hc-httpclient-users mailing list archives

Site index · List index

Message view	« Date » · « Thread »
Top	« Date » · « Thread »
From	"Jignesh Malkan" <JMal...@axeda.com>
Subject	Need help with ProxyClient tunneling through authenticating proxy
Date	Fri, 08 Aug 2008 15:33:50 GMT
Hi, I am new to HttpClient and I am trying to open a Socket connection from Applet to the Server tunneling through the ISA proxy. Proxy client works fine with Non-Authenticating Proxy but it fails when I turn on "basic" or "Integrated" (NTLM) authentication. I have spent a good amount of time and have not made much progress. So I decided to call help from experts :-) I am using httpclient-3.0.1 and client machine will have a JRE version >=1.5 Here is my code flow: 1. I detect proxy using ProxySelector.getDefault().select(new URI(uri)); 2. I set the System properties for https.proxySet=true, https.proxyHost=proxyHost, https.proxyPort=proxyPort 3. Next set these properties into TunnelBean and pass this to the following method: public static Socket getTunnelSocket(String host, int port, TunnelBean tunnelBean) { Socket socket = null; if (tunnelBean != null) { Logger.info("Setting debug on for HttpClient"); System.setProperty("org.apache.commons.logging.Log", "org.apache.commons.logging.impl.SimpleLog"); System.setProperty("org.apache.commons.logging.simplelog.showdatetime", "true"); System.setProperty("org.apache.commons.logging.simplelog.log.httpclient. wire.header", "debug"); System.setProperty("org.apache.commons.logging.simplelog.log.httpclient. wire", "debug"); System.setProperty("org.apache.commons.logging.simplelog.log.org.apache. commons.httpclient", "debug"); ProxyClient proxyclient = new ProxyClient(); HttpClientParams httpClientParams = proxyclient.getParams(); List<String> authPreferenceList = new ArrayList<String>(3); authPreferenceList.add(AuthPolicy.NTLM); authPreferenceList.add(AuthPolicy.DIGEST); authPreferenceList.add(AuthPolicy.BASIC); httpClientParams.setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, authPreferenceList); //httpClientParams.setAuthenticationPreemptive(true); Logger.info("Setting the GAS Server host and port into proxyclient"); proxyclient.getHostConfiguration().setHost(host, port, "https"); Logger.info("proxyclient=" + proxyclient); Logger.info("param host=" + host + "port=" + port); Logger.info("proxyclient host=" + proxyclient.getHostConfiguration().getHost()); Logger.info("proxyclient hos turl=" + proxyclient.getHostConfiguration().getHostURL()); Logger.info("Setting the proxy host and port into proxyclient"); proxyclient.getHostConfiguration().setProxy(tunnelBean.getHost(), tunnelBean.getPort()); Logger.info("Setting the proxy credentials, only necessary for authenticating proxies"); AuthScope authScope = new AuthScope(tunnelBean.getHost(), tunnelBean.getPort(), null); Credentials credentials = new NTCredentials(tunnelBean.getUserName(), tunnelBean.getPassword(), tunnelBean.getUserIp(), tunnelBean.getDomain()); //credentials = new UsernamePasswordCredentials(tunnelBean.getUserName(), tunnelBean.getPassword()); Logger.info("authScope=" + authScope); Logger.info("Credentials=" + credentials); proxyclient.getState().setProxyCredentials(authScope, credentials); try { Logger.info("About to call proxyclient.connect()"); ProxyClient.ConnectResponse response = proxyclient.connect(); Logger.info("The proxyclient.connect() response is " + response); socket = response.getSocket(); if (socket == null) { // the proxy connect was not successful, check connect method for reasons why Logger.error(response.getConnectMethod().getResponseBodyAsString()); Logger.error("ProxyClient Connect failed: " + response.getConnectMethod().getStatusLine()); } } catch (Exception ex) { socket = null; Logger.error("ProxyClient Connect failed: ", ex); } } return socket; } As you could see I have turned on Debug and here is the log. I seems to me as if ProxyClient is not sending credential info