httpclient and siteminder

wilson wong Mon, 02 Oct 2006 07:58:15 -0700


Hi All


New to this group, I apologize if the following
questions have been asked before.

Try to use HTTPClient to connect to a WebServer(https)
that is protected by Siteminder

1.      From a standalone JAVA program.
           String url =
"https://www.foo.com/apps?showme.do?id=12345";;

           HttpClient hc = new HttpClient();
          Credentials defaultcreds = new
UsernamePasswordCredentials("username", "password");
          hc.getState().setCredentials(new
AuthScope("https://www.foo.com/apps";, 443),
defaultcreds);   
     

        try
        {
        PostMethod post = new PostMethod(url);
           I   nt rc = hc.executeMethod(post);
        System.out.println("------ RC = "  + rc);
        System.out.println( post.getResponseBodyAsString());
        
        }
        
        catch (Exception e)
        {
                System.out.println("---- e --" + e.getMessage());
                e.printStackTrace();
                
        }       
        
         I keep getting "401" return code/
          Here is the runtime result:
          Please note that the actual url has been
replaced with www.foo.com


DEBUG 10:17:20 HttpClient - Java version: 1.4.1_03
DEBUG 10:17:20 HttpClient - Java vendor: Sun
Microsystems Inc.
DEBUG 10:17:20 HttpClient - Java class path: ......
DEBUG 10:17:20 HttpClient - Operating system name:
Windows XP
DEBUG 10:17:20 HttpClient - Operating system
architecture: x86
DEBUG 10:17:20 HttpClient - Operating system version:
5.1
DEBUG 10:17:20 HttpClient - SUN 1.2: SUN (DSA
key/parameter generation; 
DSA
signing; SHA-1, MD5 digests; SecureRandom; X.509
certificates; JKS 
keystore;
PKIX CertPathValidator; PKIX CertPathBuilder; LDAP,
Collection 
CertStores)
DEBUG 10:17:20 HttpClient - SunJSSE 1.41: Sun JSSE
provider(implements 
RSA
Signatures, PKCS12, SunX509 key/trust factories,
SSLv3, TLSv1)
DEBUG 10:17:20 HttpClient - SunRsaSign 1.0: SUN's
provider for RSA
signatures
DEBUG 10:17:20 HttpClient - SunJCE 1.4: SunJCE
Provider (implements 
DES,
Triple DES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5,
HMAC-SHA1)
DEBUG 10:17:20 HttpClient - SunJGSS 1.0: Sun (Kerberos
v5)
DEBUG 10:17:20 DefaultHttpParams - Set parameter
http.useragent = 
Jakarta
Commons-HttpClient/3.0
DEBUG 10:17:20 DefaultHttpParams - Set parameter
http.protocol.version 
=
HTTP/1.1
DEBUG 10:17:20 DefaultHttpParams - Set parameter
http.connection-manager.class = class
org.apache.commons.httpclient.SimpleHttpConnectionManager
DEBUG 10:17:20 DefaultHttpParams - Set parameter 
http.protocol.cookie-policy
= rfc2109
DEBUG 10:17:20 DefaultHttpParams - Set parameter
http.protocol.element-charset = US-ASCII
DEBUG 10:17:20 DefaultHttpParams - Set parameter
http.protocol.content-charset = ISO-8859-1
DEBUG 10:17:20 DefaultHttpParams - Set parameter 
http.method.retry-handler =
[EMAIL PROTECTED]
DEBUG 10:17:20 DefaultHttpParams - Set parameter 
http.dateparser.patterns =
[EEE, dd MMM yyyy HH:mm:ss zzz, EEEE, dd-MMM-yy
HH:mm:ss zzz, EEE MMM d
HH:mm:ss yyyy, EEE, dd-MMM-yyyy HH:mm:ss z, EEE,
dd-MMM-yyyy HH-mm-ss 
z,
EEE, dd MMM yy HH:mm:ss z, EEE dd-MMM-yyyy HH:mm:ss z,
EEE dd MMM yyyy
HH:mm:ss z, EEE dd-MMM-yyyy HH-mm-ss z, EEE dd-MMM-yy
HH:mm:ss z, EEE 
dd MMM
yy HH:mm:ss z, EEE,dd-MMM-yy HH:mm:ss z,
EEE,dd-MMM-yyyy HH:mm:ss z, 
EEE,
dd-MM-yyyy HH:mm:ss z]
DEBUG 10:17:22 HttpState - enter
HttpState.setCredentials(AuthScope,
Credentials)
DEBUG 10:17:25 HttpMethodBase -
HttpMethodBase.addRequestHeader(Header)
DEBUG 10:17:26 HttpMethodBase -
HttpMethodBase.addRequestHeader(Header)
DEBUG 10:17:26 HttpMethodBase -
HttpMethodBase.addRequestHeader(Header)
DEBUG 10:17:28 EntityEnclosingMethod - enter
EntityEnclosingMethod.setRequestBody(InputStream)
DEBUG 10:17:28 PostMethod - enter
PostMethod.clearRequestBody()
DEBUG 10:17:28 EntityEnclosingMethod - enter
