[
https://issues.apache.org/jira/browse/SYNAPSE-858?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Hiranya Jayathilaka updated SYNAPSE-858:
----------------------------------------
Priority: Minor (was: Critical)
I believe this is a new feature that needs to be implemented for the PT
transport. Can do it for a future release.
> Synapse doesn't forward requests via proxyserver for a 'https' endpoint
> -----------------------------------------------------------------------
>
> Key: SYNAPSE-858
> URL: https://issues.apache.org/jira/browse/SYNAPSE-858
> Project: Synapse
> Issue Type: Bug
> Components: Core
> Affects Versions: NIGHTLY
> Reporter: Vijayaratha Vijayasingam
> Priority: Minor
> Fix For: FUTURE
>
> Attachments: nhttpSSLProxy.patch
>
>
> Synapse doesn't work when we configure 'http' proxy to talk to 'https'
> endpoint via a proxyserver.
> At axis2.xml transport sender configuration,when we add following two
> parameters[1], which are not picked by backend
> [1] <parameter locked="false" name="http.proxyHost">10.100.1.162</parameter>
> <parameter locked="false" name="http.proxyPort">443</parameter>
> //https port number
> <parameter name="HostnameVerifier">AllowAll</parameter>
> This is because, @ HttpCoreNIOSender class, the condition is like,
> if (sslContext == null) {
> proxyHost =
> proxyPort =
> }
> if we remove (sslContext==null) condition then both scenarios(http/https
> sender) work fine..(But not sure how this will affect the system's security)
> Configurations
> --------------------
> Proxy;
> <proxy name="TestProxy" transports="http" startOnLoad="true" trace="disable">
> <target>
> <inSequence>
> <send>
> <endpoint>
> <address
> uri="https://localhost:9444/services/SimpleStockQuoteService"/>
> </endpoint>
> </send>
> </inSequence>
> <outSequence>
> <send/>
> </outSequence>
> </target>
> </proxy>
> TransportSender
> -----------------------
> <transportSender name="http"
> class="org.apache.synapse.transport.nhttp.HttpCoreNIOSender">
> <parameter name="non-blocking" locked="false">true</parameter>
> <parameter locked="false"
> name="http.proxyHost">10.100.1.162</parameter>
> <parameter locked="false" name="http.proxyPort">80</parameter>
> </transportSender>
> <transportSender name="https"
> class="org.apache.synapse.transport.nhttp.HttpCoreNIOSSLSender">
> <parameter name="non-blocking" locked="false">true</parameter>
> <parameter name="keystore" locked="false">
> <KeyStore>
>
> <Location>repository/resources/security/wso2carbon.jks</Location>
> <Type>JKS</Type>
> <Password>wso2carbon</Password>
> <KeyPassword>wso2carbon</KeyPassword>
> </KeyStore>
> </parameter>
> <parameter name="truststore" locked="false">
> <TrustStore>
>
> <Location>repository/resources/security/client-truststore.jks</Location>
> <Type>JKS</Type>
> <Password>wso2carbon</Password>
> </TrustStore>
> </parameter>
> <parameter locked="false" name="http.proxyHost">10.100.1.162</parameter>
> <parameter locked="false" name="http.proxyPort">443</parameter>
> <parameter name="HostnameVerifier">AllowAll</parameter>
> </transportSender>
> f we remove (sslContext==null) condition then both scenarios(http/https
> sender) work fine..But I'm not sure how this will affect other scenarios..
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@synapse.apache.org
For additional commands, e-mail: dev-h...@synapse.apache.org
