hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ken Krugler <kkrugler_li...@transpac.com>
Subject Re: Authentication fails in HttpClient but OK in browser
Date Wed, 06 Jan 2010 17:26:37 GMT
[trying again w/o code formatting, hopefully Apache mail server won't  
reject it as spam]

Here's the code I use to set up for sending generic https GET requests.

             // Create and initialize scheme registry
             SchemeRegistry schemeRegistry = new SchemeRegistry();
             schemeRegistry.register(new Scheme("http",  
PlainSocketFactory.getSocketFactory(), 80));
             SSLSocketFactory sf = null;

             for (String contextName : SSL_CONTEXT_NAMES) {
                 try {
                     SSLContext sslContext =  
SSLContext.getInstance(contextName);
                     sslContext.init(null, new TrustManager[] { new  
DummyX509TrustManager(null) }, null);
                     sf = new SSLSocketFactory(sslContext);
                     break;
                 } catch (NoSuchAlgorithmException e) {
                     LOGGER.debug("SSLContext algorithm not available:  
" + contextName);
                 } catch (Exception e) {
                     LOGGER.debug("SSLContext can't be initialized: "  
+ contextName, e);
                 }
             }

             if (sf != null) {
                  
sf 
.setHostnameVerifier 
(SSLSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
                 schemeRegistry.register(new Scheme("https", sf, 443));
             } else {
                 LOGGER.warn("No valid SSLContext found for https");
             }

The DummyX509TrustManager class (from Nutch) looks like:

public class DummyX509TrustManager implements X509TrustManager {
     private X509TrustManager standardTrustManager = null;

     /**
      * Constructor for DummyX509TrustManager.
      */
     public DummyX509TrustManager(KeyStore keystore) throws  
NoSuchAlgorithmException, KeyStoreException {
         super();
         String algo = TrustManagerFactory.getDefaultAlgorithm();
         TrustManagerFactory factory =  
TrustManagerFactory.getInstance(algo);
         factory.init(keystore);
         TrustManager[] trustmanagers = factory.getTrustManagers();
         if (trustmanagers.length == 0) {
             throw new NoSuchAlgorithmException(algo + " trust manager  
not supported");
         }
         this.standardTrustManager = (X509TrustManager)trustmanagers[0];
     }

     /**
      * @see  
javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[],  
String)
      */
     public boolean isClientTrusted(X509Certificate[] certificates) {
         return true;
     }

     /**
      * @see  
javax.net.ssl.X509TrustManager#checkServerTrusted(X509Certificate[],  
String)
      */
     public boolean isServerTrusted(X509Certificate[] certificates) {
         return true;
     }

     /**
      * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers()
      */
     public X509Certificate[] getAcceptedIssuers() {
         return this.standardTrustManager.getAcceptedIssuers();
     }

     public void checkClientTrusted(X509Certificate[] arg0, String  
arg1) throws CertificateException {
         // do nothing

     }

     public void checkServerTrusted(X509Certificate[] arg0, String  
arg1) throws CertificateException {
         // do nothing

     }
}

I'm sure Oleg would have a more elegant way to handle all this :)

-- Ken


On Jan 5, 2010, at 10:39pm, droidin.net wrote:

>
> I'm using HttpClient 4.0 to get some XML from the remote host. When  
> I use URL
> such as https://user:pwd@www.somesite.com it works fine in the  
> browser but
> fails in the HttpClient with this stacktrace (follows). Any  
> suggestions? I'm
> using SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER while setting
> ThreadSafeClientConnManager
>
> The code (partial):
> final HttpGet get= new HttpGet(url);
> final HttpResponse response = this.client.execute(get);
> return new BasicResponseHandler().handleResponse(response);
>
> Stacktrace
> 01-05 22:34:03.783: ERROR/SearchResults(11565): Failed to process  
> request to
> URL:
> https://user:pwd@www.somesite.com/products/foo/meta/xml_proper_encoding.jsp?version=1
> 01-05 22:34:03.783: ERROR/SearchResults(11565):
> org.apache.http.client.HttpResponseException: Unauthorized
>
> -- 
> View this message in context: http://old.nabble.com/Authentication-fails-in-HttpClient-but-OK-in-browser-tp27026795p27026795.html
> Sent from the HttpClient-User mailing list archive at Nabble.com.
>

--------------------------------------------
Ken Krugler
+1 530-210-6378
http://bixolabs.com
e l a s t i c   w e b   m i n i n g





---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


Mime
View raw message