tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Anil Goyal -X (anigoyal - Aricent Technologies at Cisco)" <anigo...@cisco.com>
Subject RE: Customizing SSL in HttpClient
Date Tue, 11 Jun 2013 06:29:05 GMT


-----Original Message-----
From: Anil Goyal -X (anigoyal - Aricent Technologies at Cisco) 
Sent: Tuesday, June 11, 2013 11:23 AM
To: Tomcat Users List
Subject: RE: Customizing SSL in HttpClient



-----Original Message-----
From: Christopher Schultz [mailto:chris@christopherschultz.net]
Sent: Monday, June 10, 2013 7:51 PM
To: Tomcat Users List
Subject: Re: Customizing SSL in HttpClient

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Anil,

On 6/10/13 8:42 AM, Anil Goyal -X (anigoyal - Aricent Technologies at
Cisco) wrote:
> I am trying to create a http client and send a request to certain port 
> of a server using below code:
> 
> HttpClient client = new HttpClient(); 
> client.getHostConfiguration().setHost(address, portNumber, protocol);
> 
> Here portNumber that I am setting is 8444(https port of tomcat)
> 
> When I execute client.executemethod() and at the server side when I 
> tried to retrieve request.getRequestURL(), I am getting the url with 
> port 443 not 8444 which I set in client. Even request.getServerPort is 
> giving 443 not 8444.

Is there any kind of port-forwarding or anything else going on?

> The things are working fine for 8081(http port of tomcat) i..e 
> HttpClient client = new HttpClient(); 
> client.getHostConfiguration().setHost(address, portNumber, protocol);
> 
> Here portNumber that I am setting is 8081(https port of tomcat)
> 
> When I execute client.executemethod() and at the server side when I 
> tried to retrieve request.getRequestURL(), I am getting the url with 
> port 8081 which I set in client. Even request.getServerPort is giving 
> 8081.

Can you show us a bit more of the code? It's not clear from you client code that the port
number is set correctly, and you only mentioned the server. Can you give us some of that,
too? Also, what do your <Connector> elements look like in server.xml?

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJRteC5AAoJEBzwKT+lPKRY8TUP/3QuIqKPxB5HjVaUywkPmIQt
+LoZLdHhOLdrkwE2ojW1qk0YnX2wpgr6W3W6uBk5l5yrrdcHAFcOWcNIi9fjl8bo
xW8uZi+vGkyv1Pdii5JJrfDjbxdtbsTpHBn7yoKMUzJ9V9xmHwqNsi89xi/mZLty
hj6LNMvftgpQQdPmoPoLJr4ZfmQj2DAI+wX0u/fNgk8cf5wdHJZZu03COPIeRbam
Gn+fOjfK0YL93ntmLP2PbGtlCprBaqPcZRh+AiKFhg4W7+qGVDXGa2SIvrcWbgdU
qHRKxyJ+5j3o0Y74Q0wKRcSEUXbidEhDAtJCQgNOJJi+S4SYgl2OLOXhkxMABBkS
xYIXsAPu4SoVcuiCpGvb2LhD5uqMOyH0NxCpv/TVFsEzOy2EZHLrts1DYNAyIo7M
zqZv2efOTPwcaHRZxgzUB2s23uzs3aiXiKOzYHB7AALJnASCx4fNeOgZwMxdK6o0
qs09m0EKL29QurG3iKXHCA0dOeZzxV4ZUduFZtR2eLIsayqoKpL6fh+asLZFW40y
ZMOvPzlpXwdRX36IdzwTlwrvMOmynfgGfL/yAdCfqN0hlA0OVo7PYNryxSfZhX+2
O1//zDFNSxs2BS9ErQkNyKP8xfVk76XbYUybsbNtivnxjv1a8N72h3qeuixA/ZUJ
gJEvsTX0kD+rb8xYmIlJ
=Qqhu
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Please consider the code flow as below:

HttpClient client = new HttpClient();
portNumber = secure ? LocalNetworkConstants.DEFAULT_HTTPS_PORT : LocalNetworkConstants.DEFAULT_HTTP_PORT;
// DEFAULT_HTTPS_PORT=8444 and DEFAULT_HTTP_PORT=8081 define in  LocalNetworkConstants.java
 LOG.debug("the value of https port is"+String.valueOf(portNumber)); if (secure) {
        Protocol protocol = new Protocol(LocalNetworkConstants.URISCHEME_HTTPS, new ExtendedProtocolSocketFactory(address,
locationData.isAcceptSelfSignedCertificates(), locationData.isAcceptCertificateErrors()) ,
portNumber);
        client.getHostConfiguration().setHost(address, portNumber, protocol);
         LOG.debug("setting the host for https"+String.valueOf(portNumber));
    }
    else {
        client.getHostConfiguration().setHost(address, portNumber);
        LOG.debug("setting the host for http"+String.valueOf(portNumber));
    }


GetMethod method = new GetMethod(LocalNetworkConstants.INFO_FEEDER_PATH);
int returnCode = client.executeMethod(method);

This is the code at the client side.

At the server side, 

I have 8444 and 8081 port defined in server.xml

<Connector URIEncoding="UTF-8" acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true"
enableLookups="false" maxHttpHeaderSize="8193" maxSpareThreads="25" maxThreads="25" minSpareThreads="10"
port="8081" protocol="HTTP/1.1" redirectPort="8444" server=" "/>
    <Connector SSLEnabled="true" URIEncoding="UTF-8" acceptCount="100" ciphers=" " clientAuth="false"
disableUploadTimeout="true" enableLookups="false" keystoreFile="" keystorePass="" keystoreType=""
maxHttpHeaderSize="8192" maxSpareThreads="25" maxThreads="25" minSpareThreads="10" port="8444"
protocol="HTTP/1.1" scheme="https" secure="true" server=" " sslProtocol="TLS"/>

Also I have these two ports entry in iptables.

Now in the tomcat redirection valve, I have below code written

int port = request.getServerPort();
StringBuffer url = request.getRequestURL();


So now the problem are is, when from client I disable ssl and send the request at port 8081
then in tomcat valve, port -8081 and url also contains port 8081.

But when from client , I enable ssl and send the request at port 8444, then here in valve
the request.getServerPort returns 443 and even in url also port is 443.

So I am not able to understand why the https port is converting into 443 from 8444 while http
port 8081 is working fine.

Even in tomcat access valve, the request is coming at port 8444 as shown below
[11/Jun/2013:11:16:58 +0530] 10.93.230.203 10.93.230.203 admin - 8444 GET /feeder/info HTTP/1.1
500 2581 123

For http port also the request is coming at port 8081 of tomcat
[11/Jun/2013:11:18:29 +0530] 10.93.230.203 10.93.230.203 admin - 8081 GET /feeder/info HTTP/1.1
200 4377 286

But I am totally confused why request.getServerPort is giving 443 for https ???

Thanks
Anil


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org



When I replace request.getServerPort() with request.getLocalPort(), it is giving me the port
8444.
So things are working fine when I use request.getLocalPort().

So do you have any ideas why request.getServerPort is giving 443 and request.getLocalPort
is giving 8444 when I hit the url https://ip-address:8444/context to tomcat.
And request.getServerPort() is giving 8081 and request.getLocalPort is also giving 8081 when
in hit the url http://ip-address:8081/context to tomcat.??

Please suggest

Thanks
Anil
Mime
View raw message