RE: HTTPS WebService through HTTP Proxy

Thu, 15 Oct 2009 01:06:36 -0700 

I don't agreed with you.
The Client must know that on the other side (WebService) talks in HTTPS.

For example, I use SOAPUI to test this connections and again I put the TCPMon 
between the SOAPUI and the proxy.
I saw in plaintext the communication with the proxy:

CONNECT portal.pt:443 HTTP/1.1
Proxy-Authorization: Basic dGVzdGU6dGVzdGU=
User-Agent: Jakarta Commons-HttpClient/3.1
Host: portal.pt
Proxy-Connection: Keep-Alive

And Received from proxy this:

                HTTP/1.0 200 Connection established

At this time, I'm connect to the portal.pt:443 server.
>From here the difference starts, on my client all the communication continues 
>in plaintext, on SOAPUI all the communication is encrypted.

Is I use my client without the proxy setting all works fine (the communication 
is encrypted).

Any ideas?


Thanks,
Kintas


De: Christian Gosch [mailto:[email protected]]
Enviada: quinta-feira, 15 de Outubro de 2009 08:18
Para: axis-user
Assunto: RE: HTTPS WebService through HTTP Proxy

I'm not quite sure, but shouldn't it be sufficient to talk to the proxy as 
required, and let the proxy do whatever it is supposed to?

In other words: I think from an Axis client's view only the instance this 
client directly talks to should matter. What happens there (immediate 
processing or forwarding forth and back of the SOAP messages by means of a 
proxy or gateway) should not matter at all for the Axis client.

This applies to all aspects of the communication, i. e. ports, resource URLs, 
encryption, authentication, authorization...

Christian

________________________________

From: Pedro Quintas [mailto:[email protected]]
Sent: Thursday, October 15, 2009 2:00 AM
To: [email protected]
Subject: HTTPS WebService through HTTP Proxy
Importance: High

Hello.

I need to call a HTTPS WebService  through a HTTP proxy.
I set on Options object the following:

                options.setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER, new 
Protocol("https", (ProtocolSocketFactory)new 
AuthSSLProtocolSocketFactory(endpoint), 443));
                options.setTransportInProtocol(Constants.TRANSPORT_HTTPS);

                options.setProperty(HTTPConstants.AUTHENTICATE, authenticator);

                options.setProperty(HTTPConstants.PROXY, proxyProperty); // 
proxyProperty have set ProxyName, ProxyPort, UserName, PassWord

And another options.
I put the TCPMon, between my program and the proxy to see what is send.

On TCPMon I see the connection made to the proxy and then to the HTTPS 
WebService, all in plaintext and this is wrong because after the connection to 
the proxy, all data transmited should been encrypted.

Any one already have this problem? How can I solve this?

Sorry for my bad English.


Thanks,
Kintas
!DSPAM:4ad66624326667108612316!

Reply via email to