hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: Facing connection issues with http proxy in HttpClient4.3.1
Date Thu, 21 Nov 2013 10:51:19 GMT
On Thu, 2013-11-21 at 16:13 +0530, Dhruvakumar P G wrote:
> 
> On 11/21/2013 4:06 PM, Oleg Kalnichevski wrote:
> 
> > On Thu, 2013-11-21 at 15:58 +0530, Dhruvakumar P G wrote:
> > > On 11/21/2013 2:18 PM, Oleg Kalnichevski wrote:
> > > > On Wed, 2013-11-20 at 19:30 +0530, Dhruvakumar P G wrote:
> > > > > Hello,
> > > > > 
> > > > > I have upgraded HttpClient library from 4.0.1 to 4.3.1 and using
it in
> > > > > my web application for communicating to twitter REST API service.
If I
> > > > > don't set the http proxy in web container(Glassfish2.1) and try
> > > > > connecting to twitter from my home network, HttpClient is able to
make
> > > > > https requests to twitter service.
> > > > > But if I set the http proxy in Glassfish, and try connecting to twitter
> > > > > from corporate network(I must set the proxy given by company to talk
to
> > > > > internet), HttpClient is not able to make https requests to twitter
service.
> > > > > I have been trying out different ways but none of them works :
> > > > > 1. If I set the proxy in Request configuration :
> > > > > requestConfigBuilder.setProxy(proxy). It
> > > > > throws*org.apache.http.conn.HttpConnectionHostException : Connection
> > > > > timedout*
> > > > > 2. If I set the proxy in Http client object :
> > > > > httpClientBuilder.setProxy(proxy). It throws
> > > > > *org.apache.http.conn.UnsupportedSchemeException :  http protocol
is not
> > > > > supported*
> > > > > 3. Setting the proxy the following way also didn't work :
> > > > >                   DefaultProxyRoutePlanner routePlanner = new
> > > > > DefaultProxyRoutePlanner(proxy);
> > > > > httpClientBuilder.setRoutePlanner(routePlanner)
> > > > > 
> > > > > What am I missing here ? Is there any other way that I can try out
to
> > > > > setup proxy ?
> > > > > 
> > > > Try this
> > > > 
> > > > ---
> > > > CloseableHttpClient client = HttpClients.custom()
> > > >          .setRoutePlanner(new
> > > > SystemDefaultRoutePlanner(ProxySelector.getDefault()))
> > > >          .build();
> > > > ---
> > > > 
> > > > Oleg
> > > Hi,
> > > 
> > > Thanks for your suggestion.
> > > I did more research on the issue, played with the Apache's sample java 
> > > program reference 
> > > <http://hc.apache.org/httpcomponents-client-ga/httpclient/examples/org/apache/http/examples/client/ClientExecuteProxy.java>.

> > > Snippet of my program looks like this :
> > > I have defined a TrustManager which accepts any certificates, 
> > > SocketFactoryRegistry
> > > X509TrustManager tm = new X509TrustManager() {
> > >                  @Override
> > >                  public void checkClientTrusted(X509Certificate[] 
> > > chain,String authType) {
> > >                      }
> > >                  @Override
> > >                  public void checkServerTrusted(X509Certificate[] 
> > > chain,String authType) {
> > >                      }
> > >                  @Override
> > >                  public X509Certificate[] getAcceptedIssuers() {
> > >                          return null;
> > >                      }
> > >    };
> > > Defined SocketFactoryRegistry which I pass to 
> > > PoolingHttpClientConnectionManager's constructor :
> > >      SSLConnectionSocketFactory socketFactory = null;
> > >          try {
> > >              SSLContext sslContext = 
> > > SSLContext.getInstance(SSLConnectionSocketFactory.TLS);
> > >              sslContext.init(null, new TrustManager[]{tm}, null);
> > >              socketFactory = new SSLConnectionSocketFactory(sslContext);
> > >          } catch(NoSuchAlgorithmException | KeyManagementException n) {
> > >          }
> > >          if(socketFactory == null){
> > >              socketFactory = SSLConnectionSocketFactory.getSocketFactory();
> > >          }
> > >          socketFactoryRegistry = 
> > > RegistryBuilder.<ConnectionSocketFactory>create()
> > >              .register("https", socketFactory)
> > >              .build();
> > >          target = new HttpHost("issues.apache.org", 443, "https");
> > > *   connManager = new 
> > > PoolingHttpClientConnectionManager(socketFactoryRegistry);*
> > > *httpclientBuilder.setConnectionManager(connManager);*
> > > *httpclientBuilder.setDefaultRequestConfig(RequestConfig.custom().setProxy(proxy).build());*
> > > 
> > > The above code throws *I/O exception 
> > > (org.apache.http.conn.UnsupportedSchemeException) caught when processing 
> > > request: http protocol is not supported*
> > > 
> > > If I don't pass socketFactoryRegistry to 
> > > PoolingHttpClientConnectionManager's constructor and instantiate 
> > > connection manager object:
> > > *connManager = new PoolingHttpClientConnectionManager();*
> > > This will work without any issues and sample program is able to 
> > > communicate with apache host.
> > > 
> > > if I pass socketFactoryRegistry to connection manager constructor, why 
> > > does my program fail to connect to hotst - issues.apache.org ?
> > > Why does it fail even though trust manager  trusts/accepts all 
> > > certificates ?
> > > 
> > > 
> > > Thanks & Regards,
> > > Dhruva
> > This happens because you forget to register a connection socket factory
> > for the 'http' scheme. 
> > 
> > Oleg
> > 
> Is it required to register a connection socket factory for the 'http'
> scheme, even though I use 'https' scheme to talk to host : new
> HttpHost("issues.apache.org", 443, "https")  ?
> 

Plain 'http' scheme must be used to establish an intermediate connection
to the proxy itself before 'https' tunneling could be employed.

Oleg



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message