On Mon, 2019-07-29 at 14:59 +0300, Petar Tahchiev wrote:
> This is my code:
> ```
>
> // Trust standard CA and those trusted by our custom strategy
> final SSLContext sslcontext =
> SSLContexts.custom().loadTrustMaterial((chain, authType) ->
> true).build();
>
> int timeout = 5;
>
> PoolingAsyncClientConnectionManager ccm =
> PoolingAsyncClientConnectionManagerBuilder.create().setTlsStrategy(Cl
> ientTlsStrategyBuilder.create()
>
>
> .setSslContext(sslcontext)
>
>
> .setTlsVersions(TLS.V_1_3,
>
>
> TLS.V_1_2)
>
>
> .setHostnameVerifier(
>
>
> NoopHostnameVerifier.INSTANCE)
>
>
> .build())
>
>
> .setPoolConcurrencyPolicy(PoolConcurrencyPolicy.STRICT)
>
> .setConnPoolPolicy(PoolReusePolicy.LIFO)
>
>
> .setConnectionTimeToLive(TimeValue.ofMinutes(1L)).build();
>
> try (CloseableHttpAsyncClient httpclient =
> HttpAsyncClients.custom().setConnectionManager(ccm).setDefaultRequest
> Config(
>
> RequestConfig.custom().setConnectTimeout(Timeout.ofSeconds(timeout)).
> setResponseTimeout(Timeout.ofSeconds(timeout))
>
> .setCookieSpec(CookieSpecs.STANDARD_STRICT.ident).build()).setVersion
> Policy(HttpVersionPolicy.FORCE_HTTP_2).build())
> {
>
> httpclient.start();
>
>
> /*
> * It can't be POST because the CSRF is triggered.
> */
> SimpleHttpRequest httpGet =
> SimpleHttpRequests.GET.create(restBaseUrl + "auth");
>
> LOG.debug("Calling: " + restBaseUrl + "auth");
>
> httpGet.setHeader("aaaa", username);
> httpGet.setHeader("bbbb", password);
>
> Future<SimpleHttpResponse> future =
> httpclient.execute(httpGet, null);
>
> httpclient.shutdown(CloseMode.GRACEFUL);
>
> SimpleHttpResponse response = future.get();
>
> final String responseText = response.getBody().getBodyText();
> ObjectMapper mapper = new ObjectMapper();
> mapper.configure(JsonParser.Feature.AUTO_CLOSE_SOURCE, true);
> UserData userData = mapper.readValue(responseText,
> UserData.class);
> if (userData.getToken() == null) {
> throw new BadCredentialsException("Invalid
> username/password");
> }
>
> final ConsoleUserPrincipal principal =
> new
> ConsoleUserPrincipal(userData.getUsername(), password,
> AuthorityUtils.createAuthorityList(userData.getAuthorities()));
> principal.setExpiryTime(userData.getExpiryTime());
> principal.setToken(userData.getToken());
>
> return new UsernamePasswordAuthenticationToken(principal,
> password, principal.getAuthorities());
> }
> } catch (NoSuchAlgorithmException | InterruptedException |
> ExecutionException | KeyManagementException | KeyStoreException |
> IOException e) {
> LOG.error(e.getMessage(), e);
> throw new InternalAuthenticationServiceException(e.getMessage());
> }
>
> ```
> The exception happens after the httpClient shutdown on this line:
>
> SimpleHttpResponse response = future.get();
>
>
Looks correct to me.
