Mailing-List: contact httpclient-users-help@hc.apache.org; run by ezmlm
Precedence: bulk
Reply-To: "HttpClient User Discussion" <httpclient-users@hc.apache.org>
Received-SPF: pass (nike.apache.org: domain of fmudnal@visa.com designates
 198.241.159.4 as permitted sender)
From: "Mudnal, Fayaz K" <fmudnal@visa.com>
To: HttpClient User Discussion <httpclient-users@hc.apache.org>
Date: Wed, 13 Oct 2010 10:30:55 -0700
Subject: RE: HTTPS redirects and then basic auth fails
Thread-Topic: HTTPS redirects and then basic auth fails
Thread-Index: ActqYpjHNtQ7uDs9QduY/n+hgz4xzQAASQmgACYaBQA=
Message-ID: <25DD91C14FC3714F92C7BE85B81B8931030153C196@SW720MBPX016.visa.com>
References: <25DD91C14FC3714F92C7BE85B81B8931030153BE09@SW720MBPX016.visa.com>
In-Reply-To: 
 <25DD91C14FC3714F92C7BE85B81B8931030153BE09@SW720MBPX016.visa.com>
Accept-Language: en-US
Content-Language: en-US
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0

I set the auth realm to AuthScope.ANY, but this did not work either:
httpstate.setCredentials(AuthScope.ANY, credentials);

Fayaz

-----Original Message-----
From: Mudnal, Fayaz K [mailto:fmudnal@visa.com]=20
Sent: Tuesday, October 12, 2010 4:19 PM
To: httpclient-users@hc.apache.org
Subject: HTTPS redirects and then basic auth fails

Hi
I am trying to upload a file to a https site. The site redirects 3 times an=
d then login fails with a 401 error. I am using HttpClient 3.0. The server =
folks said they could not see the credentials on their side. I would greatl=
y appreciate any help. Here is the code:

       String header =3D "multipart/form-data";
        PostMethod method =3D null;

        try {
            HttpClient client =3D new HttpClient();
            HostConfiguration hostConfig =3D client.getHostConfiguration();
            hostConfig.setHost(new URI(URL, true));
            LOGGER.debug("Open connection to: " + URL);
            if (username !=3D null && password !=3D null && username.trim()=
.length() > 0 && password.trim().length() > 0) {
                LOGGER.debug("Setting credentials.");
                Credentials credentials =3D new UsernamePasswordCredentials=
(username, password);
                AuthScope authScope =3D new AuthScope(hostConfig.getHost(),=
 hostConfig.getPort());
                HttpState state =3D client.getState();
                state.setCredentials(authScope, credentials);
                LOGGER.debug("Credentials set");
                List authPrefs =3D new ArrayList(3);
                authPrefs.add(AuthPolicy.BASIC);
                authPrefs.add(AuthPolicy.DIGEST);
                authPrefs.add(AuthPolicy.NTLM);

                client.getParams().setParameter(AuthPolicy.AUTH_SCHEME_PRIO=
RITY, authPrefs);
                client.getParams().setAuthenticationPreemptive(true);
                LOGGER.debug("Preemptive Authentication set");
            }
            RequestEntity entity =3D new InputStreamRequestEntity(inputStre=
am, "application/upload");
            method =3D new PostMethod(URL);
            method.setRequestEntity(entity);
            LOGGER.debug("FileInputStream set");
            method.setRequestHeader("filename", fileName);
            method.setRequestHeader("Content-Type", header);
            method.setRequestHeader("Content-Disposition", "form-data");
            method.setDoAuthentication(true);
            method.setFollowRedirects( false );
            LOGGER.debug("Uploading file...");
            int responseStatusCode =3D client.executeMethod(hostConfig, met=
hod);
            LOGGER.debug("HTTPS ResponseStatusCode=3D" + responseStatusCode=
);
            LOGGER.debug(method.getStatusLine());
            LOGGER.debug(method.getResponseBodyAsString());

