You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@synapse.apache.org by "nabil (JIRA)" <ji...@apache.org> on 2012/10/30 16:40:12 UTC

[jira] [Commented] (SYNAPSE-858) Synapse doesn't forward requests via proxyserver for a 'https' endpoint

    [ https://issues.apache.org/jira/browse/SYNAPSE-858?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13486950#comment-13486950 ] 

nabil commented on SYNAPSE-858:
-------------------------------

I set up a web proxy to debug requests sent by Synapse ESB, but the latter does not pass through it!

Is it a bug in Synapse or it's my wrong doing?
I configured the repository/conf/axis2.xml like this : 

<transportSender name="http"  class="org.apache.synapse.transport.nhttp.HttpCoreNIOSender">
        <parameter name="non-blocking" locked="false">true</parameter>
        <parameter name="warnOnHTTP500" locked="false">*</parameter>
	<parameter name="http.proxyHost" locked="false">127.0.0.1</parameter>
        <parameter name="http.proxyPort" locked="false">8080</parameter>
    </transportSender>
    <transportSender name="https" class="org.apache.synapse.transport.nhttp.HttpCoreNIOSSLSender">
        <parameter name="non-blocking" locked="false">true</parameter>
        <parameter name="warnOnHTTP500" locked="false">*</parameter>
	<parameter name="http.proxyHost" locked="false">127.0.0.1</parameter>
        <parameter name="http.proxyPort" locked="false">8080</parameter>
        <parameter name="keystore" locked="false">
        <...>

I tried before to set http.proxyHost http.proxyPort in synapse.sh, but no real progress

Could you please help us?


Thanks
Nabil

                
> Synapse doesn't forward requests via proxyserver for a 'https' endpoint
> -----------------------------------------------------------------------
>
>                 Key: SYNAPSE-858
>                 URL: https://issues.apache.org/jira/browse/SYNAPSE-858
>             Project: Synapse
>          Issue Type: Bug
>          Components: Core
>    Affects Versions: NIGHTLY
>            Reporter: Vijayaratha Vijayasingam
>            Priority: Critical
>             Fix For: FUTURE
>
>         Attachments: nhttpSSLProxy.patch
>
>
> Synapse doesn't work when we configure 'http' proxy to talk to 'https' endpoint via a proxyserver.
> At axis2.xml transport sender configuration,when we add following two parameters[1], which are not picked by backend
> [1] <parameter locked="false" name="http.proxyHost">10.100.1.162</parameter>
> <parameter locked="false" name="http.proxyPort">443</parameter>            //https port number
>  <parameter name="HostnameVerifier">AllowAll</parameter>
> This is because, @  HttpCoreNIOSender class,  the condition is like,
> if (sslContext == null) {
>  proxyHost =
>  proxyPort =
> }
> if we remove (sslContext==null) condition then both scenarios(http/https sender) work fine..(But not sure how this will affect the system's security)
> Configurations
> --------------------
> Proxy;
>  <proxy name="TestProxy" transports="http" startOnLoad="true" trace="disable">
>         <target>
>             <inSequence>
>                 <send>
>                     <endpoint>
>                         <address uri="https://localhost:9444/services/SimpleStockQuoteService"/>
>                     </endpoint>
>                 </send>
>             </inSequence>
>             <outSequence>
>                 <send/>
>             </outSequence>
>         </target>
>     </proxy>
> TransportSender
> -----------------------
>  <transportSender name="http" class="org.apache.synapse.transport.nhttp.HttpCoreNIOSender">
>         <parameter name="non-blocking" locked="false">true</parameter>
>             <parameter locked="false" name="http.proxyHost">10.100.1.162</parameter>
>     <parameter locked="false" name="http.proxyPort">80</parameter>
>     </transportSender>
>     <transportSender name="https" class="org.apache.synapse.transport.nhttp.HttpCoreNIOSSLSender">
>         <parameter name="non-blocking" locked="false">true</parameter>
>         <parameter name="keystore" locked="false">
>             <KeyStore>
>                 <Location>repository/resources/security/wso2carbon.jks</Location>
>                 <Type>JKS</Type>
>                 <Password>wso2carbon</Password>
>                 <KeyPassword>wso2carbon</KeyPassword>
>             </KeyStore>
>         </parameter>
>         <parameter name="truststore" locked="false">
>             <TrustStore>
>                 <Location>repository/resources/security/client-truststore.jks</Location>
>                 <Type>JKS</Type>
>                 <Password>wso2carbon</Password>
>             </TrustStore>
>         </parameter>
>     <parameter locked="false" name="http.proxyHost">10.100.1.162</parameter>
>     <parameter locked="false" name="http.proxyPort">443</parameter>
>     <parameter name="HostnameVerifier">AllowAll</parameter>
>      </transportSender>
> f we remove (sslContext==null) condition then both scenarios(http/https sender) work fine..But I'm not sure how this will affect other scenarios..

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@synapse.apache.org
For additional commands, e-mail: dev-help@synapse.apache.org