Hi Oleg!
Oleg Kalnichevski wrote:
Michael Baierl wrote:
Hi there,
I have some pretty simple code that is not working through a proxy.
What I have:
-) an open proxy which does not require authentication
-) the proxy listens on port 80
-) I verified using curl that everything works as expected
What I want to do:
-) request http://somewhere/ through the proxy
-) request https://somewhere/ through the proxy
I did some packet sniffing and to me it seems that HttpClient 3 is not
going to do a CONNECT first.
What I would expect:
-) On the request to http://somewhere/
1) connect to the proxy on the given port (80)
2) use CONNECT somewhere:80
3) do a GET request
4) done
Your expectation is wrong. HttpClient does not have to do that. Plain
HTTP requests send via standard (caching) proxies are only required to
contain an absolute request URI.
http://www.faqs.org/rfcs/rfc2616.html
---
5.1.2 Request-URI
...
The absoluteURI form is REQUIRED when the request is being made to a
proxy. The proxy is requested to forward the request or service it
from a valid cache, and return the response. Note that the proxy MAY
forward the request on to another proxy or directly to the server
---
Fair enough and works fine that way as well. What does not work is the
second case:
-) On the request to https://somewhere/ (SSL!)
1) connect to the proxy on the given port (80)
2) use CONNECT somewhere:443
3) build up the SSL connection
4) do a GET request
5) done
Are you using a custom SSL socket factory by any chance? Are you sure it
is implemented correctly?
As you can see below I use the standard supplied
EasySSLProtocolSocketFactory.
Where I see the issue is the fact that the connection between HttpClient
and the proxy is unencrypted (the "CONNECT www.somewhere.com:443" is in
plain text) and then an SSL encrypted connection to the target server
has to be made.
Packet sniffing has shown me that this is not the case, HttpClient
just fails and does not connect using the CONNECT function...
Further tests have shown me that just adding a proxy like below
httpclient.getHostConfiguration().setProxy("10.10.1.10", 80);
does not use SSL between HttpClient and the target server.
Any ideas?
<code>
****************************************************
HttpClient httpclient = null;
MultiThreadedHttpConnectionManager connectionManager = null;
if(connectionManager == null)
connectionManager = new MultiThreadedHttpConnectionManager();
connectionManager.getParams().setDefaultMaxConnectionsPerHost(4);
connectionManager.getParams().setMaxTotalConnections(20);
connectionManager.getParams().setConnectionTimeout(5000);
if(httpclient == null)
{
httpclient = new HttpClient(connectionManager);
httpclient.getParams()
.setParameter(HttpClientParams.USER_AGENT,
"MyUserAgent/0.0.0");
httpclient.getParams()
.setParameter(HttpClientParams.HTTP_CONTENT_CHARSET,
"UTF-8");
// register an SSL protocol factory
Protocol.registerProtocol("https",
new Protocol("https",
new EasySSLProtocolSocketFactory(), 443)); }
// set my proxy
httpclient.getHostConfiguration().setProxy("10.10.1.10", 80);
HttpMethod method = null;
method = new GetMethod(url);
method.setFollowRedirects(false);
method.setDoAuthentication(false);
method.getParams().setParameter(HttpMethodParams.RETRY_HANDLER, new
DefaultHttpMethodRetryHandler(1, true));
try
{
int status = httpclient.executeMethod(method);
String content = method.getResponseBodyAsString();
// do something
}
catch(Exception ex)
{
method.abort();
}
finally
{
method.releaseConnection();
}
****************************************************
</code>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