            // Handle redirects
            int redirResponseStatusCode =3D 0;
            if (responseStatusCode =3D=3D HttpStatus.SC_MOVED_TEMPORARILY |=
|
                    responseStatusCode =3D=3D HttpStatus.SC_MOVED_PERMANENT=
LY ||
                    responseStatusCode =3D=3D HttpStatus.SC_SEE_OTHER ||
                    responseStatusCode =3D=3D HttpStatus.SC_TEMPORARY_REDIR=
ECT) {

                LOGGER.debug("Redirection encountered:" + responseStatusCod=
e);
           // handle a max of 10 redirects
                for (int i =3D 1; i < 11; i++) {
                    LOGGER.debug("Redirect attempt: " + i);
                    redirResponseStatusCode =3D 0;

                    Header locationHeader =3D method.getResponseHeader("loc=
ation");
                    if (locationHeader =3D=3D null) {
                      throw new DeliveryException("Redirected without a loc=
ation");
                    }
                    String location =3D locationHeader.getValue();
                    hostConfig.setHost(new URI(location, true));
                    method.setURI(new URI(location, true));

                    if (username !=3D null && password !=3D null && usernam=
e.trim().length() > 0 && password.trim().length() > 0) {
                        LOGGER.debug("Setting credentials for redirect.");
                        Credentials credentials =3D new UsernamePasswordCre=
dentials(username, password);
                        AuthScope authScope =3D new AuthScope(hostConfig.ge=
tHost(), hostConfig.getPort());
                        HttpState state =3D client.getState();
                        state.setCredentials(authScope, credentials);
                        LOGGER.debug("Credentials set");
                        List authPrefs =3D new ArrayList(3);
                        authPrefs.add(AuthPolicy.BASIC);
                        authPrefs.add(AuthPolicy.DIGEST);
                        authPrefs.add(AuthPolicy.NTLM);

                        client.getParams().setParameter(AuthPolicy.AUTH_SCH=
EME_PRIORITY, authPrefs);
                        //client.getState().setAuthenticationPreemptive(tru=
e);
                        client.getParams().setAuthenticationPreemptive(true=
);
                        LOGGER.debug("Preemptive Authentication set");
                    }


                    LOGGER.debug("Redirecting to location:" + location);
                    redirResponseStatusCode =3D client.executeMethod(hostCo=
nfig, method);


                    LOGGER.debug("HTTPS RedirectResponseStatusCode=3D" + re=
dirResponseStatusCode);
                    LOGGER.debug(method.getStatusLine());
                    LOGGER.debug(method.getResponseBodyAsString());
                    if (redirResponseStatusCode !=3D HttpStatus.SC_MOVED_TE=
MPORARILY &&
                            redirResponseStatusCode !=3D HttpStatus.SC_MOVE=
D_PERMANENTLY &&
                            redirResponseStatusCode !=3D HttpStatus.SC_SEE_=
OTHER &&
                            redirResponseStatusCode !=3D HttpStatus.SC_TEMP=
ORARY_REDIRECT)
                        break;

                    if (i =3D=3D 10) {LOGGER.debug("MAX Redirects exceeded.=
");}
                }
            }
            // Handle redirects

            if ((responseStatusCode >=3D 400)||(redirResponseStatusCode >=
=3D 400)) {
                LOGGER.debug("File upload via HTTPS failed.");
                throw new DeliveryException("File upload via HTTPS failed."=
);
            } else
                LOGGER.debug("File upload via HTTPS Successful.");

        } catch (Exception e) {
            LOGGER.debug("File upload via HTTPS failed.");
            e.printStackTrace();
            throw new DeliveryException(e);
        } finally {
            method.releaseConnection();
        }

