hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: Need help with ProxyClient tunneling through authenticatingproxy
Date Mon, 11 Aug 2008 22:07:17 GMT
Jignesh Malkan wrote:
> Hi Oleg,
> 
> Thanks for the info.
> 
> I don't think #1 is possible unless I types uid/pwd wrong for 100s of
> time I tested and typed them correctly when browser prompted me when it
> downloaded applet.
> 
> I am not even able to do "Basic" authentication.
> I turned the TRACE on and found that 
> 
> HttpMethodDirectorauthenticateProxy(final HttpMethod method)
> Writes 2 of the following logs.
> 
> LOG.debug("Authenticating with " + authscope); 
> LOG.warn("Required proxy credentials not available for " + authscope);
> 
> 
> Here is the code snippet between 2 of the logs.
> 
> if (authstate.isAuthRequested() || !authscheme.isConnectionBased()) {
>             AuthScope authscope = new AuthScope(
>                 conn.getProxyHost(), conn.getProxyPort(), 
>                 authscheme.getRealm(), 
>                 authscheme.getSchemeName());  
>             if (LOG.isDebugEnabled()) {
>                 LOG.debug("Authenticating with " + authscope);
>             }
>             Credentials credentials =
> this.state.getProxyCredentials(authscope);
>             if (credentials != null) {
>                 String authstring = authscheme.authenticate(credentials,
> method);
>                 if (authstring != null) {
>                     method.addRequestHeader(new Header(PROXY_AUTH_RESP,
> authstring, true));
>                 }
>             } else {
>                 if (LOG.isWarnEnabled()) {
>                     LOG.warn("Required proxy credentials not available
> for " + authscope);
>                     if (method.getProxyAuthState().isPreemptive()) {
>                         LOG.warn("Preemptive authentication requested
> but no default " +
>                             "proxy credentials available"); 
>                     }
>                 }
>             }
>         }
> 
> It looks like Credentials credentials =
> this.state.getProxyCredentials(authscope); is returning null and that is
> why authentication is skipped.
> 
> 
> 
> This is how I am passing Credentials.
> 
> AuthScope authScope = new AuthScope(tunnelBean.getHost(),
> tunnelBean.getPort());
> Credentials credentials  = new NTCredentials(tunnelBean.getUserName(),
> tunnelBean.getPassword(),
> tunnelBean.getUserIp(), tunnelBean.getDomain());
> 
> proxyClient.getState().setProxyCredentials(authScope, credentials);
> 
> 
> Am I doing anything wrong here?
> 

Possibly the proxy host does not match any of the authentication scopes 
set in the HTTP state. I could not verify this assumption as the host 
names in the log had been obfuscated. You may want to set the 
authentication scope to ANY_HOST (null) and see if that makes any 
difference.


> 
> I upgraded from 3.0.1 to 3.1 and now I am getting following error
> "ProxyClient Connect failed: secure protocol socket factory may not be
> used"
> 

Please post a complete wire / context log of the HTTP session and the 
exception stack trace.

Oleg


> Here is how I set host.
> proxyClient.getHostConfiguration().setHost(host, port, "https");
> 
> 
> Jiggy.
> 
> -----Original Message-----
> From: Oleg Kalnichevski [mailto:olegk@apache.org] 
> Sent: Monday, August 11, 2008 1:48 PM
> To: HttpClient User Discussion
> Subject: Re: Need help with ProxyClient tunneling through
> authenticatingproxy
> 
> On Fri, 2008-08-08 at 11:33 -0400, Jignesh Malkan wrote:
>> Hi,
>>
>>  
>>
>> I am new to HttpClient and I am trying to open a Socket connection
> from
>> Applet to the Server tunneling through the ISA proxy.
>>
>>  
>>
>> Proxy client works fine with Non-Authenticating Proxy but it fails
> when
>> I turn on "basic" or "Integrated" (NTLM) authentication. I have spent
> a
>> good amount of time and have not made much progress. So I decided to
>> call help from experts :-)
>>
>>  
>>
>> I am using httpclient-3.0.1 and client machine will have a JRE version
>>> =1.5
>>  
>>
>> Here is my code flow:
>>
>> 1.	I detect proxy using ProxySelector.getDefault().select(new
>> URI(uri));
>> 2.	I set the System properties for https.proxySet=true,
>> https.proxyHost=proxyHost, https.proxyPort=proxyPort
>> 3.	Next set these properties into TunnelBean and pass this to the
>> following method:
>>
> 
> The most likely reasons are:
> (1) credentials are wrong
> (2) the proxy server has been configured to disallow NTLMv1. HttpClient
> 3.1 supports NTLMv1 only. It does not support NTLMv2.
> 
> Oleg
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> For additional commands, e-mail: httpclient-users-help@hc.apache.org
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> For additional commands, e-mail: httpclient-users-help@hc.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


Mime
View raw message