hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: Not able to send HTTPs through a proxy server
Date Wed, 05 Jan 2005 12:39:25 GMT
Hi Herman,

See my comments inline

On Tue, Jan 04, 2005 at 03:15:43PM -0800, Herman D'costa wrote:
> I have the following program, that sends a request through Apache HTTP Proxy Server with
SSL. When the HTTPs request is sent directly to the target url, get a response back successfully.
> 
> Also I have an axis client program which can send HTTPs requests through the proxy server
successfully.
> 
> However, I get the following response from the httpclient api program
> 
> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
> <html><head>
> <title>403 Forbidden</title>
> </head><body>
> <h1>Forbidden</h1>
> <p>You don't have permission to access hdcosta:9943
> on this server.</p>
> <hr>
> <address>Apache/2.0.52 (Win32) mod_ssl/2.0.52 OpenSSL/0.9.7e Server at hdcosta
Port 9943</address>
> </body></html>
>

As far as I can tell HttlClient returns a perfectly valid response 403,
which makes me belive this is a server (mis-)configuration problem.


> Also when I sniff the tcp request btw the client and proxy server, I just see HTTP headers
but no body being sent to the proxy server.
> 
> CONNECT hdcosta:9943 HTTP/1.1
> User-Agent: Jakarta Commons-HttpClient/3.0-beta1
> Host: hdcosta:9943
> Proxy-Connection: Keep-Alive
> 
> <No Body>
> 

This is exactly the way it is supposed to be. CONNECT method is not an
entity enclosing method and MAY NOT have a request body. Its sole
purpose is to establish a secure tunnel via the proxy. Once the tunnel
is up, the traffic between the client and the server gets encrypted and
thus cannot be sniffed upon (easily).


> The axis client has HTTP headers with a garbled up body.
> 
> Am I using the httpclient api wrongly? I tried using the httpclient 2.0.2 and 3.0-beta1
jars, with the same effect. Find following the program
> 

I see nothing wrong in your code, which only reenforces my belief that
this is a server side problem.

Hope this helps somewhat.

Oleg


> 
> 			HttpClient httpClient = new HttpClient();
> 			httpClient.setTimeout(readTimeout);
> 			httpClient.setConnectionTimeout(connectTimeout);
> 			
> 			HostConfiguration hostConfiguration = new HostConfiguration();
> 			
> 			if (targetProtocol.equalsIgnoreCase(PROTOCOL_HTTPS)) {
> 				HTTPsSocketFactory httpsSocketFactory = new HTTPsSocketFactory(privateKey, certChain,
trustedCAs, 					connectTimeout, readTimeout);
> 				Protocol httpsProtocol = new Protocol(targetProtocol, httpsSocketFactory, targetURL.getDefaultPort));
> 				Protocol.registerProtocol(targetProtocol, httpsProtocol);
> 			}
> 			hostConfiguration.setHost(targetHost, targetPort, targetProtocol);
> 			
> 			if (proxyServerReqd) {
> 				hostConfiguration.setProxy(proxyHost, proxyPort);
> 				
> 				if (proxyServerAuthReqd) {
> 					HttpState httpState = new HttpState();
> 					Credentials cred = new UsernamePasswordCredentials(proxyServerAuthUser, proxyServerAuthPass);
> 					httpState.setProxyCredentials(proxyServerAuthRealm, proxyHost, cred);
> 					// httpState.setAuthenticationPreemptive(true);
> 					// httpState.setCredentials(proxyServerAuthRealm, proxyHost, cred);
> 										
> 					httpClient.setState(httpState);
> 				}
> 			}	
> 			httpClient.setHostConfiguration(hostConfiguration);						
> 						
> 			PostMethod postMethod = new PostMethod(targetUrl);
> 			DefaultMethodRetryHandler retryHandler = new DefaultMethodRetryHandler();
> 			retryHandler.setRequestSentRetryEnabled(false);
> 			retryHandler.setRetryCount(retries);
> 			
> 			if (headers != null) {
> 				Set keySet = headers.keySet();
> 				Iterator it = keySet.iterator();
> 				
> 				while (it.hasNext()) {
> 					String headerName = (String) it.next();
> 					String headerValue = (String) headers.get(headerName);
> 					postMethod.addRequestHeader(headerName, headerValue);
> 				}
> 			}
> 			
> 			postMethod.setRequestBody(fis);
> 			
> 			
> 			// Execute the method.
> 			int statusCode = httpClient.executeMethod(postMethod);
> 
> 
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org


Mime
View raw message