Here are the logs:
[10/12/10 0:52:56:136 GMT] 00000164 SystemOut     O - username:xxxxx passwo=
rd:xxxxx
[10/12/10 0:52:56:137 GMT] 00000164 SystemOut     O - Open connection to: h=
ttps://159.37.35.247/
[10/12/10 0:52:56:137 GMT] 00000164 SystemOut     O - Setting credentials.
[10/12/10 0:52:56:138 GMT] 00000164 SystemOut     O - Credentials set
[10/12/10 0:52:56:139 GMT] 00000164 SystemOut     O - Preemptive Authentica=
tion set
[10/12/10 0:52:56:140 GMT] 00000164 SystemOut     O - FileInputStream set
[10/12/10 0:52:56:141 GMT] 00000164 SystemOut     O - Uploading file...
[10/12/10 0:52:56:452 GMT] 00000164 HttpMethodDir I org.apache.commons.http=
client.HttpMethodDirector isRedirectNeeded Redirect requested but followRed=
irects is disabled
[10/12/10 0:52:56:459 GMT] 00000164 SystemOut     O - HTTPS ResponseStatusC=
ode=3D302
[10/12/10 0:52:56:459 GMT] 00000164 SystemOut     O - HTTP/1.1 302 Found
[10/12/10 0:52:56:459 GMT] 00000164 HttpMethodBas W org.apache.commons.http=
client.HttpMethodBase getResponseBody Going to buffer response body of larg=
e or unknown size. Using getResponseBodyAsStream instead is recommended.
[10/12/10 0:52:56:475 GMT] 00000164 SystemOut     O - <!DOCTYPE HTML PUBLIC=
 "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>302 Found</TITLE>
</HEAD><BODY>
<H1>Found</H1>
The document has moved <A HREF=3D"https://159.37.35.247:443/?&amp;STCO=3D1T=
LOxTpeXQHAAAEqsStY&amp;STCOEND">here</A>.<P>
<P>Additionally, a 302 Found
error was encountered while trying to use an ErrorDocument to handle the re=
quest.
</BODY></HTML>

[10/12/10 0:52:56:475 GMT] 00000164 SystemOut     O - Redirection encounter=
ed:302
[10/12/10 0:52:56:476 GMT] 00000164 SystemOut     O - Redirect attempt: 1
[10/12/10 0:52:56:476 GMT] 00000164 SystemOut     O - Setting credentials f=
or redirect.
[10/12/10 0:52:56:477 GMT] 00000164 SystemOut     O - Credentials set
[10/12/10 0:52:56:478 GMT] 00000164 SystemOut     O - Preemptive Authentica=
tion set
[10/12/10 0:52:56:478 GMT] 00000164 SystemOut     O - Redirecting to locati=
on:https://159.37.35.247:443/?&STCO=3D1TLOxTpeXQHAAAEqsStY&STCOEND
[10/12/10 0:52:56:561 GMT] 00000164 HttpMethodDir I org.apache.commons.http=
client.HttpMethodDirector isRedirectNeeded Redirect requested but followRed=
irects is disabled
[10/12/10 0:52:56:568 GMT] 00000164 SystemOut     O - HTTPS RedirectRespons=
eStatusCode=3D302
[10/12/10 0:52:56:568 GMT] 00000164 SystemOut     O - HTTP/1.1 302 Found
[10/12/10 0:52:56:569 GMT] 00000164 HttpMethodBas W org.apache.commons.http=
client.HttpMethodBase getResponseBody Going to buffer response body of larg=
e or unknown size. Using getResponseBodyAsStream instead is recommended.
[10/12/10 0:52:56:584 GMT] 00000164 SystemOut     O - <!DOCTYPE HTML PUBLIC=
 "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>302 Found</TITLE>
</HEAD><BODY>
<H1>Found</H1>
The document has moved <A HREF=3D"https://159.37.35.247/?&amp;STCO=3D2TLOxT=
peXQHAAAEqsStY&amp;STCOEND">here</A>.<P>
<P>Additionally, a 302 Found
error was encountered while trying to use an ErrorDocument to handle the re=
quest.
</BODY></HTML>

