You are viewing a plain text version of this content. The canonical link for it is here.
Posted to httpclient-users@hc.apache.org by wilson wong <ws...@yahoo.com> on 2006/10/02 16:57:11 UTC
httpclient and siteminder
Hi All
New to this group, I apologize if the following
questions have been asked before.
Try to use HTTPClient to connect to a WebServer(https)
that is protected by Siteminder
1. From a standalone JAVA program.
String url =
"https://www.foo.com/apps?showme.do?id=12345";
HttpClient hc = new HttpClient();
Credentials defaultcreds = new
UsernamePasswordCredentials("username", "password");
hc.getState().setCredentials(new
AuthScope("https://www.foo.com/apps", 443),
defaultcreds);
try
{
PostMethod post = new PostMethod(url);
I nt rc = hc.executeMethod(post);
System.out.println("------ RC = " + rc);
System.out.println( post.getResponseBodyAsString());
}
catch (Exception e)
{
System.out.println("---- e --" + e.getMessage());
e.printStackTrace();
}
I keep getting "401" return code/
Here is the runtime result:
Please note that the actual url has been
replaced with www.foo.com
DEBUG 10:17:20 HttpClient - Java version: 1.4.1_03
DEBUG 10:17:20 HttpClient - Java vendor: Sun
Microsystems Inc.
DEBUG 10:17:20 HttpClient - Java class path: ......
DEBUG 10:17:20 HttpClient - Operating system name:
Windows XP
DEBUG 10:17:20 HttpClient - Operating system
architecture: x86
DEBUG 10:17:20 HttpClient - Operating system version:
5.1
DEBUG 10:17:20 HttpClient - SUN 1.2: SUN (DSA
key/parameter generation;
DSA
signing; SHA-1, MD5 digests; SecureRandom; X.509
certificates; JKS
keystore;
PKIX CertPathValidator; PKIX CertPathBuilder; LDAP,
Collection
CertStores)
DEBUG 10:17:20 HttpClient - SunJSSE 1.41: Sun JSSE
provider(implements
RSA
Signatures, PKCS12, SunX509 key/trust factories,
SSLv3, TLSv1)
DEBUG 10:17:20 HttpClient - SunRsaSign 1.0: SUN's
provider for RSA
signatures
DEBUG 10:17:20 HttpClient - SunJCE 1.4: SunJCE
Provider (implements
DES,
Triple DES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5,
HMAC-SHA1)
DEBUG 10:17:20 HttpClient - SunJGSS 1.0: Sun (Kerberos
v5)
DEBUG 10:17:20 DefaultHttpParams - Set parameter
http.useragent =
Jakarta
Commons-HttpClient/3.0
DEBUG 10:17:20 DefaultHttpParams - Set parameter
http.protocol.version
=
HTTP/1.1
DEBUG 10:17:20 DefaultHttpParams - Set parameter
http.connection-manager.class = class
org.apache.commons.httpclient.SimpleHttpConnectionManager
DEBUG 10:17:20 DefaultHttpParams - Set parameter
http.protocol.cookie-policy
= rfc2109
DEBUG 10:17:20 DefaultHttpParams - Set parameter
http.protocol.element-charset = US-ASCII
DEBUG 10:17:20 DefaultHttpParams - Set parameter
http.protocol.content-charset = ISO-8859-1
DEBUG 10:17:20 DefaultHttpParams - Set parameter
http.method.retry-handler =
org.apache.commons.httpclient.DefaultHttpMethodRetryHandler@18f51f
DEBUG 10:17:20 DefaultHttpParams - Set parameter
http.dateparser.patterns =
[EEE, dd MMM yyyy HH:mm:ss zzz, EEEE, dd-MMM-yy
HH:mm:ss zzz, EEE MMM d
HH:mm:ss yyyy, EEE, dd-MMM-yyyy HH:mm:ss z, EEE,
dd-MMM-yyyy HH-mm-ss
z,
EEE, dd MMM yy HH:mm:ss z, EEE dd-MMM-yyyy HH:mm:ss z,
EEE dd MMM yyyy
HH:mm:ss z, EEE dd-MMM-yyyy HH-mm-ss z, EEE dd-MMM-yy
HH:mm:ss z, EEE
dd MMM
yy HH:mm:ss z, EEE,dd-MMM-yy HH:mm:ss z,
EEE,dd-MMM-yyyy HH:mm:ss z,
EEE,
dd-MM-yyyy HH:mm:ss z]
DEBUG 10:17:22 HttpState - enter
HttpState.setCredentials(AuthScope,
Credentials)
DEBUG 10:17:25 HttpMethodBase -
