Actually - the problem was in the way I was passing in the credentials.
Instead of including these as part of URL I did the following and it worked
(you can narrow the scope of course)
httpclient.getCredentialsProvider().setCredentials(new
AuthScope(AuthScope.ANY),
new UsernamePasswordCredentials("blah", "blah"));
Ken Krugler wrote:
>
> [trying again w/o code formatting, hopefully Apache mail server won't
> reject it as spam]
>
> Here's the code I use to set up for sending generic https GET requests.
>
> // Create and initialize scheme registry
> SchemeRegistry schemeRegistry = new SchemeRegistry();
> schemeRegistry.register(new Scheme("http",
> PlainSocketFactory.getSocketFactory(), 80));
> SSLSocketFactory sf = null;
>
> for (String contextName : SSL_CONTEXT_NAMES) {
> try {
> SSLContext sslContext =
> SSLContext.getInstance(contextName);
> sslContext.init(null, new TrustManager[] { new
> DummyX509TrustManager(null) }, null);
> sf = new SSLSocketFactory(sslContext);
> break;
> } catch (NoSuchAlgorithmException e) {
> LOGGER.debug("SSLContext algorithm not available:
> " + contextName);
> } catch (Exception e) {
> LOGGER.debug("SSLContext can't be initialized: "
> + contextName, e);
> }
> }
>
> if (sf != null) {
>
> sf
> .setHostnameVerifier
> (SSLSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
> schemeRegistry.register(new Scheme("https", sf, 443));
> } else {
> LOGGER.warn("No valid SSLContext found for https");
> }
>
> The DummyX509TrustManager class (from Nutch) looks like:
>
> public class DummyX509TrustManager implements X509TrustManager {
> private X509TrustManager standardTrustManager = null;
>
> /**
> * Constructor for DummyX509TrustManager.
> */
> public DummyX509TrustManager(KeyStore keystore) throws
> NoSuchAlgorithmException, KeyStoreException {
> super();
> String algo = TrustManagerFactory.getDefaultAlgorithm();
> TrustManagerFactory factory =
> TrustManagerFactory.getInstance(algo);
> factory.init(keystore);
> TrustManager[] trustmanagers = factory.getTrustManagers();
> if (trustmanagers.length == 0) {
> throw new NoSuchAlgorithmException(algo + " trust manager
> not supported");
> }
> this.standardTrustManager = (X509TrustManager)trustmanagers[0];
> }
>
> /**
> * @see
> javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[],
> String)
> */
> public boolean isClientTrusted(X509Certificate[] certificates) {
> return true;
> }
>
> /**
> * @see
> javax.net.ssl.X509TrustManager#checkServerTrusted(X509Certificate[],
> String)
> */
> public boolean isServerTrusted(X509Certificate[] certificates) {
> return true;
> }
>
> /**
> * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers()
> */
> public X509Certificate[] getAcceptedIssuers() {
> return this.standardTrustManager.getAcceptedIssuers();
> }
>
> public void checkClientTrusted(X509Certificate[] arg0, String
> arg1) throws CertificateException {
> // do nothing
>
> }
>
> public void checkServerTrusted(X509Certificate[] arg0, String
> arg1) throws CertificateException {
> // do nothing
>
> }
> }
>
> I'm sure Oleg would have a more elegant way to handle all this :)
>
> -- Ken
>
>
> On Jan 5, 2010, at 10:39pm, droidin.net wrote:
>
>>
>> I'm using HttpClient 4.0 to get some XML from the remote host. When
>> I use URL
>> such as https://user:[email protected] it works fine in the
>> browser but
>> fails in the HttpClient with this stacktrace (follows). Any
>> suggestions? I'm
>> using SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER while setting
>> ThreadSafeClientConnManager
>>
>> The code (partial):
>> final HttpGet get= new HttpGet(url);
>> final HttpResponse response = this.client.execute(get);
>> return new BasicResponseHandler().handleResponse(response);
>>
>> Stacktrace
>> 01-05 22:34:03.783: ERROR/SearchResults(11565): Failed to process
>> request to
>> URL:
>> https://user:[email protected]/products/foo/meta/xml_proper_encoding.jsp?version=1
>> 01-05 22:34:03.783: ERROR/SearchResults(11565):
>> org.apache.http.client.HttpResponseException: Unauthorized
>>
>> --
>> View this message in context:
>> http://old.nabble.com/Authentication-fails-in-HttpClient-but-OK-in-browser-tp27026795p27026795.html
>> Sent from the HttpClient-User mailing list archive at Nabble.com.
>>
>
> --------------------------------------------
> Ken Krugler
> +1 530-210-6378
> http://bixolabs.com
> e l a s t i c w e b m i n i n g
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [email protected]
> For additional commands, e-mail: [email protected]
>
>
>
--
View this message in context:
http://old.nabble.com/Authentication-fails-in-HttpClient-but-OK-in-browser-tp27026795p27083959.html
Sent from the HttpClient-User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
