You are viewing a plain text version of this content. The canonical link for it is here.
Posted to httpclient-users@hc.apache.org by Onofer Dusan <Du...@st.sk> on 2011/02/24 10:15:26 UTC
Proxy-Authorization header received on server side
Hi,
I'm following example
http://hc.apache.org/httpcomponents-client-ga/examples.html
Proxy authentication
but it seems that not only proxy is receiving credentials for proxy.
In log, which is generated at target.host I can see header
Proxy-Authorization: Basic ....
httpclient.getCredentialsProvider().setCredentials(
new AuthScope("proxy.host", 80),
new UsernamePasswordCredentials("proxy_user", "proxy_pass"));
List<String> authpref = new ArrayList<String>();
authpref.add(AuthPolicy.BASIC);
httpclient.getParams().setParameter(AuthPNames.PROXY_AUTH_PREF, authpref);
HttpHost targetHost = new HttpHost("target.host", 443, "https");
HttpHost proxy = new HttpHost("proxy.host", 80);
httpclient.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY, proxy);
HttpGet httpget = new HttpGet("/path/logrequest.php");
HttpResponse response = httpclient.execute(targetHost, httpget);
I'm using httpclient-4.1.
--d.
--
Dusan Onofer
Re: Proxy-Authorization header received on server side
Posted by David Motes <da...@gmail.com>.
Forget my last post.
I understand the problem, I should not be posting with a fried brain....
On Thu, Feb 24, 2011 at 4:47 PM, David Motes <da...@gmail.com> wrote:
> On Thu, Feb 24, 2011 at 4:29 PM, Onofer Dusan <Du...@st.sk> wrote:
>>
>>
>>
>> Hi,
>>
>>> I am having trouble understanding this.
>>>
>>> If you are seeing the Proxy-Authorization: header on the destination
>>> server doesn't that mean the proxy did not consume the header.
>>> Isn't that usually caused by the realm in the Proxy-Authorization:
>>> header not matching what the proxy is expecting?
>>>
>>> Httpclient has to send the Proxy-Authorization: to authenticate with the proxy.
>>
>> proxy can't strip header - it's sent in ssl stream.
>>
> HttpHost proxy = new HttpHost("proxy.host", 80); ?
>
> If its in an ssl stream then how are you supposed to authenticate
> with the proxy using the Proxy-Authorization: header?
> or
> It the proxy cant strip the Proxy-Authorization: header why are you
> surprised the server is seeing it?
>
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org
Re: Proxy-Authorization header received on server side
Posted by David Motes <da...@gmail.com>.
On Thu, Feb 24, 2011 at 4:29 PM, Onofer Dusan <Du...@st.sk> wrote:
>
>
>
> Hi,
>
>> I am having trouble understanding this.
>>
>> If you are seeing the Proxy-Authorization: header on the destination
>> server doesn't that mean the proxy did not consume the header.
>> Isn't that usually caused by the realm in the Proxy-Authorization:
>> header not matching what the proxy is expecting?
>>
>> Httpclient has to send the Proxy-Authorization: to authenticate with the proxy.
>
> proxy can't strip header - it's sent in ssl stream.
>
HttpHost proxy = new HttpHost("proxy.host", 80); ?
If its in an ssl stream then how are you supposed to authenticate
with the proxy using the Proxy-Authorization: header?
or
It the proxy cant strip the Proxy-Authorization: header why are you
surprised the server is seeing it?
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org
RE: Proxy-Authorization header received on server side
Posted by Onofer Dusan <Du...@st.sk>.
Hi,
> I am having trouble understanding this.
>
> If you are seeing the Proxy-Authorization: header on the destination
> server doesn't that mean the proxy did not consume the header.
> Isn't that usually caused by the realm in the Proxy-Authorization:
> header not matching what the proxy is expecting?
>
> Httpclient has to send the Proxy-Authorization: to authenticate with the proxy.
proxy can't strip header - it's sent in ssl stream.
--d.
Dusan
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org
Re: Proxy-Authorization header received on server side
Posted by David Motes <da...@gmail.com>.
I am having trouble understanding this.
If you are seeing the Proxy-Authorization: header on the destination
server doesn't that mean the proxy did not consume the header.
Isn't that usually caused by the realm in the Proxy-Authorization:
header not matching what the proxy is expecting?
Httpclient has to send the Proxy-Authorization: to authenticate with the proxy.
How can this be a major bug in httpclient?
On Thu, Feb 24, 2011 at 2:30 PM, Onofer Dusan <Du...@st.sk> wrote:
>
>
>> > I'm following example
>> > http://hc.apache.org/httpcomponents-client-ga/examples.html
>> > Proxy authentication
>> >
>> > but it seems that not only proxy is receiving credentials for proxy.
>> > In log, which is generated at target.host I can see header
>> > Proxy-Authorization: Basic ....
>
>
>> >
>> > I'm using httpclient-4.1.
>>
>> This sounds like a serious bug in HttpClient. Please raise a JIRA for
>> this defect and set its priority to critical.
>
> HTTPCLIENT-1061
>
>> Oleg
>
> --d.
>
> Dusan
>
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org
RE: Proxy-Authorization header received on server side
Posted by Onofer Dusan <Du...@st.sk>.
> > I'm following example
> > http://hc.apache.org/httpcomponents-client-ga/examples.html
> > Proxy authentication
> >
> > but it seems that not only proxy is receiving credentials for proxy.
> > In log, which is generated at target.host I can see header
> > Proxy-Authorization: Basic ....
> >
> > I'm using httpclient-4.1.
>
> This sounds like a serious bug in HttpClient. Please raise a JIRA for
> this defect and set its priority to critical.
HTTPCLIENT-1061
> Oleg
--d.
Dusan
Re: Proxy-Authorization header received on server side
Posted by Oleg Kalnichevski <ol...@apache.org>.
On Thu, 2011-02-24 at 10:15 +0100, Onofer Dusan wrote:
> Hi,
>
> I'm following example
> http://hc.apache.org/httpcomponents-client-ga/examples.html
> Proxy authentication
>
> but it seems that not only proxy is receiving credentials for proxy.
> In log, which is generated at target.host I can see header
> Proxy-Authorization: Basic ....
>
> httpclient.getCredentialsProvider().setCredentials(
> new AuthScope("proxy.host", 80),
> new UsernamePasswordCredentials("proxy_user", "proxy_pass"));
> List<String> authpref = new ArrayList<String>();
> authpref.add(AuthPolicy.BASIC);
> httpclient.getParams().setParameter(AuthPNames.PROXY_AUTH_PREF, authpref);
>
> HttpHost targetHost = new HttpHost("target.host", 443, "https");
> HttpHost proxy = new HttpHost("proxy.host", 80);
>
> httpclient.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY, proxy);
> HttpGet httpget = new HttpGet("/path/logrequest.php");
> HttpResponse response = httpclient.execute(targetHost, httpget);
>
> I'm using httpclient-4.1.
This sounds like a serious bug in HttpClient. Please raise a JIRA for
this defect and set its priority to critical.
Oleg
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org