hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "MENNO ANGELO \(Esterno\)" <A.ME...@agosweb.it>
Subject R: Proxy ssl problem
Date Fri, 27 Jan 2006 11:36:11 GMT
>This is likely to be due to the 'stale' connection check. If you think
>this may be the cause of some problems, disable the 'stale' connection
>check.
>
>For details see
>http://jakarta.apache.org/commons/httpclient/performance.html#Stale%
>20connection%20check

done, it works, great!

>What cookie policy have you been using?

I tried all 4 options, Default, Compatibility, Netscape, RFC_2109.
different headers, same wrong results and behavior.

There is a strange fact,
I'm logging headers in post-excecution :
for (int i = 0; i < post.getRequestHeaders().length; i++)
	System.out.println("post Headers : " + post.getRequestHeaders()[i].getName() + ", " + post.getRequestHeaders()[i].getValue());

next, I log the cookies :
Cookie[] cookies = httpclient.getState().getCookies();
for (int i = 0; i < cookies.size(); i++) {
	System.out.println("cookieName[" + i + "] = " + cookies[i].getName() + ", cookieValue[" +
i + "] = " + cookies[i].getValue());
}

ibveSession value is different, and the header one is correct (the one i posted before in
request phase, i suppose).

Thanks,
Tyler

-----Messaggio originale-----
Da: Oleg Kalnichevski [mailto:olegk@apache.org] 
Inviato: venerdì 27 gennaio 2006 11.33
A: HttpClient User Discussion
Cc: MENNO ANGELO (Esterno)
Oggetto: Re: Proxy ssl problem

On Fri, 2006-01-27 at 10:39 +0100, MENNO ANGELO (Esterno) wrote:
> Hi,
> i'm trying to use httpClient to connect my bank site.
> I 'have a proxy and the bank site use the https protocol.
> Login process give me an Ok Response and a javascript redirect to
> another page.
> I follow that redirect and it give me another redirect.
> This second one take me to a new home page with a login button! (it is
> different from the first home page).
>  
> If i try to get a know internal page it give me an error one with
> message "Session expired. You have to reconnect"
>  
> By Dolphin browser i discovered that the first redirect is correct
> (login is ok), not the second.
>  
> By Netscape broser i saw that :
> - the session cookie are 3, called ibveSession, Ibno0Session, SHARK.
> - connection is AES-256 256 bit of encryption grade.
>  
> -My httpClient the sequense is :
> - call the http home page, it give me the ibveSession with a value, for
> example A.
> - call the https login link, simulating the login form.
> - response is ok, ibveSession is still A and the new Ibno0Session cookie
> is obtained.
> - follow the redirect, ibveSession is changed (sic!), Ibno0Session
> remains the same (sic sic!!).
>  
> Using debug and -Djavax.net.debug=all options, i don't find errors, just
> :
> AWT-EventQueue-0, setSoTimeout(1) called
> AWT-EventQueue-0, handling exception: java.net.SocketTimeoutException:
> Read timed out
> AWT-EventQueue-0, setSoTimeout(0) called
> 

This is likely to be due to the 'stale' connection check. If you think
this may be the cause of some problems, disable the 'stale' connection
check.

For details see
http://jakarta.apache.org/commons/httpclient/performance.html#Stale%
20connection%20check

> 
> that seems to be right cause it is followed by a correct comunication.
>  
> I have put my attention on html post parameters and everything seems to
> be ok.
>  
> I tried to give them a wrong User/password and it correctly give me an
> error page.
>  
> I conclude that the problem is at cookie/session level.
>  
> I have no more ideas so i try with your help.
>  
> Does httpclient support 256 encription rate?

HttpClient relies on JSSE for the SSL/TLS support. Any encryption
algorithm supported by JVM's JSSE providers can be used by HttpClient.

For details see
http://jakarta.apache.org/commons/httpclient/sslguide.html

> Does httpclient support 3 session cookies?
>  

HttpClient supports infinite number of cookies (limited only by the size
of the JVM's heap)

What cookie policy have you been using?

For details see 
http://jakarta.apache.org/commons/httpclient/cookies.html

Oleg

> thanks,
> Tyler
>  
> ps: Dolphin doesn't use httpClient... :|
>  
> 
> -----------------------------------------------------------------------------------------
> 
> Il contenuto del messaggio e di ogni suo allegato e' da ritenersi riservato e confidenziale
ed e' indirizzato esclusivamente al destinatario. Chi ricevesse il presente messaggio senza
esserne l'effettivo destinatario e' tenuto a non divulgarlo, diffonderlo o riprodurlo in alcun
modo. 
> 
> Qualora abbiate ricevuto la presente comunicazione per errore siete pregati di rispedirla
al mittente e di cancellare il messaggio originale dal Vostro sistema di posta elettronica.
Grazie
> 
> Agos S.p.A.
> via Bernina, 7
> 20158 MILANO


-----------------------------------------------------------------------------------------

Il contenuto del messaggio e di ogni suo allegato e' da ritenersi riservato e confidenziale
ed e' indirizzato esclusivamente al destinatario. Chi ricevesse il presente messaggio senza
esserne l'effettivo destinatario e' tenuto a non divulgarlo, diffonderlo o riprodurlo in alcun
modo. 

Qualora abbiate ricevuto la presente comunicazione per errore siete pregati di rispedirla
al mittente e di cancellare il messaggio originale dal Vostro sistema di posta elettronica.
Grazie

Agos S.p.A.
via Bernina, 7
20158 MILANO


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org


Mime
View raw message