EntityEnclosingMethod.clearRequestBody()
DEBUG 10:17:29 HttpClient - enter
HttpClient.executeMethod(HttpMethod)
DEBUG 10:17:29 HttpClient - enter
HttpClient.executeMethod(HostConfiguration,HttpMethod,HttpState)
DEBUG 10:17:29 HttpMethodDirector - Attempt number 1
to process request
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.open()
DEBUG 10:17:29 HttpConnection - Open connection to
www.foo.com:443
<www.foo.com:443> 
DEBUG 10:17:29 HttpMethodBase - enter
HttpMethodBase.execute(HttpState,
HttpConnection)
DEBUG 10:17:29 HttpMethodBase - enter 
HttpMethodBase.writeRequest(HttpState,
HttpConnection)
DEBUG 10:17:29 HttpMethodBase - enter
HttpMethodBase.writeRequestLine(HttpState,
HttpConnection)
DEBUG 10:17:29 HttpMethodBase - enter
HttpMethodBase.generateRequestLine(HttpConnection,
String, String, 
String,
String)
DEBUG 10:17:29 Wire - >> "POST
/apps?showme.do?id=12345 
HTTP/1.1[\r][\n]"
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.print(String)
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[])
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[], int, 
int)
DEBUG 10:17:29 HttpMethodBase - enter
HttpMethodBase.writeRequestHeaders(HttpState,HttpConnection)
DEBUG 10:17:29 EntityEnclosingMethod - enter
EntityEnclosingMethod.addRequestHeaders(HttpState,
HttpConnection)
DEBUG 10:17:29 ExpectContinueMethod - enter
ExpectContinueMethod.addRequestHeaders(HttpState,
HttpConnection)
DEBUG 10:17:29 HttpMethodBase - enter
HttpMethodBase.addRequestHeaders(HttpState,
HttpConnection)
DEBUG 10:17:29 HttpMethodBase - enter
HttpMethodBase.addUserAgentRequestHeaders(HttpState,
HttpConnection)
DEBUG 10:17:29 HttpMethodBase - enter
HttpMethodBase.addHostRequestHeader(HttpState,
HttpConnection)
DEBUG 10:17:29 HttpMethodBase - Adding Host request
header
DEBUG 10:17:29 HttpMethodBase - enter
HttpMethodBase.addCookieRequestHeader(HttpState,
HttpConnection)
DEBUG 10:17:29 HttpState - enter
HttpState.getCookies()
DEBUG 10:17:29 CookieSpecBase - enter
CookieSpecBase.match(String, int,
String, boolean, Cookie[])
DEBUG 10:17:29 HttpMethodBase - enter
HttpMethodBase.addProxyConnectionHeader(HttpState,
HttpConnection)
DEBUG 10:17:29 EntityEnclosingMethod - enter
EntityEnclosingMethod.addContentLengthRequestHeader(HttpState,
HttpConnection)
DEBUG 10:17:29 Wire - >> "Connection:
Keep-Alive[\r][\n]"
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.print(String)
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[])
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[], int, 
int)
DEBUG 10:17:29 Wire - >> "Content-Length: 5[\r][\n]"
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.print(String)
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[])
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[], int, 
int)
DEBUG 10:17:29 Wire - >> "Content-Type:
text/xml;charset=utf-8[\r][\n]"
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.print(String)
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[])
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[], int, 
int)
DEBUG 10:17:29 Wire - >> "User-Agent: Jakarta
Commons-HttpClient/3.0[\r][\n]"
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.print(String)
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[])
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[], int, 
int)
DEBUG 10:17:29 Wire - >> "Host: www.foo.com[\r][\n
<www.foo.com[\r][\n> 
]"
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.print(String)
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[])
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[], int, 
int)
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.writeLine()
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[])
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.write(byte[], int, 
int)
DEBUG 10:17:29 Wire - >> "[\r][\n]"
DEBUG 10:17:29 EntityEnclosingMethod - enter
EntityEnclosingMethod.writeRequestBody(HttpState,