HttpMethodBase.addRequestHeader(Header)
DEBUG 10:17:26 HttpMethodBase -
HttpMethodBase.addRequestHeader(Header)
DEBUG 10:17:26 HttpMethodBase -
HttpMethodBase.addRequestHeader(Header)
DEBUG 10:17:28 EntityEnclosingMethod - enter
EntityEnclosingMethod.setRequestBody(InputStream)
DEBUG 10:17:28 PostMethod - enter
PostMethod.clearRequestBody()
DEBUG 10:17:28 EntityEnclosingMethod - enter
EntityEnclosingMethod.clearRequestBody()
DEBUG 10:17:29 HttpClient - enter
HttpClient.executeMethod(HttpMethod)
DEBUG 10:17:29 HttpClient - enter
HttpClient.executeMethod(HostConfiguration,HttpMethod,HttpState)
DEBUG 10:17:29 HttpMethodDirector - Attempt number 1
to process request
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.open()
DEBUG 10:17:29 HttpConnection - Open connection to
www.foo.com:443
<www.foo.com:443>
DEBUG 10:17:29 HttpMethodBase - enter
HttpMethodBase.execute(HttpState,
HttpConnection)
DEBUG 10:17:29 HttpMethodBase - enter
HttpMethodBase.writeRequest(HttpState,
HttpConnection)
DEBUG 10:17:29 HttpMethodBase - enter
HttpMethodBase.writeRequestLine(HttpState,
HttpConnection)
DEBUG 10:17:29 HttpMethodBase - enter
HttpMethodBase.generateRequestLine(HttpConnection,
String, String,
String,
String)
DEBUG 10:17:29 Wire - >> "POST
/apps?showme.do?id=12345
HTTP/1.1[\r][\n]"
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.print(String)
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[])
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[], int,
int)
DEBUG 10:17:29 HttpMethodBase - enter
HttpMethodBase.writeRequestHeaders(HttpState,HttpConnection)
DEBUG 10:17:29 EntityEnclosingMethod - enter
EntityEnclosingMethod.addRequestHeaders(HttpState,
HttpConnection)
DEBUG 10:17:29 ExpectContinueMethod - enter
ExpectContinueMethod.addRequestHeaders(HttpState,
HttpConnection)
DEBUG 10:17:29 HttpMethodBase - enter
HttpMethodBase.addRequestHeaders(HttpState,
HttpConnection)
DEBUG 10:17:29 HttpMethodBase - enter
HttpMethodBase.addUserAgentRequestHeaders(HttpState,
HttpConnection)
DEBUG 10:17:29 HttpMethodBase - enter
HttpMethodBase.addHostRequestHeader(HttpState,
HttpConnection)
DEBUG 10:17:29 HttpMethodBase - Adding Host request
header
DEBUG 10:17:29 HttpMethodBase - enter
HttpMethodBase.addCookieRequestHeader(HttpState,
HttpConnection)
DEBUG 10:17:29 HttpState - enter
HttpState.getCookies()
DEBUG 10:17:29 CookieSpecBase - enter
CookieSpecBase.match(String, int,
String, boolean, Cookie[])
DEBUG 10:17:29 HttpMethodBase - enter
HttpMethodBase.addProxyConnectionHeader(HttpState,
HttpConnection)
DEBUG 10:17:29 EntityEnclosingMethod - enter
EntityEnclosingMethod.addContentLengthRequestHeader(HttpState,
HttpConnection)
DEBUG 10:17:29 Wire - >> "Connection:
Keep-Alive[\r][\n]"
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.print(String)
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[])
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[], int,
int)
DEBUG 10:17:29 Wire - >> "Content-Length: 5[\r][\n]"
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.print(String)
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[])
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[], int,
int)
DEBUG 10:17:29 Wire - >> "Content-Type:
text/xml;charset=utf-8[\r][\n]"
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.print(String)
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[])
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[], int,
int)