to the Proxy Server. I have replaced actual values with word which are marked in red 2008/08/07 09:52:58:140 EDT [DEBUG] HttpConnection - Open connection to proxyHost: proxyPort 2008/08/07 09:52:58:156 EDT [DEBUG] header - >> "CONNECT remoteHost:remotePort HTTP/1.1" 2008/08/07 09:52:58:156 EDT [DEBUG] HttpMethodBase - Adding Host request header 2008/08/07 09:52:58:156 EDT [DEBUG] header - >> "User-Agent: Jakarta Commons-HttpClient/3.0.1[\r][\n]" 2008/08/07 09:52:58:156 EDT [DEBUG] header - >> "Host: remoteServerName [\r][\n]" 2008/08/07 09:52:58:156 EDT [DEBUG] header - >> "Proxy-Connection: Keep-Alive[\r][\n]" 2008/08/07 09:52:58:156 EDT [DEBUG] header - >> "[\r][\n]" 2008/08/07 09:52:58:156 EDT [DEBUG] header - << "HTTP/1.1 407 Proxy Authentication Required ( The ISA Server requires authorization to fulfill the request. Access to the Web Proxy filter is denied. )[\r][\n]" 2008/08/07 09:52:58:156 EDT [DEBUG] header - << "Via: 1.1 proxyServerName[\r][\n]" 2008/08/07 09:52:58:156 EDT [DEBUG] header - << "Proxy-Authenticate: Negotiate[\r][\n]" 2008/08/07 09:52:58:156 EDT [DEBUG] header - << "Proxy-Authenticate: Kerberos[\r][\n]" 2008/08/07 09:52:58:156 EDT [DEBUG] header - << "Proxy-Authenticate: NTLM[\r][\n]" 2008/08/07 09:52:58:156 EDT [DEBUG] header - << "Connection: close[\r][\n]" 2008/08/07 09:52:58:156 EDT [DEBUG] header - << "Proxy-Connection: close[\r][\n]" 2008/08/07 09:52:58:156 EDT [DEBUG] header - << "Pragma: no-cache[\r][\n]" 2008/08/07 09:52:58:156 EDT [DEBUG] header - << "Cache-Control: no-cache[\r][\n]" 2008/08/07 09:52:58:156 EDT [DEBUG] header - << "Content-Type: text/html[\r][\n]" 2008/08/07 09:52:58:156 EDT [DEBUG] header - << "Content-Length: 724[\r][\n]" 2008/08/07 09:52:58:156 EDT [DEBUG] ConnectMethod - CONNECT status code 407 2008/08/07 09:52:58:156 EDT [DEBUG] HttpMethodDirector - Authorization required 2008/08/07 09:52:58:156 EDT [DEBUG] AuthChallengeProcessor - Supported authentication schemes in the order of preference: [NTLM, Digest, Basic] 2008/08/07 09:52:58:156 EDT [INFO] AuthChallengeProcessor - NTLM authentication scheme selected 2008/08/07 09:52:58:156 EDT [DEBUG] AuthChallengeProcessor - Using authentication scheme: ntlm 2008/08/07 09:52:58:156 EDT [DEBUG] AuthChallengeProcessor - Authorization challenge processed 2008/08/07 09:52:58:156 EDT [DEBUG] HttpMethodDirector - Proxy authentication scope: NTLM <any realm>@ proxyHost: proxyPort 2008/08/07 09:52:58:156 EDT [DEBUG] HttpMethodDirector - Retry authentication 2008/08/07 09:52:58:156 EDT [DEBUG] content - << "<HTML><HEAD><TITLE>Error Message</TITLE>[\r][\n]" 2008/08/07 09:52:58:156 EDT [DEBUG] content - << "<META http-equiv=Content-Type content="text/html; charset=windows-1252">[\r][\n]" 2008/08/07 09:52:58:156 EDT [DEBUG] content - << "<BODY>[\r][\n]" 2008/08/07 09:52:58:156 EDT [DEBUG] content - << "<TABLE><TR><TD id=L_dt_1><B>Network Access Message: The page cannot be displayed<B></TR></TABLE>[\r][\n]" 2008/08/07 09:52:58:156 EDT [DEBUG] content - << "<TABLE><TR><TD height=15></TD></TR></TABLE>[\r][\n]" 2008/08/07 09:52:58:156 EDT [DEBUG] content - << "<TABLE>[\r][\n]" 2008/08/07 09:52:58:156 EDT [DEBUG] content - << "<TR><TD id=L_dt_2>Technical Information (for Support personnel)[\r][\n]" 2008/08/07 09:52:58:156 EDT [DEBUG] content - << "<UL>[\r][\n]" 2008/08/07 09:52:58:171 EDT [DEBUG] content - << "<LI id=L_dt_3>Error Code: 407 Proxy Authentication Required. The ISA Server requires authorization to fulfill the request. Access to the Web Proxy filter is denied. (12209)[\r][\n]" 2008/08/07 09:52:58:171 EDT [DEBUG] content - << "<LI id=L_dt_4>IP Address: proxyHost[\r][\n]" 2008/08/07 09:52:58:171 EDT [DEBUG] content - << "<LI id=L_dt_5>Date: 8/7/2008 1:52:58 PM [GMT][\r][\n]" 2008/08/07 09:52:58:171 EDT [DEBUG] content - << "<LI id=L_dt_6>Server: proxyServerName [\r][\n]" 2008/08/07 09:52:58:171 EDT [DEBUG] content - << "<LI id=L_dt_7>Source: proxy[\r][\n]" 2008/08/07 09:52:58:171 EDT [DEBUG] content - << "</UL></TD></TR></TABLE></BODY></HTML>[\r][\n]" 2008/08/07 09:52:58:171 EDT [DEBUG] HttpMethodBase - Should close connection in response to directive: close 2008/08/07 09:52:58:171 EDT [DEBUG] HttpConnection - Connection is locked. Call to releaseConnection() ignored. 