HttpConnection)
DEBUG 10:17:29 PostMethod - enter
PostMethod.hasRequestContent()
DEBUG 10:17:29 EntityEnclosingMethod - enter
EntityEnclosingMethod.hasRequestContent()
DEBUG 10:17:29 EntityEnclosingMethod - enter
EntityEnclosingMethod.renerateRequestBody()
DEBUG 10:17:29 EntityEnclosingMethod - enter
EntityEnclosingMethod.getRequestContentLength()
DEBUG 10:17:29 PostMethod - enter
PostMethod.hasRequestContent()
DEBUG 10:17:29 EntityEnclosingMethod - enter
EntityEnclosingMethod.hasRequestContent()
DEBUG 10:17:29 HttpConnection - enter
HttpConnection.getRequestOutputStream()
DEBUG 10:17:29 Wire - >> "hello"
DEBUG 10:17:30 EntityEnclosingMethod - Request body
sent
DEBUG 10:17:30 HttpConnection - enter
HttpConnection.flushRequestOutputStream()
DEBUG 10:17:30 HttpMethodBase - enter 
HttpMethodBase.readResponse(HttpState,
HttpConnection)
DEBUG 10:17:30 HttpMethodBase - enter
HttpMethodBase.readStatusLine(HttpState,
HttpConnection)
DEBUG 10:17:30 HttpConnection - enter
HttpConnection.readLine()
DEBUG 10:17:30 HttpParser - enter
HttpParser.readLine(InputStream, 
String)
DEBUG 10:17:30 HttpParser - enter
HttpParser.readRawLine()
DEBUG 10:17:30 Wire - << "HTTP/1.1 401 401: Access
Denied[\r][\n]"
DEBUG 10:17:30 HttpMethodBase - enter
HttpMethodBase.readResponseHeaders(HttpState,HttpConnection)
DEBUG 10:17:30 HttpConnection - enter
HttpConnection.getResponseInputStream()
DEBUG 10:17:30 HttpParser - enter 
HeaderParser.parseHeaders(InputStream,
String)
DEBUG 10:17:30 HttpParser - enter
HttpParser.readLine(InputStream, 
String)
DEBUG 10:17:30 HttpParser - enter
HttpParser.readRawLine()
DEBUG 10:17:30 HttpParser - enter
HttpParser.readLine(InputStream, 
String)
DEBUG 10:17:30 HttpParser - enter
HttpParser.readRawLine()
DEBUG 10:17:30 HttpParser - enter
HttpParser.readLine(InputStream, 
String)
DEBUG 10:17:30 HttpParser - enter
HttpParser.readRawLine()
DEBUG 10:17:30 HttpParser - enter
HttpParser.readLine(InputStream, 
String)
DEBUG 10:17:30 HttpParser - enter
HttpParser.readRawLine()
DEBUG 10:17:30 HttpParser - enter
HttpParser.readLine(InputStream, 
String)
DEBUG 10:17:30 HttpParser - enter
HttpParser.readRawLine()
DEBUG 10:17:30 HttpParser - enter
HttpParser.readLine(InputStream, 
String)
DEBUG 10:17:30 HttpParser - enter
HttpParser.readRawLine()
DEBUG 10:17:30 HttpParser - enter
HttpParser.readLine(InputStream, 
String)
DEBUG 10:17:30 HttpParser - enter
HttpParser.readRawLine()
DEBUG 10:17:30 HttpParser - enter
HttpParser.readLine(InputStream, 
String)
DEBUG 10:17:30 HttpParser - enter
HttpParser.readRawLine()
DEBUG 10:17:30 Wire - << "Date: Mon, 02 Oct 2006
14:17:29 GMT[\r][\n]"
DEBUG 10:17:30 Wire - << "Content-Type:
text/html[\r][\n]"
DEBUG 10:17:30 Wire - << "Connection: close[\r][\n]"
DEBUG 10:17:30 Wire - << "Server:
Netscape-Enterprise/6.0[\r][\n]"
DEBUG 10:17:30 Wire - << "WWW-authenticate: basic 
realm="WWW.FOO.COM/apps -
Enter AKO Username and Password
[09:17:30:2551]"[\r][\n]"
DEBUG 10:17:30 Wire - << "Set-Cookie: SMCHALLENGE=YES;
path=/;
domain=.foo.com[\r][\n]"
DEBUG 10:17:30 Wire - << "Via: 1.1 ROC-CTNOSC
(NetCache
NetApp/6.0.3P2)[\r][\n]"
DEBUG 10:17:30 HttpMethodBase - enter
HttpMethodBase.processResponseHeaders(HttpState,
HttpConnection)
DEBUG 10:17:30 CookieSpecBase - enter
CookieSpecBase.parse(String, 
port,
path, boolean, String)
DEBUG 10:17:30 CookieSpecBase - enter
CookieSpecBase.parse(String, 
port,
path, boolean, Header)
DEBUG 10:17:30 HeaderElement - enter 
HeaderElement.parseElements(char[])
DEBUG 10:17:31 Cookie - enter Cookie(String, String,
String, String, 
Date,
boolean)
DEBUG 10:17:31 RFC2109Spec - enter
RFC2109Spec.validate(String, int, 
String,
boolean, Cookie)
DEBUG 10:17:31 CookieSpecBase - enter
CookieSpecBase.validate(String, 
port,
path, boolean, Cookie)
DEBUG 10:17:31 HttpState - enter
HttpState.addCookie(Cookie)
DEBUG 10:17:31 RFC2109Spec - enter
RFC2109Spec.formatCookie(Cookie)