DEBUG 10:17:29 Wire - >> "User-Agent: Jakarta
Commons-HttpClient/3.0[\r][\n]"
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.print(String)
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[])
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[], int,
int)
DEBUG 10:17:29 Wire - >> "Host: www.foo.com[\r][\n
<www.foo.com[\r][\n>
]"
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.print(String)
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[])
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[], int,
int)
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.writeLine()
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[])
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[], int,
int)
DEBUG 10:17:29 Wire - >> "[\r][\n]"
DEBUG 10:17:29 EntityEnclosingMethod - enter
EntityEnclosingMethod.writeRequestBody(HttpState,
HttpConnection)
DEBUG 10:17:29 PostMethod - enter
PostMethod.hasRequestContent()
DEBUG 10:17:29 EntityEnclosingMethod - enter
EntityEnclosingMethod.hasRequestContent()
DEBUG 10:17:29 EntityEnclosingMethod - enter
EntityEnclosingMethod.renerateRequestBody()
DEBUG 10:17:29 EntityEnclosingMethod - enter
EntityEnclosingMethod.getRequestContentLength()
DEBUG 10:17:29 PostMethod - enter
PostMethod.hasRequestContent()
DEBUG 10:17:29 EntityEnclosingMethod - enter
EntityEnclosingMethod.hasRequestContent()
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.getRequestOutputStream()
DEBUG 10:17:29 Wire - >> "hello"
DEBUG 10:17:30 EntityEnclosingMethod - Request body
sent
DEBUG 10:17:30 HttpConnection - enter
HttpConnection.flushRequestOutputStream()
DEBUG 10:17:30 HttpMethodBase - enter
HttpMethodBase.readResponse(HttpState,
HttpConnection)
DEBUG 10:17:30 HttpMethodBase - enter
HttpMethodBase.readStatusLine(HttpState,
HttpConnection)
DEBUG 10:17:30 HttpConnection - enter
HttpConnection.readLine()
DEBUG 10:17:30 HttpParser - enter
HttpParser.readLine(InputStream,
String)
DEBUG 10:17:30 HttpParser - enter
HttpParser.readRawLine()
DEBUG 10:17:30 Wire - << "HTTP/1.1 401 401: Access
Denied[\r][\n]"
DEBUG 10:17:30 HttpMethodBase - enter
HttpMethodBase.readResponseHeaders(HttpState,HttpConnection)
DEBUG 10:17:30 HttpConnection - enter
HttpConnection.getResponseInputStream()
DEBUG 10:17:30 HttpParser - enter
HeaderParser.parseHeaders(InputStream,
String)
DEBUG 10:17:30 HttpParser - enter
HttpParser.readLine(InputStream,
String)
DEBUG 10:17:30 HttpParser - enter
HttpParser.readRawLine()
DEBUG 10:17:30 HttpParser - enter
HttpParser.readLine(InputStream,
String)
DEBUG 10:17:30 HttpParser - enter
HttpParser.readRawLine()
DEBUG 10:17:30 HttpParser - enter
HttpParser.readLine(InputStream,
String)
DEBUG 10:17:30 HttpParser - enter
HttpParser.readRawLine()
DEBUG 10:17:30 HttpParser - enter
HttpParser.readLine(InputStream,
String)
DEBUG 10:17:30 HttpParser - enter
HttpParser.readRawLine()
DEBUG 10:17:30 HttpParser - enter
HttpParser.readLine(InputStream,
String)
DEBUG 10:17:30 HttpParser - enter
HttpParser.readRawLine()
DEBUG 10:17:30 HttpParser - enter
HttpParser.readLine(InputStream,
String)
DEBUG 10:17:30 HttpParser - enter
HttpParser.readRawLine()
DEBUG 10:17:30 HttpParser - enter
HttpParser.readLine(InputStream,
String)
DEBUG 10:17:30 HttpParser - enter
HttpParser.readRawLine()
DEBUG 10:17:30 HttpParser - enter
HttpParser.readLine(InputStream,
String)
DEBUG 10:17:30 HttpParser - enter
HttpParser.readRawLine()
DEBUG 10:17:30 Wire - << "Date: Mon, 02 Oct 2006
