You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by Alex Hunsley <al...@blueyonder.co.uk> on 2004/05/27 12:27:49 UTC
does HttpClient transparently send proxy auth after getting HTTP
403 code?
I hope this is an approriate list for this question, if not, please
accept my apologies!
I'm running HttpClient 2.0 with j2sdk1.4.2_03.
I'm using HttpClient to access web pages via an http proxy server that
needs basic proxy authorization (note: it's the *proxy* that needs auth,
not the end-target web server. I add this because I have got confused
myself sometimes over this!) I'm debugging my HttpClient-using code by
pointing it at a local proxy (I'm running 'Charles') and from this I can
see that my request is *not* providing proxy authorization information.
If, however, I call:
httpClient.getState().setAuthenticationPreemptive(true);
to enable pre-emptive authorization, my test proxy does receive the
authorization. I had no idea that the preeptive authorization also
applies to the proxy authorization as the docs don't make this clear
(and if this is indeed the case, a clarification in the docs might be
handy).
My main question is: if I don't call setAuthenticationPreemptive(true),
and if HttpClient tries to use a proxy and receives an HTTP 403 (proxy
auth required) message back, will it transparently then give the proxy
auth that I have set, or will it just give me the 403 code it received?
As far as I can see, it is just giving me the 403 code back, so I don't
understand why it doesn't just always give the proxy auth up front as a
matter of convenience!
I hope someone can clarify this and thanks for reading!
alex
p.s. I have had no luck at all finding a simple proxy that is runnable
under cygwin or windows that will let me enable basic proxy
authorization so I can test this. All I know that is my proxy
authorization wasn't working in a client's office - I was getting HTTP
403 - despite me setting the proxy auth in my request (but not putting
.setAuthenticationPreemptive(true)).
---------------------------------------------------------------------
To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org
Re: does HttpClient transparently send proxy auth after getting HTTP
403 code?
Posted by Alex Hunsley <al...@blueyonder.co.uk>.
Ortwin Glück wrote:
>
>
> Alex Hunsley wrote:
>
>> My main question is: if I don't call
>> setAuthenticationPreemptive(true), and if HttpClient tries to use a
>> proxy and receives an HTTP 403 (proxy auth required) message back,
>> will it transparently then give the proxy auth that I have set, or
>> will it just give me the 403 code it received?
>
>
> On a 403 response from the proxy, HttpClient will try to authenticate
> with the proxy by repeating the request, if (and only if) you have set
> credentials that are applicable to the host and realm.
As Roland pointed out, no it won't, not unless you've called
HttpMethod.setDoAuthentication(true). I've verified this since Roland
told me about it.
>
> Please make sure you set the correct hostname and realm for your
> credentials.
I'm setting null for both at the moment, this is the way to set a
default AFAICS, and I want to get it working withs defaults first. The
simpler the better for now.
>
>> p.s. I have had no luck at all finding a simple proxy that is
>> runnable under cygwin or windows that will let me enable basic proxy
>> authorization so I can test this.
>
>
> Check out Squid, which is available for Cygwin (Web category) and
> native Window (which is kinda not well-supported). Its config file is
> huge (squid can do a lot) but quite straight forward.
>
thanks for the idea!
alex
---------------------------------------------------------------------
To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org
Re: does HttpClient transparently send proxy auth after getting HTTP
403 code?
Posted by Ortwin Glück <or...@nose.ch>.
Alex Hunsley wrote:
> My main question is: if I don't call setAuthenticationPreemptive(true),
> and if HttpClient tries to use a proxy and receives an HTTP 403 (proxy
> auth required) message back, will it transparently then give the proxy
> auth that I have set, or will it just give me the 403 code it received?
On a 403 response from the proxy, HttpClient will try to authenticate
with the proxy by repeating the request, if (and only if) you have set
credentials that are applicable to the host and realm. If all auth
attempts fail, you will get the 403 response back as a last resort.
Please make sure you set the correct hostname and realm for your
credentials.
> p.s. I have had no luck at all finding a simple proxy that is runnable
> under cygwin or windows that will let me enable basic proxy
> authorization so I can test this.
Check out Squid, which is available for Cygwin (Web category) and native
Window (which is kinda not well-supported). Its config file is huge
(squid can do a lot) but quite straight forward.
HTH
Ortwin Glück
---------------------------------------------------------------------
To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org
Re: does HttpClient transparently send proxy auth after getting HTTP 403
code?
Posted by Roland Weber <RO...@de.ibm.com>.
Hello Alex,
HttpClient can send the authentication data automatically.
Use HttpMethod.setDoAuthentication(true) to tell it to.
You may want to set the credentials for the particular host
and port of the proxy, rather than as default credentials.
This will prevent them from being sent to the wrong host.
cheers,
Roland
Alex Hunsley <al...@blueyonder.co.uk>
27.05.2004 12:27
Please respond to "Commons HttpClient Project"
To: commons-httpclient-dev@jakarta.apache.org
cc:
Subject: does HttpClient transparently send proxy auth
after getting HTTP 403 code?
I hope this is an approriate list for this question, if not, please
accept my apologies!
I'm running HttpClient 2.0 with j2sdk1.4.2_03.
I'm using HttpClient to access web pages via an http proxy server that
needs basic proxy authorization (note: it's the *proxy* that needs auth,
not the end-target web server. I add this because I have got confused
myself sometimes over this!) I'm debugging my HttpClient-using code by
pointing it at a local proxy (I'm running 'Charles') and from this I can
see that my request is *not* providing proxy authorization information.
If, however, I call:
httpClient.getState().setAuthenticationPreemptive(true);
to enable pre-emptive authorization, my test proxy does receive the
authorization. I had no idea that the preeptive authorization also
applies to the proxy authorization as the docs don't make this clear
(and if this is indeed the case, a clarification in the docs might be
handy).
My main question is: if I don't call setAuthenticationPreemptive(true),
and if HttpClient tries to use a proxy and receives an HTTP 403 (proxy
auth required) message back, will it transparently then give the proxy
auth that I have set, or will it just give me the 403 code it received?
As far as I can see, it is just giving me the 403 code back, so I don't
understand why it doesn't just always give the proxy auth up front as a
matter of convenience!
I hope someone can clarify this and thanks for reading!
alex
p.s. I have had no luck at all finding a simple proxy that is runnable
under cygwin or windows that will let me enable basic proxy
authorization so I can test this. All I know that is my proxy
authorization wasn't working in a client's office - I was getting HTTP
403 - despite me setting the proxy auth in my request (but not putting
.setAuthenticationPreemptive(true)).
---------------------------------------------------------------------
To unsubscribe, e-mail:
commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail:
commons-httpclient-dev-help@jakarta.apache.org