DEBUG 10:17:31 HttpMethodBase - Cookie accepted:
"$Version=0;
SMCHALLENGE=YES; $Path=/; $Domain=.foo.mil"
DEBUG 10:17:31 HttpMethodBase - enter
HttpMethodBase.readResponseBody(HttpState,
HttpConnection)
DEBUG 10:17:31 HttpMethodBase - enter
HttpMethodBase.readResponseBody(HttpConnection)
DEBUG 10:17:31 HttpConnection - enter
HttpConnection.getResponseInputStream()
DEBUG 10:17:31 HttpMethodBase - enter
HttpMethodBase.canResponseHaveBody(int)
DEBUG 10:17:31 HttpMethodDirector - Authorization
required
DEBUG 10:17:31 HttpMethodDirector - enter
HttpMethodBase.processAuthenticationResponse(HttpState,
HttpConnection)
DEBUG 10:17:31 AuthChallengeProcessor - Supported
authentication 
schemes in
the order of preference: [ntlm, digest, basic]
DEBUG 10:17:31 AuthChallengeProcessor - Challenge for
ntlm 
authentication
scheme not available
DEBUG 10:17:31 AuthChallengeProcessor - Challenge for
digest 
authentication
scheme not available
INFO  10:17:31 AuthChallengeProcessor - basic
authentication scheme 
selected
DEBUG 10:17:31 AuthChallengeProcessor - Using
authentication scheme: 
basic
DEBUG 10:17:31 AuthChallengeProcessor - Authorization
challenge 
processed
DEBUG 10:17:31 HttpMethodDirector - Authentication
scope: BASIC
'WWW.FOO.COM/apps <WWW.FOO.COM/apps> - Enter AKO
Username and Password
[09:17:30:2551]'@www.foo.com:443
DEBUG 10:17:31 HttpState - enter
HttpState.getCredentials(AuthScope)
DEBUG 10:17:31 HttpMethodDirector - Credentials
required
DEBUG 10:17:31 HttpMethodDirector - Credentials
provider not available
INFO  10:17:31 HttpMethodDirector - No credentials
available for BASIC
'WWW>FOO>COM/apps - Enter AKO Username and Password
[09:17:30:2551]'@www.foo.com:443
------ RC = 401
WARN  10:17:35 HttpMethodBase - Going to buffer
response body of large 
or
unknown size. Using getResponseBodyAsStream instead is
recommended.
DEBUG 10:17:35 HttpMethodBase - Buffering response
body
DEBUG 10:17:35 Wire - << "<HTML><HEAD><TITLE>401:
Access
Denied</TITLE></HEAD>[\n]"
DEBUG 10:17:35 Wire - << "<BODY><H1>401: Access
Denied</H1>[\n]"
DEBUG 10:17:35 Wire - << "Proper authorization is
required for this 
area.
Either your browser does not perform authorization, or
your 
authorization
has failed.[\n]"
DEBUG 10:17:35 Wire - << "</BODY></HTML>"
DEBUG 10:17:35 HttpMethodBase - Should close
connection in response to
directive: close
DEBUG 10:17:35 HttpConnection - enter
HttpConnection.close()
DEBUG 10:17:35 HttpConnection - enter 
HttpConnection.closeSockedAndStreams()
DEBUG 10:17:35 HttpConnection - enter 
HttpConnection.releaseConnection()
DEBUG 10:17:35 HttpConnection - Releasing connection
back to connection
manager.
DEBUG 10:17:35 HttpMethodBase - enter
getContentCharSet( Header
contentheader )
DEBUG 10:17:35 HeaderElement - enter 
HeaderElement.parseElements(String)
DEBUG 10:17:35 HeaderElement - enter 
HeaderElement.parseElements(char[])
DEBUG 10:17:35 HeaderElement - enter
HeaderElement.getParameterByName(String)
DEBUG 10:17:35 HttpMethodBase - Default charset used:
ISO-8859-1
<HTML><HEAD><TITLE>401: Access Denied</TITLE></HEAD>
<BODY><H1>401: Access Denied</H1>
Proper authorization is required for this area. Either
your browser 
does not
perform authorization, or your authorization has
failed.
</BODY></HTML>


        2.      We have implemented SSO with SiteMinder
                User  authenticated and logon to the main site, 
user can click on the links from the main site (which
is also protected by siteminder)  but without having
to authenticated again.
                We would like to use httpclient to connect to the
other links from the main site, how do I tell
httpclient to use the existing
session information from the main site to avoid
SiteMinder authentication again.

Thanks in advance. 

Regards
Wilson Wong

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

httpclient and siteminder

Reply via email to