On Mon, Jan 12, 2009 at 9:05 AM, Tim Williams <[email protected]> wrote: > On Mon, Jan 12, 2009 at 8:52 AM, Oleg Kalnichevski <[email protected]> wrote: >> On Mon, 2009-01-12 at 08:28 -0500, Tim Williams wrote: >>> On Thu, Jan 8, 2009 at 3:03 PM, Tim Williams <[email protected]> wrote: >>> > On Thu, Jan 8, 2009 at 2:28 PM, Tim Williams <[email protected]> wrote: >>> >> On Thu, Jan 8, 2009 at 2:09 PM, Oleg Kalnichevski <[email protected]> >>> >> wrote: >>> >>> Tim Williams wrote: >>> >>>> >>> >>>> I'm using the MultiThreadedConnectionManager with HttpClient and 2-way >>> >>>> ssl similar to the example[1] and having problems. The very first >>> >>>> request goes through and returns HTTP 200 Ok. All subsequent requests >>> >>>> return HTTP 401. This happens when I run this inside a webapp >>> >>>> deployed in either glassfish or tomcat. However, if I take the same >>> >>>> code and run from within a simple driver "main" program, all calls to >>> >>>> that same server succeed with no problems. Oddly enough, this only >>> >>>> happens when communicating with one particular Weblogic service - >>> >>>> other servers allow multiple calls with the same fetcher code just >>> >>>> fine. Anyone have an idea what would make the first request go >>> >>>> through go through properly but not subsequent ones? >>> >>>> >>> >>> >>> >>> There is no way of telling without more details. Please post a wire log >>> >>> of >>> >>> the HTTP session to this list >>> >>> >>> >>> http://hc.apache.org/httpclient-3.x/logging.html >>> >>> >>> >>> Oleg >>> >> >>> >> Unfortunately, I'm unable to post logging data. I have narrowed it >>> >> down to a "cookie" problem of some sort. I've found that if I >>> >> manually take the "Set-Cookie" header from the initial request, store >>> >> it, then manually populate it on subsequent requests, all is well. I >>> >> had that idea from this site[1] but I'm not sure whether the >>> >> configuration on the server-side (Weblogic) is just wrong or my >>> >> HttpClient configuration is wrong by not sending back both cookies on >>> >> subsequent requests. >>> >> Thanks, >>> >> --tim >>> > >>> > I've run the wire logging and it does appear that two Set-Cookies are >>> > coming in, one with JSESSIONID= and the other with >>> > _WL_AUTH_JSESSIONID=. On subsequent requests, only the first, >>> > JSESSIONID, is on the outbound request. Any ideas? >>> >>> The _WL_AUTH_JSESSIONID is a 'secure' cookie and it is the one not >>> being sent. Weblogic uses both a regular cookie and secure cookie to >>> apparently allow you to seamlessly transition across http and https >>> sessions[1] which seems valid. I've tried sending as a >>> SINGLE_COOKIE_HEADER as well with no success. I'm using v3.0.1 and >>> RFC2109 btw. Any ideas for what to look at? >>> Thanks, >>> --tim >>> >> >> You are not using a custom SSL socket factory, are you? If so, make sure >> it implements SecureProtocolSocketFactory interface. >> >> Oleg > > No, I'm not. I also just tried explicitly registering the > SSLProtocolSocketFactory in my code - though I reckon its unnecessary > - but that doesn't help. I also found this thread[1] which looks > similar. I don't like the suggested hack though (manually removing > the secure flag from the cookie). Any other ideas?
Actually, explicitly registering the SSLProtocolSocketFactory for "https" *does* help. This is odd because it looks like exactly what the lazyRegisterProtocol method is already doing. --tim --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
