hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bindul Bhowmik (GMail)" <bindulbhow...@gmail.com>
Subject Re: [httpclient] Tunnelling non-HTTP protocols through ProxyClient
Date Wed, 11 May 2005 14:35:00 GMT
Oleg,

I am not sure if I am missing something here. When I connect to a ftp
site using the browser, it uses the same proxy and tunnel (or am I
wrong?). Is there something else I need to do to go through the tunnel
and connect to an ftp site?

If anyone is interested I could send the code I am using to get the socket.

- Bindul

On 5/10/05, Oleg Kalnichevski <olegk@apache.org> wrote:
> Bindul,
> 
> HTTP CONNECT (aka HTTP tunneling) has been primarily designed to enable
> secure (primarily SSL) connections via HTTP proxies, hence the error
> message. There's absolutely nothing that prevents other protocols from
> being tunneled in the same manner, provided the proxy is configured to
> allow outgoing connections to a particular port. My _guess_ this
> problem caused by the ISS configuration, rather than a bug in HttpClient
> or your code
> 
> Oleg
> 
> On Tue, May 10, 2005 at 09:57:58PM +0530, Bindul Bhowmik (GMail) wrote:
> > Oleg,
> >
> > The port here is 21. I get this from the configuration of the FTP host
> > I have to connect to through the HTTP tunnel. I am not sure where the
> > SSL port comes in from!
> >
> > FYI, the proxy we use is a Microsoft ISA server requiring NTLM
> > authentication. And except for
> > > >               proxyClient.getState().setProxyCredentials(new AuthScope("proxy",
> > > > -1), credentials);
> > the rest of the piece works fine with httpclient-2.0.2 and HTTPClient
> > instead of ProxyClient, which we use to download files over HTTP in
> > the same application.
> >
> > I had to move to 3.0rc2 since ProxyClient or
> > HTTPConnection#getSocket() were not available in 2.0.2
> >
> > - Bindul
> >
> > On 5/10/05, Oleg Kalnichevski <olegk@apache.org> wrote:
> > > Bindul,
> > >
> > > > hostConfiguration.setHost(host, port, httpClientProtocol);
> > >
> > > What is the value of the port parameter? If it is not 443 are you sure
> > > the proxy has been configured to allow outgoing connections to that
> > > port?
> > >
> > > Oleg
> > >
> > > On Tue, May 10, 2005 at 08:41:05PM +0530, Bindul Bhowmik (GMail) wrote:
> > > > Hi,
> > > >
> > > > I am trying to tunnel a FTP stream over an HTTP Tunnel proxy. I am
> > > > trying to use the ProxyClient class of commons-client for that. I am
> > > > using commons-net as my FTP Client, and have written an implementation
> > > > of SocketFactory to be used for FTP connections over the Proxy.
> > > >
> > > > Inside my SocketFactory implementation, I am getting the socket from
> > > > ProxyClient.ConnectResponse#getSocket() class. The code I use is:
> > > >
> > > > <code_snip>
> > > >                 ProxyClient proxyClient = new ProxyClient();
> > > >               HostConfiguration hostConfiguration = proxyClient.getHostConfiguration();
> > > >               hostConfiguration.setHost(host, port, httpClientProtocol);
> > > >               hostConfiguration.setProxy("proxy", 8085);
> > > >               NTCredentials credentials = getNTCredentials("domain\\user",
> > > >                               "password","proxy");
> > > >
> > > >               // Set the proxy credentials
> > > >               proxyClient.getState().setProxyCredentials(new AuthScope("proxy",
> > > > -1), credentials);
> > > >
> > > >               ProxyClient.ConnectResponse response = proxyClient.connect();
> > > >               if (response.getSocket() == null) {
> > > >                       throw new IOException("Connection through proxy
could not be opened");
> > > >               }
> > > >
> > > >               return response.getSocket();
> > > > </code_snip>
> > > >
> > > > However, the getSocket() method returns null, and on setting the log
> > > > level to FINE, the last response from the Proxy says:
> > > >
> > > > <pre>
> > > > HTTP/1.1 502 Proxy Error ( The specified Secure Sockets Layer (SSL)
> > > > port is not allowed. ISA Server is not configured to allow SSL
> > > > requests from this port. Most Web browsers use port 443 for SSL
> > > > requests.  )
> > > > </pre>
> > > >
> > > > This problem is related to the ones discussed in the commons-user
> > > > threads: http://mail-archives.apache.org/mod_mbox/jakarta-commons-user/200504.mbox/%3c882a6a7e05041101351531c7d1@mail.gmail.com%3e
> > > > and http://mail-archives.apache.org/mod_mbox/jakarta-commons-user/200504.mbox/%3cOFD1167CC8.7FF51EF6-ONCA256FE8.000AFB2E@qantas.com.au%3e
> > > > Any help in solving this would be great.
> > > >
> > > > Regards,
> > > > Bindul
> > > >
> > > > ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
> > > > For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
> > > >
> > >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
> >
>

---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org


Mime
View raw message