hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Baierl <m...@mbaierl.com>
Subject Re: Simple code through proxy not working
Date Wed, 11 Feb 2009 19:01:54 GMT
Hi Oleg!

Oleg Kalnichevski wrote:
> Michael Baierl wrote:
>> Hi there,
>>
>> I have some pretty simple code that is not working through a proxy.
>>
>> What I have:
>> -) an open proxy which does not require authentication
>> -) the proxy listens on port 80
>> -) I verified using curl that everything works as expected
>>
>> What I want to do:
>> -) request http://somewhere/ through the proxy
>> -) request https://somewhere/ through the proxy
>>
>> I did some packet sniffing and to me it seems that HttpClient 3 is not 
>> going to do a CONNECT first.
>>
>> What I would expect:
>> -) On the request to http://somewhere/
>>    1) connect to the proxy on the given port (80)
>>    2) use CONNECT somewhere:80
>>    3) do a GET request
>>    4) done
> 
> Your expectation is wrong. HttpClient does not have to do that. Plain 
> HTTP requests send via standard (caching) proxies are only required to 
> contain an absolute request URI.
> 
> http://www.faqs.org/rfcs/rfc2616.html
> 
> ---
> 5.1.2 Request-URI
> 
> ...
> 
>    The absoluteURI form is REQUIRED when the request is being made to a
>    proxy. The proxy is requested to forward the request or service it
>    from a valid cache, and return the response. Note that the proxy MAY
>    forward the request on to another proxy or directly to the server
> 
> ---
Fair enough and works fine that way as well. What does not work is the 
second case:

> 
> 
>> -) On the request to https://somewhere/ (SSL!)
>>    1) connect to the proxy on the given port (80)
>>    2) use CONNECT somewhere:443
>>    3) build up the SSL connection
>>    4) do a GET request
>>    5) done
>>
> 
> Are you using a custom SSL socket factory by any chance? Are you sure it 
> is implemented correctly?
As you can see below I use the standard supplied 
EasySSLProtocolSocketFactory.

Where I see the issue is the fact that the connection between HttpClient 
and the proxy is unencrypted (the "CONNECT www.somewhere.com:443" is in 
plain text) and then an SSL encrypted connection to the target server 
has to be made.

>> Packet sniffing has shown me that this is not the case, HttpClient 
>> just fails and does not connect using the CONNECT function...

Further tests have shown me that just adding a proxy like below
httpclient.getHostConfiguration().setProxy("10.10.1.10", 80);
does not use SSL between HttpClient and the target server.

>>
>> Any ideas?
>>
>> <code>
>> ****************************************************
>> HttpClient httpclient = null;
>> MultiThreadedHttpConnectionManager connectionManager = null;
>>
>> if(connectionManager == null)
>>     connectionManager = new MultiThreadedHttpConnectionManager();
>>
>> connectionManager.getParams().setDefaultMaxConnectionsPerHost(4);
>> connectionManager.getParams().setMaxTotalConnections(20);
>> connectionManager.getParams().setConnectionTimeout(5000);
>>
>> if(httpclient == null)
>> {
>>     httpclient = new HttpClient(connectionManager);
>>     httpclient.getParams()
>>         .setParameter(HttpClientParams.USER_AGENT,
>>         "MyUserAgent/0.0.0");
>>     httpclient.getParams()
>>         .setParameter(HttpClientParams.HTTP_CONTENT_CHARSET,
>>         "UTF-8");  
>>     // register an SSL protocol factory
>>     Protocol.registerProtocol("https",
>>         new Protocol("https",
>>             new EasySSLProtocolSocketFactory(), 443));           }
>>
>> // set my proxy
>> httpclient.getHostConfiguration().setProxy("10.10.1.10", 80);
>>
>> HttpMethod method = null;
>> method = new GetMethod(url);
>> method.setFollowRedirects(false);
>> method.setDoAuthentication(false);
>> method.getParams().setParameter(HttpMethodParams.RETRY_HANDLER, new 
>> DefaultHttpMethodRetryHandler(1, true));
>> try
>> {
>>     int status = httpclient.executeMethod(method);
>>         String content = method.getResponseBodyAsString();
>>     // do something
>> }
>> catch(Exception ex)
>> {
>>     method.abort();
>> }
>> finally
>> {
>>     method.releaseConnection();
>> }
>>
>>
>> ****************************************************
>> </code>
>>



---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


Mime
View raw message