2008/08/07 09:52:58:171 EDT [DEBUG] HttpConnection - Open connection to proxyHost: proxyPort 2008/08/07 09:52:58:171 EDT [DEBUG] header - >> "CONNECT remoteHost:remotePort HTTP/1.1" 2008/08/07 09:52:58:171 EDT [DEBUG] HttpMethodBase - Adding Host request header 2008/08/07 09:52:58:171 EDT [DEBUG] header - >> "User-Agent: Jakarta Commons-HttpClient/3.0.1[\r][\n]" 2008/08/07 09:52:58:171 EDT [DEBUG] header - >> "Proxy-Connection: Keep-Alive[\r][\n]" 2008/08/07 09:52:58:171 EDT [DEBUG] header - >> "Host: remoteServerName[\r][\n]" 2008/08/07 09:52:58:171 EDT [DEBUG] header - >> "[\r][\n]" 2008/08/07 09:52:58:171 EDT [DEBUG] header - << "HTTP/1.1 407 Proxy Authentication Required ( The ISA Server requires authorization to fulfill the request. Access to the Web Proxy filter is denied. )[\r][\n]" 2008/08/07 09:52:58:171 EDT [DEBUG] header - << "Via: 1.1 ACTUATESERVER[\r][\n]" 2008/08/07 09:52:58:171 EDT [DEBUG] header - << "Proxy-Authenticate: Negotiate[\r][\n]" 2008/08/07 09:52:58:171 EDT [DEBUG] header - << "Proxy-Authenticate: Kerberos[\r][\n]" 2008/08/07 09:52:58:171 EDT [DEBUG] header - << "Proxy-Authenticate: NTLM[\r][\n]" 2008/08/07 09:52:58:171 EDT [DEBUG] header - << "Connection: close[\r][\n]" 2008/08/07 09:52:58:171 EDT [DEBUG] header - << "Proxy-Connection: close[\r][\n]" 2008/08/07 09:52:58:171 EDT [DEBUG] header - << "Pragma: no-cache[\r][\n]" 2008/08/07 09:52:58:171 EDT [DEBUG] header - << "Cache-Control: no-cache[\r][\n]" 2008/08/07 09:52:58:171 EDT [DEBUG] header - << "Content-Type: text/html[\r][\n]" 2008/08/07 09:52:58:171 EDT [DEBUG] header - << "Content-Length: 724[\r][\n]" 2008/08/07 09:52:58:171 EDT [DEBUG] ConnectMethod - CONNECT status code 407 2008/08/07 09:52:58:171 EDT [DEBUG] HttpMethodDirector - Authorization required 2008/08/07 09:52:58:171 EDT [DEBUG] AuthChallengeProcessor - Using authentication scheme: ntlm 2008/08/07 09:52:58:171 EDT [DEBUG] AuthChallengeProcessor - Authorization challenge processed 2008/08/07 09:52:58:171 EDT [DEBUG] HttpMethodDirector - Proxy authentication scope: NTLM <any realm>@ proxyHost: proxyPort 2008/08/07 09:52:58:171 EDT [DEBUG] HttpMethodDirector - Proxy credentials required 2008/08/07 09:52:58:171 EDT [DEBUG] HttpMethodDirector - Proxy credentials provider not available 2008/08/07 09:52:58:171 EDT [INFO] HttpMethodDirector - Failure authenticating with NTLM <any realm>@ proxyHost: proxyPort INFO: 2008-08-07 09:52:58,171 : The proxyclient.connect() response is org.apache.commons.httpclient.ProxyClient$ConnectResponse@1f03691 2008/08/07 09:52:58:171 EDT [DEBUG] HttpMethodBase - Buffering response body ERROR: 2008-08-07 09:52:58,171 : ProxyClient Connect failed: Stream closed java.io.IOException: Stream closed at java.io.BufferedInputStream.getBufIfOpen(Unknown Source) at java.io.BufferedInputStream.read(Unknown Source) at org.apache.commons.httpclient.WireLogInputStream.read(WireLogInputStream .java:68) at org.apache.commons.httpclient.ContentLengthInputStream.read(ContentLengt hInputStream.java:169) at java.io.FilterInputStream.read(Unknown Source) at org.apache.commons.httpclient.AutoCloseInputStream.read(AutoCloseInputSt ream.java:107) at java.io.FilterInputStream.read(Unknown Source) at org.apache.commons.httpclient.AutoCloseInputStream.read(AutoCloseInputSt ream.java:126) at org.apache.commons.httpclient.HttpMethodBase.getResponseBody(HttpMethodB ase.java:684) at org.apache.commons.httpclient.HttpMethodBase.getResponseBodyAsString(Htt pMethodBase.java:735) I thank you in advance for the help. Jiggy.
Mime	Unnamed multipart/alternative (inline, None, 0 bytes) Unnamed text/plain (inline, Quoted Printable, 12295 bytes)
	View raw message