hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From RossW <rosshwal...@gmail.com>
Subject Re: SSL Site
Date Tue, 24 Apr 2007 11:22:00 GMT



olegk wrote:
> 
> On Sun, 2007-04-22 at 17:04 -0700, RossW wrote:
>> 
>> olegk wrote:
>> > 
>> > 
>> > Ross,
>> > 
>> > (1) What is the version of JRE you are using?  
>> > 
>> > (2) Please post a _complete_ wire log of the HTTP session. Feel free to
>> > obfuscate whatever details you deem sensitive. The information given so
>> > far is simply not sufficient to identify the cause of the problem.
>> > 
>> > Oleg
>> > 
>> > 
>> >> 
>> > 
>> > 
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
>> > For additional commands, e-mail:
>> httpclient-user-help@jakarta.apache.org
>> > 
>> > 
>> > 
>> 
>> Hi thanks for your help...Here is the output from the logging.
>> 
>> <pre>
>> 2007/04/23 09:55:26:968 EST [DEBUG] HttpClient - Java version: 1.6.0
>> 2007/04/23 09:55:26:968 EST [DEBUG] HttpClient - Java vendor: Sun
>> Microsystems Inc.
>> 2007/04/23 09:55:26:968 EST [DEBUG] HttpClient - Java class path:
>> C:\Documents and Settings\User\Workspace\HTTPDApp;C:\Program
>> Files\eclipse\plugins\org.eclipse.swt.win32.win32.x86_3.2.2.v3235a.jar
>> 2007/04/23 09:55:26:984 EST [DEBUG] HttpClient - Operating system name:
>> Windows XP
>> 2007/04/23 09:55:26:984 EST [DEBUG] HttpClient - Operating system
>> architecture: x86
>> 2007/04/23 09:55:26:984 EST [DEBUG] HttpClient - Operating system
>> version:
>> 5.1
>> 2007/04/23 09:55:27:062 EST [DEBUG] HttpClient - SUN 1.6: SUN (DSA
>> key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom;
>> X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX
>> CertPathBuilder; LDAP, Collection CertStores, JavaPolicy Policy;
>> JavaLoginConfig Configuration)
>> 2007/04/23 09:55:27:062 EST [DEBUG] HttpClient - SunRsaSign 1.5: Sun RSA
>> signature provider
>> 2007/04/23 09:55:27:062 EST [DEBUG] HttpClient - SunJSSE 1.6: Sun JSSE
>> provider(PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
>> 2007/04/23 09:55:27:078 EST [DEBUG] HttpClient - SunJCE 1.6: SunJCE
>> Provider
>> (implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE,
>> Diffie-Hellman, HMAC)
>> 2007/04/23 09:55:27:093 EST [DEBUG] HttpClient - SunJGSS 1.0: Sun
>> (Kerberos
>> v5, SPNEGO)
>> 2007/04/23 09:55:27:093 EST [DEBUG] HttpClient - SunSASL 1.5: Sun SASL
>> provider(implements client mechanisms for: DIGEST-MD5, GSSAPI, EXTERNAL,
>> PLAIN, CRAM-MD5; server mechanisms for: DIGEST-MD5, GSSAPI, CRAM-MD5)
>> 2007/04/23 09:55:27:093 EST [DEBUG] HttpClient - XMLDSig 1.0: XMLDSig
>> (DOM
>> XMLSignatureFactory; DOM KeyInfoFactory)
>> 2007/04/23 09:55:27:093 EST [DEBUG] HttpClient - SunPCSC 1.6: Sun PC/SC
>> provider
>> 2007/04/23 09:55:27:093 EST [DEBUG] HttpClient - SunMSCAPI 1.6: Sun's
>> Microsoft Crypto API provider
>> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
>> http.useragent = Jakarta Commons-HttpClient/3.1-alpha1
>> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
>> http.protocol.version = HTTP/1.1
>> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
>> http.connection-manager.class = class
>> org.apache.commons.httpclient.SimpleHttpConnectionManager
>> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
>> http.protocol.cookie-policy = default
>> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
>> http.protocol.element-charset = US-ASCII
>> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
>> http.protocol.content-charset = ISO-8859-1
>> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
>> http.method.retry-handler =
>> org.apache.commons.httpclient.DefaultHttpMethodRetryHandler@c3c315
>> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
>> http.dateparser.patterns = [EEE, dd MMM yyyy HH:mm:ss zzz, EEEE,
>> dd-MMM-yy
>> HH:mm:ss zzz, EEE MMM d HH:mm:ss yyyy, EEE, dd-MMM-yyyy HH:mm:ss z, EEE,
>> dd-MMM-yyyy HH-mm-ss z, EEE, dd MMM yy HH:mm:ss z, EEE dd-MMM-yyyy
>> HH:mm:ss
>> z, EEE dd MMM yyyy HH:mm:ss z, EEE dd-MMM-yyyy HH-mm-ss z, EEE dd-MMM-yy
>> HH:mm:ss z, EEE dd MMM yy HH:mm:ss z, EEE,dd-MMM-yy HH:mm:ss z,
>> EEE,dd-MMM-yyyy HH:mm:ss z, EEE, dd-MM-yyyy HH:mm:ss z]
>> 2007/04/23 09:55:27:093 EST [DEBUG] HttpConnection - Open connection to
>> www.securesite.com:443
>> 2007/04/23 09:55:48:359 EST [DEBUG] HttpMethodDirector - Closing the
>> connection.
