Return-Path: Delivered-To: apmail-hc-httpclient-users-archive@www.apache.org Received: (qmail 62670 invoked from network); 11 Aug 2008 19:32:43 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 11 Aug 2008 19:32:43 -0000 Received: (qmail 56017 invoked by uid 500); 11 Aug 2008 19:32:41 -0000 Delivered-To: apmail-hc-httpclient-users-archive@hc.apache.org Received: (qmail 55998 invoked by uid 500); 11 Aug 2008 19:32:41 -0000 Mailing-List: contact httpclient-users-help@hc.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "HttpClient User Discussion" Delivered-To: mailing list httpclient-users@hc.apache.org Received: (qmail 55987 invoked by uid 99); 11 Aug 2008 19:32:41 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 11 Aug 2008 12:32:41 -0700 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: local policy) Received: from [65.202.157.181] (HELO neptune.axeda.com) (65.202.157.181) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 11 Aug 2008 19:31:46 +0000 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Subject: RE: Need help with ProxyClient tunneling through authenticatingproxy Date: Mon, 11 Aug 2008 15:34:10 -0400 Message-ID: In-Reply-To: <1218476889.7178.12.camel@ubuntu> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Need help with ProxyClient tunneling through authenticatingproxy Thread-Index: Acj72tYHuIUWBq1jSmaKXv065M+v1AABdptg X-Priority: 1 Priority: Urgent Importance: high References: <1218476889.7178.12.camel@ubuntu> From: "Jignesh Malkan" To: "HttpClient User Discussion" X-Virus-Checked: Checked by ClamAV on apache.org Hi Oleg, Thanks for the info. I don't think #1 is possible unless I types uid/pwd wrong for 100s of time I tested and typed them correctly when browser prompted me when it downloaded applet. I am not even able to do "Basic" authentication. I turned the TRACE on and found that=20 HttpMethodDirectorauthenticateProxy(final HttpMethod method) Writes 2 of the following logs. LOG.debug("Authenticating with " + authscope);=20 LOG.warn("Required proxy credentials not available for " + authscope); Here is the code snippet between 2 of the logs. if (authstate.isAuthRequested() || !authscheme.isConnectionBased()) { AuthScope authscope =3D new AuthScope( conn.getProxyHost(), conn.getProxyPort(),=20 authscheme.getRealm(),=20 authscheme.getSchemeName()); =20 if (LOG.isDebugEnabled()) { LOG.debug("Authenticating with " + authscope); } Credentials credentials =3D this.state.getProxyCredentials(authscope); if (credentials !=3D null) { String authstring =3D = authscheme.authenticate(credentials, method); if (authstring !=3D null) { method.addRequestHeader(new Header(PROXY_AUTH_RESP, authstring, true)); } } else { if (LOG.isWarnEnabled()) { LOG.warn("Required proxy credentials not available for " + authscope); if (method.getProxyAuthState().isPreemptive()) { LOG.warn("Preemptive authentication requested but no default " + "proxy credentials available");=20 } } } } It looks like Credentials credentials =3D this.state.getProxyCredentials(authscope); is returning null and that is why authentication is skipped. This is how I am passing Credentials. AuthScope authScope =3D new AuthScope(tunnelBean.getHost(), tunnelBean.getPort()); Credentials credentials =3D new NTCredentials(tunnelBean.getUserName(), tunnelBean.getPassword(), tunnelBean.getUserIp(), tunnelBean.getDomain()); proxyClient.getState().setProxyCredentials(authScope, credentials); Am I doing anything wrong here? I upgraded from 3.0.1 to 3.1 and now I am getting following error "ProxyClient Connect failed: secure protocol socket factory may not be used" Here is how I set host. proxyClient.getHostConfiguration().setHost(host, port, "https"); Jiggy. -----Original Message----- From: Oleg Kalnichevski [mailto:olegk@apache.org]=20 Sent: Monday, August 11, 2008 1:48 PM To: HttpClient User Discussion Subject: Re: Need help with ProxyClient tunneling through authenticatingproxy On Fri, 2008-08-08 at 11:33 -0400, Jignesh Malkan wrote: > Hi, >=20 > =20 >=20 > I am new to HttpClient and I am trying to open a Socket connection from > Applet to the Server tunneling through the ISA proxy. >=20 > =20 >=20 > Proxy client works fine with Non-Authenticating Proxy but it fails when > I turn on "basic" or "Integrated" (NTLM) authentication. I have spent a > good amount of time and have not made much progress. So I decided to > call help from experts :-) >=20 > =20 >=20 > I am using httpclient-3.0.1 and client machine will have a JRE version > >=3D1.5 >=20 > =20 >=20 > Here is my code flow: >=20 > 1. I detect proxy using ProxySelector.getDefault().select(new > URI(uri)); > 2. I set the System properties for https.proxySet=3Dtrue, > https.proxyHost=3DproxyHost, https.proxyPort=3DproxyPort > 3. Next set these properties into TunnelBean and pass this to the > following method: >=20 The most likely reasons are: (1) credentials are wrong (2) the proxy server has been configured to disallow NTLMv1. HttpClient 3.1 supports NTLMv1 only. It does not support NTLMv2. Oleg --------------------------------------------------------------------- To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org For additional commands, e-mail: httpclient-users-help@hc.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org For additional commands, e-mail: httpclient-users-help@hc.apache.org