[10/12/10 0:52:56:585 GMT] 00000164 SystemOut     O - Redirect attempt: 2
[10/12/10 0:52:56:585 GMT] 00000164 SystemOut     O - Setting credentials f=
or redirect.
[10/12/10 0:52:56:586 GMT] 00000164 SystemOut     O - Credentials set
[10/12/10 0:52:56:586 GMT] 00000164 SystemOut     O - Preemptive Authentica=
tion set
[10/12/10 0:52:56:587 GMT] 00000164 SystemOut     O - Redirecting to locati=
on:https://159.37.35.247/?&STCO=3D2TLOxTpeXQHAAAEqsStY&STCOEND
[10/12/10 0:52:56:672 GMT] 00000164 HttpMethodDir I org.apache.commons.http=
client.HttpMethodDirector isRedirectNeeded Redirect requested but followRed=
irects is disabled
[10/12/10 0:52:56:680 GMT] 00000164 SystemOut     O - HTTPS RedirectRespons=
eStatusCode=3D302
[10/12/10 0:52:56:681 GMT] 00000164 SystemOut     O - HTTP/1.1 302 Found
[10/12/10 0:52:56:681 GMT] 00000164 HttpMethodBas W org.apache.commons.http=
client.HttpMethodBase getResponseBody Going to buffer response body of larg=
e or unknown size. Using getResponseBodyAsStream instead is recommended.
[10/12/10 0:52:56:696 GMT] 00000164 SystemOut     O - <!DOCTYPE HTML PUBLIC=
 "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>302 Found</TITLE>
</HEAD><BODY>
<H1>Found</H1>
The document has moved <A HREF=3D"https://159.37.35.247/">here</A>.<P>
<P>Additionally, a 302 Found
error was encountered while trying to use an ErrorDocument to handle the re=
quest.
</BODY></HTML>

[10/12/10 0:52:56:696 GMT] 00000164 SystemOut     O - Redirect attempt: 3
[10/12/10 0:52:56:697 GMT] 00000164 SystemOut     O - Setting credentials f=
or redirect.
[10/12/10 0:52:56:698 GMT] 00000164 SystemOut     O - Credentials set
[10/12/10 0:52:56:698 GMT] 00000164 SystemOut     O - Preemptive Authentica=
tion set
[10/12/10 0:52:56:698 GMT] 00000164 SystemOut     O - Redirecting to locati=
on:https://159.37.35.247/
[10/12/10 0:52:56:778 GMT] 00000164 AuthChallenge I org.apache.commons.http=
client.auth.AuthChallengeProcessor selectAuthScheme Basic authentication sc=
heme selected [10/12/10 0:52:56:786 GMT] 00000164 HttpMethodDir I org.apach=
e.commons.httpclient.HttpMethodDirector processWWWAuthChallenge Failure aut=
henticating with BASIC 'FileDriveWWW'@159.37.35.247:443
[10/12/10 0:52:56:792 GMT] 00000164 SystemOut     O - HTTPS RedirectRespons=
eStatusCode=3D401
[10/12/10 0:52:56:792 GMT] 00000164 SystemOut     O - HTTP/1.1 401 Authoriz=
ation Required
[10/12/10 0:52:56:793 GMT] 00000164 HttpMethodBas W org.apache.commons.http=
client.HttpMethodBase getResponseBody Going to buffer response body of larg=
e or unknown size. Using getResponseBodyAsStream instead is recommended.
[10/12/10 0:52:56:809 GMT] 00000164 SystemOut     O - <!DOCTYPE HTML PUBLIC=
 "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>401 Authorization Required</TITLE> </HEAD><BODY> <H1>Authorization R=
equired</H1> This server could not verify that you are authorized to access=
 the document requested.  Either you supplied the wrong credentials (e.g., =
bad password), or your browser doesn't understand how to supply the credent=
ials required.<P> </BODY></HTML>

[10/12/10 0:52:56:809 GMT] 00000164 SystemOut     O - File upload via HTTPS=
 failed.


Thanks
Fayaz


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org