>> 2007/04/23 09:55:48:359 EST [INFO] HttpMethodDirector - I/O exception
>> (java.net.ConnectException) caught when processing request: Connection
>> timed
>> out: connect
>> 2007/04/23 09:55:48:359 EST [DEBUG] HttpMethodDirector - Connection timed
>> out: connect <java.net.ConnectException: Connection timed out:
>> connect>java.net.ConnectException: Connection timed out: connect
>> 	at java.net.PlainSocketImpl.socketConnect(Native Method)
>> 	at java.net.PlainSocketImpl.doConnect(Unknown Source)
>> 	at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
>> 	at java.net.PlainSocketImpl.connect(Unknown Source)
>> 	at java.net.SocksSocketImpl.connect(Unknown Source)
>> 	at java.net.Socket.connect(Unknown Source)
>> 	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(Unknown Source)
>> 	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.<init>(Unknown Source)
>> 	at
>> com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl.createSocket(Unknown
>> Source)
>> 	at
>> org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.createSocket(Unknown
>> Source)
>> 	at
>> org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.createSocket(Unknown
>> Source)
>> 	at org.apache.commons.httpclient.HttpConnection.open(Unknown Source)
>> 	at
>> org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown
>> Source)
>> 	at
>> org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown
>> Source)
>> 	at org.apache.commons.httpclient.HttpClient.executeMethod(Unknown
>> Source)
>> 	at org.apache.commons.httpclient.HttpClient.executeMethod(Unknown
>> Source)
>> 
>> <removed trace from here down>
>> 
>> 2007/04/23 09:55:48:359 EST [INFO] HttpMethodDirector - Retrying request
>> 2007/04/23 09:55:48:359 EST [DEBUG] HttpConnection - Open connection to
>> www.securesite.com:443
>> 
>> So just to add to this posting ill give your some info about what i am
>> trying to do again.  I have a secure site with with basic authentication
>> that i need to access.  I can get my app to access a non SSL site with
>> basic
>> authent without any probs but have been unable to do the same with a
>> particular intra network SSL site.  Here is the code i have to deal with
>> the
>> certificates as well:
>> 
> 
> Ross,
> 
> This appears to be some kind of connectivity problem. Is this an
> intranet or internet site? Can you establish a connection to that site
> using a browser? 
> 
> You do not explicitly set a connect timeout value, so JRE the default
> one applies. Try explicitly setting the connect timeout value to
> something like 10 min and see what happens. 
> 
> Oleg
> 
> 
>> 	    TrustManager[] trustAllCerts = new TrustManager[]{
>> 	        new X509TrustManager() {
>> 	            public java.security.cert.X509Certificate[]
>> getAcceptedIssuers() {
>> 	                return null;
>> 	            }
>> 	            public void checkClientTrusted(
>> 	                java.security.cert.X509Certificate[] certs, String
>> authType) {
>> 	            }
>> 	            public void checkServerTrusted(
>> 	                java.security.cert.X509Certificate[] certs, String
>> authType) {
>> 	            }
>> 	        }
>> 	    };
>> 	    
>> 	    try {
>> 	    	SSLContext sc = SSLContext.getInstance("SSLv3");
>> 	        sc.init(null, trustAllCerts, new java.security.SecureRandom());
>> 	       
>> HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
>> 	    } catch (Exception e) {
>> 	    	
>> 	    	e.getMessage();
>> 	    	
>> 	    }
>> 
>> </pre>
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
> 
> 
> 

Hey thanks for the reply.  It is an intranet site but i am able to access it
ok when using my browser and the proxy server does not affect this site.  I
think i have tried setting the timeout for both the connection and the
socket to unlim and it was still failing.  I suspect somehow it is related
to the SSL but found it odd that i can connect to some SSL sites.  A friend
of mine wrote a similar program that uses HTTPCLIENT (the one written by a
chinese group cant recall there name) and the code is similar and it works
fine.  I want to the apache one because i believe it will have more ongoing
support.

Thanks.
-- 
View this message in context: http://www.nabble.com/SSL-Site-tf3509897.html#a10158787
Sent from the HttpClient-User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org


Mime
View raw message