无法通过代理隧道。代理通过https返回“HTTP / 1.1 407”

时间:2013-02-25 18:29:37

标签: authentication https proxy apache-wink http-tunneling

我尝试通过需要身份验证的https连接到服务器。此外,我在中间有一个http代理,也需要身份验证。我使用ProxyAuthSecurityHandler对代理进行身份验证,使用BasicAuthSecurityHandler对服务器进行身份验证。

接收java.io.IOException:无法通过代理隧道。 

Proxy returns "HTTP/1.1 407 Proxy Auth Required"

at sun.net.www.protocol.http.HttpURLConnection.doTunneling(HttpURLConnection.java:1525)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect (AbstractDelegateHttpsURLConnection.java:164)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:133)
at org.apache.wink.client.internal.handlers.HttpURLConnectionHandler.processRequest(HttpURLConnectionHandler.java:97)

我注意到ProxyAuthSecurityHandler的实现期待响应代码407但是,在调试期间,由于抛出了IOException,我们永远不会到达第二部分。

代码快照:

ClientConfig configuration = new ClientConfig();
configuration.connectTimeout(timeout);

MyBasicAuthenticationSecurityHandler basicAuthProps = new MyBasicAuthenticationSecurityHandler();
basicAuthProps.setUserName(user);
basicAuthProps.setPassword(password);
configuration.handlers(basicAuthProps);

if ("true".equals(System.getProperty("setProxy"))) {
    configuration.proxyHost(proxyHost);
    if ((proxyPort != null) && !proxyPort.equals("")) {
        configuration.proxyPort(Integer.parseInt(proxyPort));
    }

    MyProxyAuthSecurityHandler proxyAuthSecHandler =
            new MyProxyAuthSecurityHandler();
    proxyAuthSecHandler.setUserName(proxyUser);
    proxyAuthSecHandler.setPassword(proxyPass);
    configuration.handlers(proxyAuthSecHandler);
}

restClient = new RestClient(configuration);
// create the createResourceWithSessionCookies instance to interact with

Resource resource = getResource(loginUrl);

// Request body is empty
ClientResponse response = resource.post(null);

尝试使用wink客户端版本1.1.2和1.2.1。问题在两者中重复出现。

2 个答案:

答案 0 :(得分:3)

我发现当尝试使用https url传递代理时,我们首先发送CONNECT,然后尝试发送请求。代理服务器无法读取我们附加到请求的任何头部,因为它没有密钥来解密流量。 这意味着CONNECT应该已经有代理的用户/传递来通过此阶段。 这是我使用的代码快照 - 对我有用:

import sun.misc.BASE64Encoder;
import java.io.*;
import java.net.*;

public class ProxyPass {
    public ProxyPass(String proxyHost, int proxyPort, final String userid, final String password, String url) {

        try {
        /* Create a HttpURLConnection Object and set the properties */
            URL u = new URL(url);
            Proxy proxy =
            new Proxy(Proxy.Type.HTTP, new InetSocketAddress(proxyHost, proxyPort));
            HttpURLConnection uc = (HttpURLConnection)u.openConnection(proxy);

            Authenticator.setDefault(new Authenticator() {
            @Override
            protected PasswordAuthentication getPasswordAuthentication() {
            if (getRequestorType().equals(RequestorType.PROXY)) {
            return new PasswordAuthentication(userid, password.toCharArray());
            }
            return super.getPasswordAuthentication();
            }
            });

            uc.connect();

            /* Print the content of the url to the console. */
            showContent(uc);
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    private void showContent(HttpURLConnection uc) throws IOException {
        InputStream i = uc.getInputStream();
        char c;
        InputStreamReader isr = new InputStreamReader(i);
        BufferedReader br = new BufferedReader(isr);
        String line;
        while ((line = br.readLine()) != null) {
            System.out.println(line);
        }
    }

    public static void main(String[] args) {

        String proxyhost = "proxy host";
        int proxyport = port;
        String proxylogin = "proxy username";
        String proxypass = "proxy password";
        String url = "https://....";
        new ProxyPass(proxyhost, proxyport, proxylogin, proxypass, url);

    }
    }

如果您使用wink - 就像我一样,您需要在ClientConfig中设置代理,然后再将其传递给RestClient设置默认身份验证器。

ClientConfig configuration = new ClientConfig();
    configuration.connectTimeout(timeout);

    BasicAuthenticationSecurityHandler basicAuthProps = new BasicAuthenticationSecurityHandler();
    basicAuthProps.setUserName(user);
    basicAuthProps.setPassword(password);
    configuration.handlers(basicAuthProps);

    if (proxySet()) {
        configuration.proxyHost(proxyHost);
        if ((proxyPort != null) && !proxyPort.equals("")) {
            configuration.proxyPort(Integer.parseInt(proxyPort));
        }
        Authenticator.setDefault(new Authenticator() {
            @Override
            protected PasswordAuthentication getPasswordAuthentication() {
                if (getRequestorType().equals(RequestorType.PROXY)) {
                    return new PasswordAuthentication(proxyUser), proxyPass.toCharArray());
                }
                return super.getPasswordAuthentication();
            }
        });
    }

    restClient = new RestClient(configuration);
    Resource resource = getResource(loginUrl);

    // Request body is empty
    ClientResponse response = resource.post(null);
    if (response.getStatusCode() != Response.Status.OK.getStatusCode()) {
        throw new RestClientException("Authentication failed for user " + user);
    }

答案 1 :(得分:0)

如果 Ilana Platonov answer不起作用,请尝试编辑变量:

jdk.http.auth.tunneling.disabledSchemes  
jdk.http.auth.proxying.disabledSchemes
相关问题
最新问题