14:17:29 GMT[\r][\n]"
DEBUG 10:17:30 Wire - << "Content-Type:
text/html[\r][\n]"
DEBUG 10:17:30 Wire - << "Connection: close[\r][\n]"
DEBUG 10:17:30 Wire - << "Server:
Netscape-Enterprise/6.0[\r][\n]"
DEBUG 10:17:30 Wire - << "WWW-authenticate: basic
realm="WWW.FOO.COM/apps -
Enter AKO Username and Password
[09:17:30:2551]"[\r][\n]"
DEBUG 10:17:30 Wire - << "Set-Cookie: SMCHALLENGE=YES;
path=/;
domain=.foo.com[\r][\n]"
DEBUG 10:17:30 Wire - << "Via: 1.1 ROC-CTNOSC
(NetCache
NetApp/6.0.3P2)[\r][\n]"
DEBUG 10:17:30 HttpMethodBase - enter
HttpMethodBase.processResponseHeaders(HttpState,
HttpConnection)
DEBUG 10:17:30 CookieSpecBase - enter
CookieSpecBase.parse(String,
port,
path, boolean, String)
DEBUG 10:17:30 CookieSpecBase - enter
CookieSpecBase.parse(String,
port,
path, boolean, Header)
DEBUG 10:17:30 HeaderElement - enter
HeaderElement.parseElements(char[])
DEBUG 10:17:31 Cookie - enter Cookie(String, String,
String, String,
Date,
boolean)
DEBUG 10:17:31 RFC2109Spec - enter
RFC2109Spec.validate(String, int,
String,
boolean, Cookie)
DEBUG 10:17:31 CookieSpecBase - enter
CookieSpecBase.validate(String,
port,
path, boolean, Cookie)
DEBUG 10:17:31 HttpState - enter
HttpState.addCookie(Cookie)
DEBUG 10:17:31 RFC2109Spec - enter
RFC2109Spec.formatCookie(Cookie)
DEBUG 10:17:31 HttpMethodBase - Cookie accepted:
"$Version=0;
SMCHALLENGE=YES; $Path=/; $Domain=.foo.mil"
DEBUG 10:17:31 HttpMethodBase - enter
HttpMethodBase.readResponseBody(HttpState,
HttpConnection)
DEBUG 10:17:31 HttpMethodBase - enter
HttpMethodBase.readResponseBody(HttpConnection)
DEBUG 10:17:31 HttpConnection - enter
HttpConnection.getResponseInputStream()
DEBUG 10:17:31 HttpMethodBase - enter
HttpMethodBase.canResponseHaveBody(int)
DEBUG 10:17:31 HttpMethodDirector - Authorization
required
DEBUG 10:17:31 HttpMethodDirector - enter
HttpMethodBase.processAuthenticationResponse(HttpState,
HttpConnection)
DEBUG 10:17:31 AuthChallengeProcessor - Supported
authentication
schemes in
the order of preference: [ntlm, digest, basic]
DEBUG 10:17:31 AuthChallengeProcessor - Challenge for
ntlm
authentication
scheme not available
DEBUG 10:17:31 AuthChallengeProcessor - Challenge for
digest
authentication
scheme not available
INFO 10:17:31 AuthChallengeProcessor - basic
authentication scheme
selected
DEBUG 10:17:31 AuthChallengeProcessor - Using
authentication scheme:
basic
DEBUG 10:17:31 AuthChallengeProcessor - Authorization
challenge
processed
DEBUG 10:17:31 HttpMethodDirector - Authentication
scope: BASIC
'WWW.FOO.COM/apps <WWW.FOO.COM/apps> - Enter AKO
Username and Password
[09:17:30:2551]'@www.foo.com:443
DEBUG 10:17:31 HttpState - enter
HttpState.getCredentials(AuthScope)
DEBUG 10:17:31 HttpMethodDirector - Credentials
required
DEBUG 10:17:31 HttpMethodDirector - Credentials
provider not available
INFO 10:17:31 HttpMethodDirector - No credentials
available for BASIC
'WWW>FOO>COM/apps - Enter AKO Username and Password
[09:17:30:2551]'@www.foo.com:443
------ RC = 401
WARN 10:17:35 HttpMethodBase - Going to buffer
response body of large
or
unknown size. Using getResponseBodyAsStream instead is
recommended.
DEBUG 10:17:35 HttpMethodBase - Buffering response
body
DEBUG 10:17:35 Wire - << "<HTML><HEAD><TITLE>401:
Access
Denied</TITLE></HEAD>[\n]"
DEBUG 10:17:35 Wire - << "<BODY><H1>401: Access
Denied</H1>[\n]"
DEBUG 10:17:35 Wire - << "Proper authorization is
required for this
area.
