Jignesh Malkan wrote:
Hi Oleg,
Thanks for the info.
I don't think #1 is possible unless I types uid/pwd wrong for 100s of
time I tested and typed them correctly when browser prompted me when it
downloaded applet.
I am not even able to do "Basic" authentication.
I turned the TRACE on and found that
HttpMethodDirectorauthenticateProxy(final HttpMethod method)
Writes 2 of the following logs.
LOG.debug("Authenticating with " + authscope);
LOG.warn("Required proxy credentials not available for " + authscope);
Here is the code snippet between 2 of the logs.
if (authstate.isAuthRequested() || !authscheme.isConnectionBased()) {
AuthScope authscope = new AuthScope(
conn.getProxyHost(), conn.getProxyPort(),
authscheme.getRealm(),
authscheme.getSchemeName());
if (LOG.isDebugEnabled()) {
LOG.debug("Authenticating with " + authscope);
}
Credentials credentials =
this.state.getProxyCredentials(authscope);
if (credentials != null) {
String authstring = authscheme.authenticate(credentials,
method);
if (authstring != null) {
method.addRequestHeader(new Header(PROXY_AUTH_RESP,
authstring, true));
}
} else {
if (LOG.isWarnEnabled()) {
LOG.warn("Required proxy credentials not available
for " + authscope);
if (method.getProxyAuthState().isPreemptive()) {
LOG.warn("Preemptive authentication requested
but no default " +
"proxy credentials available");
}
}
}
}
It looks like Credentials credentials =
this.state.getProxyCredentials(authscope); is returning null and that is
why authentication is skipped.
This is how I am passing Credentials.
AuthScope authScope = new AuthScope(tunnelBean.getHost(),
tunnelBean.getPort());
Credentials credentials = new NTCredentials(tunnelBean.getUserName(),
tunnelBean.getPassword(),
tunnelBean.getUserIp(), tunnelBean.getDomain());
proxyClient.getState().setProxyCredentials(authScope, credentials);
Am I doing anything wrong here?
Possibly the proxy host does not match any of the authentication scopes
set in the HTTP state. I could not verify this assumption as the host
names in the log had been obfuscated. You may want to set the
authentication scope to ANY_HOST (null) and see if that makes any
difference.
I upgraded from 3.0.1 to 3.1 and now I am getting following error
"ProxyClient Connect failed: secure protocol socket factory may not be
used"
Please post a complete wire / context log of the HTTP session and the
exception stack trace.
Oleg
Here is how I set host.
proxyClient.getHostConfiguration().setHost(host, port, "https");
Jiggy.
-----Original Message-----
From: Oleg Kalnichevski [mailto:[EMAIL PROTECTED]
Sent: Monday, August 11, 2008 1:48 PM
To: HttpClient User Discussion
Subject: Re: Need help with ProxyClient tunneling through
authenticatingproxy
On Fri, 2008-08-08 at 11:33 -0400, Jignesh Malkan wrote:
Hi,
I am new to HttpClient and I am trying to open a Socket connection
from
Applet to the Server tunneling through the ISA proxy.
Proxy client works fine with Non-Authenticating Proxy but it fails
when
I turn on "basic" or "Integrated" (NTLM) authentication. I have spent
a
good amount of time and have not made much progress. So I decided to
call help from experts :-)
I am using httpclient-3.0.1 and client machine will have a JRE version
=1.5
Here is my code flow:
1. I detect proxy using ProxySelector.getDefault().select(new
URI(uri));
2. I set the System properties for https.proxySet=true,
https.proxyHost=proxyHost, https.proxyPort=proxyPort
3. Next set these properties into TunnelBean and pass this to the
following method:
The most likely reasons are:
(1) credentials are wrong
(2) the proxy server has been configured to disallow NTLMv1. HttpClient
3.1 supports NTLMv1 only. It does not support NTLMv2.
Oleg
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