Oleg
>
>
> На пн, 29.07.2019 г. в 14:57 ч. Petar Tahchiev <paranoia...@gmail.com
> >
> написа:
>
> > Thank you Oleg,
> > it worked :). However now, once in a while I get this type of
> > error:
> > ````
> > Caused by: java.io.InterruptedIOException
> > at
> > org.apache.hc.client5.http.impl.async.AsyncConnectExec$2.cancelled(
> > AsyncConnectExec.java:213)
> > at
> > org.apache.hc.client5.http.impl.async.InternalHttpAsyncExecRuntime$
> > 2.cancelled(InternalHttpAsyncExecRuntime.java:233)
> > at
> > org.apache.hc.core5.concurrent.BasicFuture.cancel(BasicFuture.java:
> > 154)
> > at
> > org.apache.hc.core5.concurrent.ComplexFuture.cancel(ComplexFuture.j
> > ava:93)
> > at
> > org.apache.hc.core5.concurrent.BasicFuture.cancel(BasicFuture.java:
> > 161)
> > at
> > org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionMan
> > ager$2.cancelled(PoolingAsyncClientConnectionManager.java:395)
> > at
> > org.apache.hc.core5.concurrent.BasicFuture.cancel(BasicFuture.java:
> > 154)
> > at
> > org.apache.hc.core5.concurrent.ComplexFuture.cancel(ComplexFuture.j
> > ava:93)
> > at
> > org.apache.hc.core5.concurrent.BasicFuture.cancel(BasicFuture.java:
> > 161)
> > at
> > org.apache.hc.client5.http.impl.nio.DefaultAsyncClientConnectionOpe
> > rator$1.cancelled(DefaultAsyncClientConnectionOperator.java:111)
> > at
> > org.apache.hc.core5.concurrent.BasicFuture.cancel(BasicFuture.java:
> > 154)
> > at
> > org.apache.hc.core5.concurrent.ComplexFuture.cancel(ComplexFuture.j
> > ava:93)
> > at
> > org.apache.hc.core5.concurrent.BasicFuture.cancel(BasicFuture.java:
> > 161)
> > at
> > org.apache.hc.client5.http.impl.nio.MultihomeIOSessionRequester$1$1
> > .cancelled(MultihomeIOSessionRequester.java:147)
> > at
> > org.apache.hc.core5.concurrent.BasicFuture.cancel(BasicFuture.java:
> > 154)
> > at
> > org.apache.hc.core5.concurrent.BasicFuture.cancel(BasicFuture.java:
> > 161)
> > at
> > org.apache.hc.core5.reactor.IOSessionRequest.cancel(IOSessionReques
> > t.java:83)
> > at
> > org.apache.hc.core5.reactor.SingleCoreIOReactor.closePendingConnect
> > ionRequests(SingleCoreIOReactor.java:366)
> > at
> > org.apache.hc.core5.reactor.SingleCoreIOReactor.doTerminate(SingleC
> > oreIOReactor.java:101)
> > at
> > org.apache.hc.core5.reactor.AbstractSingleCoreIOReactor.execute(Abs
> > tractSingleCoreIOReactor.java:89)
> > at
> > org.apache.hc.core5.reactor.IOReactorWorker.run(IOReactorWorker.jav
> > a:44)
> > ````
> > Not always - most of the times it works fine, it is just sometimes.
> >
> >
> > На пн, 22.07.2019 г. в 12:43 ч. Oleg Kalnichevski <ol...@apache.org
> > >
> > написа:
> >
> > > On Mon, 2019-07-22 at 12:29 +0300, Petar Tahchiev wrote:
> > > > Hello,
> > > > I have a Tomcat server running on port 8112 via HTTPS. The
> > > > Tomcat has
> > > > http2
> > > > enabled and is running with OpenJDK11.
> > > > Now when I try to connect with HTTPClient 5.0-beta5 I get this
> > > > exception:
> > > > ===================
> > > > 2019-07-22 12:22:57,699 [https-jsse-nio-8443-exec-2] INFO :
> > > > Recoverable I/O
> > > > exception (org.apache.hc.core5.http.NoHttpResponseException)
> > > > caught
> > > > when
> > > > processing request to {s}->https://localhost:8112
> > > > 2019-07-22 12:22:57,709 [https-jsse-nio-8443-exec-2] INFO :
> > > > Recoverable I/O
> > > > exception (org.apache.hc.core5.http.NoHttpResponseException)
> > > > caught
> > > > when
> > > > processing request to {s}->https://localhost:8112
> > > > 2019-07-22 12:22:57,719 [https-jsse-nio-8443-exec-2] INFO :
> > > > Recoverable I/O
> > > > exception (org.apache.hc.core5.http.NoHttpResponseException)
> > > > caught
> > > > when
> > > > processing request to {s}->https://localhost:8112
> > > > 2019-07-22 12:22:57,732 [https-jsse-nio-8443-exec-2] ERROR:
> > > > localhost:8112
> > > > failed to respond
> > > > org.apache.hc.core5.http.NoHttpResponseException:
> > > > localhost:8112
> > > > failed to
> > > > respond
> > > > at