Either your browser does not perform authorization, or
your
authorization
has failed.[\n]"
DEBUG 10:17:35 Wire - << "</BODY></HTML>"
DEBUG 10:17:35 HttpMethodBase - Should close
connection in response to
directive: close
DEBUG 10:17:35 HttpConnection - enter
HttpConnection.close()
DEBUG 10:17:35 HttpConnection - enter
HttpConnection.closeSockedAndStreams()
DEBUG 10:17:35 HttpConnection - enter
HttpConnection.releaseConnection()
DEBUG 10:17:35 HttpConnection - Releasing connection
back to connection
manager.
DEBUG 10:17:35 HttpMethodBase - enter
getContentCharSet( Header
contentheader )
DEBUG 10:17:35 HeaderElement - enter
HeaderElement.parseElements(String)
DEBUG 10:17:35 HeaderElement - enter
HeaderElement.parseElements(char[])
DEBUG 10:17:35 HeaderElement - enter
HeaderElement.getParameterByName(String)
DEBUG 10:17:35 HttpMethodBase - Default charset used:
ISO-8859-1
<HTML><HEAD><TITLE>401: Access Denied</TITLE></HEAD>
<BODY><H1>401: Access Denied</H1>
Proper authorization is required for this area. Either
your browser
does not
perform authorization, or your authorization has
failed.
</BODY></HTML>
2. We have implemented SSO with SiteMinder
User authenticated and logon to the main site,
user can click on the links from the main site (which
is also protected by siteminder) but without having
to authenticated again.
We would like to use httpclient to connect to the
other links from the main site, how do I tell
httpclient to use the existing
session information from the main site to avoid
SiteMinder authentication again.
Thanks in advance.
Regards
Wilson Wong
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
Re: httpclient and siteminder
Posted by Roland Weber <ht...@dubioso.net>.
Hello Wilson,
> We would like to use httpclient to connect to the
> other links from the main site, how do I tell
> httpclient to use the existing session information
> from the main site to avoid SiteMinder authentication
It's either the session cookie itself, or SiteMinder
sets an additional authentication cookie (similar to
the LTPA cookie used by IBM software). If you use the
same HttpState for your requests, the cookies should
be sent correctly. See also our primer:
http://wiki.apache.org/jakarta-httpclient/ForAbsoluteBeginners
hope that helps,
Roland
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
Re: httpclient and siteminder
Posted by wilson wong <ws...@yahoo.com>.
Hi Roland,
Change to "new AuthScope("www.foo.com", 443)" as
suggested by you it worked! Thanks so much
I have second question :)
We have implemented SSO with SiteMinder
User authenticated and logon to the main site, user
can click on the other links (via href) from the main
site which is also protected by siteminder but without
having to authenticated again.
We would like to use httpclient to connect to the
other links from the main site, how do I tell
httpclient to use the existing session information
from the main site to avoid SiteMinder authentication
again. Thanks for your time
Regards
Wilson
--- Roland Weber <ht...@dubioso.net> wrote:
> Hello Wilson,
>
> > hc.getState().setCredentials(new
> > AuthScope("https://www.foo.com/apps", 443),
>
> That authentication scope does not make any sense.
> Please read the JavaDocs:
>
http://jakarta.apache.org/commons/httpclient/apidocs/org/apache/commons/httpclient/auth/AuthScope.html
>
> What you are passing as "host" is not a host at all.
> Either register the default credentials with scope
> AuthScope.ANY or use the constructor correctly:
> new AuthScope("www.foo.com", 443)
>
> hope that helps,
> Roland
>
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> httpclient-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail:
> httpclient-user-help@jakarta.apache.org
>
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
Re: httpclient and siteminder
Posted by Roland Weber <ht...@dubioso.net>.
Hello Wilson,
> hc.getState().setCredentials(new
> AuthScope("https://www.foo.com/apps", 443),
That authentication scope does not make any sense.
Please read the JavaDocs:
http://jakarta.apache.org/commons/httpclient/apidocs/org/apache/commons/httpclient/auth/AuthScope.html
What you are passing as "host" is not a host at all.
Either register the default credentials with scope
AuthScope.ANY or use the constructor correctly:
new AuthScope("www.foo.com", 443)
hope that helps,
Roland
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org