authorization: " + proxyAuth + "\n"
> + + "User-Agent: "
> + +
sun.net.www.protocol.http.HttpURLConnection.userAgent
> + + "\r\n\r\n";
> + }
> +
> byte b[];
> try {
> /*
> @@ -209,3 +233,4 @@
> /* tunneling Handshake was successful! */
> }
> }
> +
>
>
>
--
To unsubscribe, e-mail: <ma...@xml.apache.org>
For additional commands, e-mail: <ma...@xml.apache.org>
Re: cvs commit: xml-soap/java/src/org/apache/soap/util/net SSLUtils.java
Posted by Simon Fell <so...@zaks.demon.co.uk>.
FYI, there's some bugs in this, all the HTTP header line endings
should be \r\n not just \n
Cheers
Simon
On 1 Aug 2002 03:07:32 -0000, in soap you wrote:
>snichol 2002/07/31 20:07:32
>
> Modified: java/docs changes.html
> java/src/org/apache/soap/util/net SSLUtils.java
> Log:
> Submitted by: Phil Bohnenkamp <pb...@centerpost.com>
> Reviewed by: Scott Nichol
>
> The attached modified class is to add support for https tunneling through
> a proxy that requires authentication. Although tunneling that requires
> authentication works with http, it didn't for https.
>
> After sniffing around, I found that the standard system property for the
> authentication string to pass to the proxy is https.proxyAuth. This
> authentication string format is defined in the
> "HTTP Authentication: Basic and Digest Access Authentication" specification
> found at ftp://ftp.isi.edu/in-notes/rfc2617.txt. If https.proxyAuth is not
> found it assumes proxy authentication is not required.
>
> Revision Changes Path
> 1.35 +1 -0 xml-soap/java/docs/changes.html
>
> Index: changes.html
> ===================================================================
> RCS file: /home/cvs/xml-soap/java/docs/changes.html,v
> retrieving revision 1.34
> retrieving revision 1.35
> diff -u -r1.34 -r1.35
> --- changes.html 30 Jul 2002 20:32:04 -0000 1.34
> +++ changes.html 1 Aug 2002 03:07:32 -0000 1.35
> @@ -53,6 +53,7 @@
> This dramatically decreases latency when the payload is smaller
> than the TCP segment size, assuming the server platform uses
> a long delayed ACK timer (typically 200 ms).</li>
> + <li>Support authentication for https proxies.</li>
> </ul>
> </li>
> <li><A name="v2.3.1"><STRONG>Version 2.3.1</STRONG></A>
>
>
>
> 1.5 +30 -5 xml-soap/java/src/org/apache/soap/util/net/SSLUtils.java
>
> Index: SSLUtils.java
> ===================================================================
> RCS file: /home/cvs/xml-soap/java/src/org/apache/soap/util/net/SSLUtils.java,v
> retrieving revision 1.4
> retrieving revision 1.5
> diff -u -r1.4 -r1.5
> --- SSLUtils.java 21 Aug 2001 19:22:35 -0000 1.4
> +++ SSLUtils.java 1 Aug 2002 03:07:32 -0000 1.5
> @@ -67,6 +67,7 @@
> * A bunch of utility stuff for doing SSL things.
> *
> * @author Chris Nelson (cnelson@synchrony.net)
> + * @author Phil Bohnenkamp (pbohnenkamp@centerpost.com)
> */
> public class SSLUtils {
> static String tunnelHost;
> @@ -135,11 +136,34 @@
> static private void doTunnelHandshake(Socket tunnel, String host, int port)
> throws IOException
> {
> - OutputStream out = tunnel.getOutputStream();
> - String msg = "CONNECT " + host + ":" + port + " HTTP/1.0\n"
> - + "User-Agent: "
> - + sun.net.www.protocol.http.HttpURLConnection.userAgent
> - + "\r\n\r\n";
> + /*
> + * The proxy may need an authorization string. Check
> + * standard https property.
> + */
> + String proxyAuth = System.getProperty("https.proxyAuth");
> +
> + String msg;
> + OutputStream out = tunnel.getOutputStream();
> +
> + if (proxyAuth == null)
> + {
> + // Autherization not required
> +
> + msg = "CONNECT " + host + ":" + port + " HTTP/1.0\n"
> + + "User-Agent: "
> + + sun.net.www.protocol.http.HttpURLConnection.userAgent
> + + "\r\n\r\n";
> + }
> + else
> + {
> + // need to specify an authorization string in http header
> + msg = "CONNECT " + host + ":" + port + " HTTP/1.0\n"
> + + "Proxy-Authorization: " + proxyAuth + "\n"
> + + "User-Agent: "
> + + sun.net.www.protocol.http.HttpURLConnection.userAgent
> + + "\r\n\r\n";
> + }
> +
> byte b[];
> try {
> /*
> @@ -209,3 +233,4 @@
> /* tunneling Handshake was successful! */
> }
> }
> +
>
>
>
--
To unsubscribe, e-mail: <ma...@xml.apache.org>
For additional commands, e-mail: <ma...@xml.apache.org>
Re: cvs commit: xml-soap/java/src/org/apache/soap/util/net SSLUtils.java
Posted by Simon Fell <so...@zaks.demon.co.uk>.