> > > > org.apache.hc.core5.http.impl.io.DefaultHttpResponseParser.crea
> > > > teConn
> > > > ectionClosedException(DefaultHttpResponseParser.java:87)
> > > > at
> > > > org.apache.hc.core5.http.impl.io.AbstractMessageParser.parse(Ab
> > > > stract
> > > > MessageParser.java:243)
> > > > at
> > > > org.apache.hc.core5.http.impl.io.AbstractMessageParser.parse(Ab
> > > > stract
> > > > MessageParser.java:53)
> > > > at
> > > > org.apache.hc.core5.http.impl.io.DefaultBHttpClientConnection.r
> > > > eceive
> > > > ResponseHeader(DefaultBHttpClientConnection.java:187)
> > > > at
> > > > org.apache.hc.core5.http.impl.io.HttpRequestExecutor.execute(Ht
> > > > tpRequ
> > > > estExecutor.java:181)
> > > > at
> > > > org.apache.hc.core5.http.impl.io.HttpRequestExecutor.execute(Ht
> > > > tpRequ
> > > > estExecutor.java:224)
> > > > at
> > > > org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionM
> > > > anager
> > > > $InternalConnectionEndpoint.execute(PoolingHttpClientConnection
> > > > Manage
> > > > r.java:596)
> > > > at
> > > > org.apache.hc.client5.http.impl.classic.InternalExecRuntime.exe
> > > > cute(I
> > > > nternalExecRuntime.java:220)
> > > > at
> > > > org.apache.hc.client5.http.impl.classic.MainClientExec.execute(
> > > > MainCl
> > > > ientExec.java:107)
> > > > at
> > > > org.apache.hc.client5.http.impl.classic.ExecChainElement.execut
> > > > e(Exec
> > > > ChainElement.java:51)
> > > > at
> > > > org.apache.hc.client5.http.impl.classic.ExecChainElement$1.proc
> > > > eed(Ex
> > > > ecChainElement.java:57)
> > > > at
> > > > org.apache.hc.client5.http.impl.classic.ConnectExec.execute(Con
> > > > nectEx
> > > > ec.java:181)
> > > > at
> > > > org.apache.hc.client5.http.impl.classic.ExecChainElement.execut
> > > > e(Exec
> > > > ChainElement.java:51)
> > > > at
> > > > org.apache.hc.client5.http.impl.classic.ExecChainElement$1.proc
> > > > eed(Ex
> > > > ecChainElement.java:57)
> > > > at
> > > > org.apache.hc.client5.http.impl.classic.ProtocolExec.execute(Pr
> > > > otocol
> > > > Exec.java:165)
> > > > at
> > > > org.apache.hc.client5.http.impl.classic.ExecChainElement.execut
> > > > e(Exec
> > > > ChainElement.java:51)
> > > > at
> > > > org.apache.hc.client5.http.impl.classic.ExecChainElement$1.proc
> > > > eed(Ex
> > > > ecChainElement.java:57)
> > > > at
> > > > org.apache.hc.client5.http.impl.classic.RetryExec.execute(Retry
> > > > Exec.j
> > > > ava:88)
> > > > at
> > > > org.apache.hc.client5.http.impl.classic.ExecChainElement.execut
> > > > e(Exec
> > > > ChainElement.java:51)
> > > > at
> > > > org.apache.hc.client5.http.impl.classic.ExecChainElement$1.proc
> > > > eed(Ex
> > > > ecChainElement.java:57)
> > > > at
> > > > org.apache.hc.client5.http.impl.classic.RedirectExec.execute(Re
> > > > direct
> > > > Exec.java:116)
> > > > at
> > > > org.apache.hc.client5.http.impl.classic.ExecChainElement.execut
> > > > e(Exec
> > > > ChainElement.java:51)
> > > > at
> > > > org.apache.hc.client5.http.impl.classic.ExecChainElement$1.proc
> > > > eed(Ex
> > > > ecChainElement.java:57)
> > > > at
> > > > org.apache.hc.client5.http.impl.classic.ContentCompressionExec.
> > > > execut
> > > > e(ContentCompressionExec.java:125)
> > > > at
> > > > org.apache.hc.client5.http.impl.classic.ExecChainElement.execut
> > > > e(Exec
> > > > ChainElement.java:51)
> > > > at
> > > > org.apache.hc.client5.http.impl.classic.InternalHttpClient.doEx
> > > > ecute(
> > > > InternalHttpClient.java:175)
> > > > at
> > > > org.apache.hc.client5.http.impl.classic.CloseableHttpClient.exe
> > > > cute(C
> > > > loseableHttpClient.java:77)
> > > > at
> > > > com.nemesis.console.backend.storefront.DefaultRestAuthenticatio
> > > > nProvi
> > > > der.authenticate(DefaultRestAuthenticationProvider.java:116)
> > > > ===================
> > > >
> > > > - If I change the URL from
> > > > https://localhost:8112/storefront/rest/auth to
> > > > https://some-website-with-valid-certificate.com/ it all works
> > > > fine.