FYI, there's some bugs in this, all the HTTP header line endings
should be \r\n not just \n
Cheers
Simon
On 1 Aug 2002 03:07:32 -0000, in soap you wrote:
>snichol 2002/07/31 20:07:32
>
> Modified: java/docs changes.html
> java/src/org/apache/soap/util/net SSLUtils.java
> Log:
> Submitted by: Phil Bohnenkamp <pb...@centerpost.com>
> Reviewed by: Scott Nichol
>
> The attached modified class is to add support for https tunneling through
> a proxy that requires authentication. Although tunneling that requires
> authentication works with http, it didn't for https.
>
> After sniffing around, I found that the standard system property for the
> authentication string to pass to the proxy is https.proxyAuth. This
> authentication string format is defined in the
> "HTTP Authentication: Basic and Digest Access Authentication" specification
> found at ftp://ftp.isi.edu/in-notes/rfc2617.txt. If https.proxyAuth is not
> found it assumes proxy authentication is not required.
>
> Revision Changes Path
> 1.35 +1 -0 xml-soap/java/docs/changes.html
>
> Index: changes.html
> ===================================================================
> RCS file: /home/cvs/xml-soap/java/docs/changes.html,v
> retrieving revision 1.34
> retrieving revision 1.35
> diff -u -r1.34 -r1.35
> --- changes.html 30 Jul 2002 20:32:04 -0000 1.34
> +++ changes.html 1 Aug 2002 03:07:32 -0000 1.35
> @@ -53,6 +53,7 @@
> This dramatically decreases latency when the payload is smaller
> than the TCP segment size, assuming the server platform uses
> a long delayed ACK timer (typically 200 ms).</li>
> + <li>Support authentication for https proxies.</li>
> </ul>
> </li>
> <li><A name="v2.3.1"><STRONG>Version 2.3.1</STRONG></A>
>
>
>
> 1.5 +30 -5 xml-soap/java/src/org/apache/soap/util/net/SSLUtils.java
>
> Index: SSLUtils.java
> ===================================================================
> RCS file: /home/cvs/xml-soap/java/src/org/apache/soap/util/net/SSLUtils.java,v
> retrieving revision 1.4
> retrieving revision 1.5
> diff -u -r1.4 -r1.5
> --- SSLUtils.java 21 Aug 2001 19:22:35 -0000 1.4
> +++ SSLUtils.java 1 Aug 2002 03:07:32 -0000 1.5
> @@ -67,6 +67,7 @@
> * A bunch of utility stuff for doing SSL things.
> *
> * @author Chris Nelson (cnelson@synchrony.net)
> + * @author Phil Bohnenkamp (pbohnenkamp@centerpost.com)
> */
> public class SSLUtils {
> static String tunnelHost;
> @@ -135,11 +136,34 @@
> static private void doTunnelHandshake(Socket tunnel, String host, int port)
> throws IOException
> {
> - OutputStream out = tunnel.getOutputStream();
> - String msg = "CONNECT " + host + ":" + port + " HTTP/1.0\n"
> - + "User-Agent: "
> - + sun.net.www.protocol.http.HttpURLConnection.userAgent
> - + "\r\n\r\n";
> + /*
> + * The proxy may need an authorization string. Check
> + * standard https property.
> + */
> + String proxyAuth = System.getProperty("https.proxyAuth");
> +
> + String msg;
> + OutputStream out = tunnel.getOutputStream();
> +
> + if (proxyAuth == null)
> + {
> + // Autherization not required
> +
> + msg = "CONNECT " + host + ":" + port + " HTTP/1.0\n"
> + + "User-Agent: "
> + + sun.net.www.protocol.http.HttpURLConnection.userAgent
> + + "\r\n\r\n";
> + }
> + else
> + {
> + // need to specify an authorization string in http header
> + msg = "CONNECT " + host + ":" + port + " HTTP/1.0\n"
> + + "Proxy-Authorization: " + proxyAuth + "\n"
> + + "User-Agent: "
> + + sun.net.www.protocol.http.HttpURLConnection.userAgent
> + + "\r\n\r\n";
> + }
> +
> byte b[];
> try {
> /*
> @@ -209,3 +233,4 @@
> /* tunneling Handshake was successful! */
> }
> }
> +
>
>
>