> > > > - If I change the Tomcat server to work with HTTP1.1 it all
> > > > works
> > > > fine.
> > > > Here is my code:
> > > > ===================
> > > >
> > > > try {
> > > > // Trust standard CA and those trusted by our custom
> > > > strategy
> > > > final SSLContext sslcontext =
> > > > SSLContexts.custom().loadTrustMaterial(new TrustStrategy() {
> > > >
> > > > @Override
> > > > public boolean isTrusted(final X509Certificate[] chain,
> > > > final
> > > > String authType) throws CertificateException {
> > > > return true;
> > > > }
> > > >
> > > > }).build();
> > > >
> > > > int timeout = 5;
> > > >
> > > > RequestConfig config =
> > > > RequestConfig.custom().setResponseTimeout(timeout,
> > > > TimeUnit.SECONDS).setConnectTimeout(timeout,
> > > > TimeUnit.SECONDS).build();
> > > >
> > > > // Allow TLSv1.2 protocol only
> > > > final SSLConnectionSocketFactory sslSocketFactory =
> > > > SSLConnectionSocketFactoryBuilder.create().setSslContext(sslcon
> > > > text).
> > > > setTlsVersions(TLS.V_1_2)
> > > >
> > > >
> > > > .setHostnameVerifier(NoopHostnameVerifier.INSTANCE).build();
> > > >
> > > > Registry<ConnectionSocketFactory> registry =
> > > > RegistryBuilder.<ConnectionSocketFactory>create().register("htt
> > > > ps",
> > > > sslSocketFactory).build();
> > > >
> > > > HttpClientConnectionManager ccm = new
> > > > PoolingHttpClientConnectionManager(registry);
> > > >
> > > > try (CloseableHttpClient httpclient =
> > > > HttpClients.custom().setRetryHandler(new
> > > > DefaultHttpRequestRetryHandler(3)).setDefaultRequestConfig(conf
> > > > ig)
> > > >
> > > > .setConnectionManager(ccm).build()) {
> > > >
> > > > HttpGet httpGet = new HttpGet(restBaseUrl + "auth");
> > > >
> > > > LOG.debug("Calling: " + restBaseUrl + "auth");
> > > >
> > > > httpGet.setHeader("test", username);
> > > > httpGet.setHeader("more-test", password);
> > > >
> > > > final HttpClientContext clientContext =
> > > > HttpClientContext.create();
> > > >
> > > > try (final CloseableHttpResponse response2 =
> > > > httpclient.execute(httpGet, clientContext)) {
> > > > HttpEntity entity2 = response2.getEntity();
> > > > final String response =
> > > > EntityUtils.toString(entity2,
> > > > Charset.defaultCharset());
> > > > LOG.info(response);
> > > > }
> > > > }
> > > > } catch (NoSuchAlgorithmException | KeyManagementException |
> > > > ParseException | KeyStoreException | IOException e) {
> > > > LOG.error(e.getMessage(), e);
> > > > }
> > > >
> > > > =======================
> > > >
> > > > Any clues will be appreciated.
> > >
> > > Hi Petar
> > >
> > > Classic HttpClient 5.0 support HTTP/1.1 version only. You need to
> > > migrate to HttpAsyncClient 5.0 to be able to use HTTP/2.
> > >
> > > For migration instructions you can refer to this migration guide
> > >
> > > https://ok2c.github.io/httpclient-migration-guide/
> > >
> > > Oleg
> > >
> > >
> > >
> > >
> > > ---------------------------------------------------------------
> > > ------
> > > To unsubscribe, e-mail:
> > > httpclient-users-unsubscr...@hc.apache.org
> > > For additional commands, e-mail:
> > > httpclient-users-h...@hc.apache.org
> > >
> > >
> >
> > --
> > Regards, Petar!
> > Karlovo, Bulgaria.
> > ---
> > Public PGP Key at:
> >
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x19658550C3110611
> > Key Fingerprint: A369 A7EE 61BC 93A3 CDFF 55A5 1965 8550 C311 0611
> >
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org
For additional commands, e-mail: httpclient-users-h...@hc.apache.org
