On Sun, 2007-04-22 at 17:04 -0700, RossW wrote:
>
> olegk wrote:
> >
> >
> > Ross,
> >
> > (1) What is the version of JRE you are using?
> >
> > (2) Please post a _complete_ wire log of the HTTP session. Feel free to
> > obfuscate whatever details you deem sensitive. The information given so
> > far is simply not sufficient to identify the cause of the problem.
> >
> > Oleg
> >
> >
> >>
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
> >
>
> Hi thanks for your help...Here is the output from the logging.
>
> <pre>
> 2007/04/23 09:55:26:968 EST [DEBUG] HttpClient - Java version: 1.6.0
> 2007/04/23 09:55:26:968 EST [DEBUG] HttpClient - Java vendor: Sun
> Microsystems Inc.
> 2007/04/23 09:55:26:968 EST [DEBUG] HttpClient - Java class path:
> C:\Documents and Settings\User\Workspace\HTTPDApp;C:\Program
> Files\eclipse\plugins\org.eclipse.swt.win32.win32.x86_3.2.2.v3235a.jar
> 2007/04/23 09:55:26:984 EST [DEBUG] HttpClient - Operating system name:
> Windows XP
> 2007/04/23 09:55:26:984 EST [DEBUG] HttpClient - Operating system
> architecture: x86
> 2007/04/23 09:55:26:984 EST [DEBUG] HttpClient - Operating system version:
> 5.1
> 2007/04/23 09:55:27:062 EST [DEBUG] HttpClient - SUN 1.6: SUN (DSA
> key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom;
> X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX
> CertPathBuilder; LDAP, Collection CertStores, JavaPolicy Policy;
> JavaLoginConfig Configuration)
> 2007/04/23 09:55:27:062 EST [DEBUG] HttpClient - SunRsaSign 1.5: Sun RSA
> signature provider
> 2007/04/23 09:55:27:062 EST [DEBUG] HttpClient - SunJSSE 1.6: Sun JSSE
> provider(PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
> 2007/04/23 09:55:27:078 EST [DEBUG] HttpClient - SunJCE 1.6: SunJCE Provider
> (implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE,
> Diffie-Hellman, HMAC)
> 2007/04/23 09:55:27:093 EST [DEBUG] HttpClient - SunJGSS 1.0: Sun (Kerberos
> v5, SPNEGO)
> 2007/04/23 09:55:27:093 EST [DEBUG] HttpClient - SunSASL 1.5: Sun SASL
> provider(implements client mechanisms for: DIGEST-MD5, GSSAPI, EXTERNAL,
> PLAIN, CRAM-MD5; server mechanisms for: DIGEST-MD5, GSSAPI, CRAM-MD5)
> 2007/04/23 09:55:27:093 EST [DEBUG] HttpClient - XMLDSig 1.0: XMLDSig (DOM
> XMLSignatureFactory; DOM KeyInfoFactory)
> 2007/04/23 09:55:27:093 EST [DEBUG] HttpClient - SunPCSC 1.6: Sun PC/SC
> provider
> 2007/04/23 09:55:27:093 EST [DEBUG] HttpClient - SunMSCAPI 1.6: Sun's
> Microsoft Crypto API provider
> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
> http.useragent = Jakarta Commons-HttpClient/3.1-alpha1
> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
> http.protocol.version = HTTP/1.1
> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
> http.connection-manager.class = class
> org.apache.commons.httpclient.SimpleHttpConnectionManager
> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
> http.protocol.cookie-policy = default
> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
> http.protocol.element-charset = US-ASCII
> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
> http.protocol.content-charset = ISO-8859-1
> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
> http.method.retry-handler =
> [EMAIL PROTECTED]
> 2007/04/23 09:55:27:093 EST [DEBUG] DefaultHttpParams - Set parameter
> http.dateparser.patterns = [EEE, dd MMM yyyy HH:mm:ss zzz, EEEE, dd-MMM-yy
> HH:mm:ss zzz, EEE MMM d HH:mm:ss yyyy, EEE, dd-MMM-yyyy HH:mm:ss z, EEE,
> dd-MMM-yyyy HH-mm-ss z, EEE, dd MMM yy HH:mm:ss z, EEE dd-MMM-yyyy HH:mm:ss
> z, EEE dd MMM yyyy HH:mm:ss z, EEE dd-MMM-yyyy HH-mm-ss z, EEE dd-MMM-yy
> HH:mm:ss z, EEE dd MMM yy HH:mm:ss z, EEE,dd-MMM-yy HH:mm:ss z,
> EEE,dd-MMM-yyyy HH:mm:ss z, EEE, dd-MM-yyyy HH:mm:ss z]
> 2007/04/23 09:55:27:093 EST [DEBUG] HttpConnection - Open connection to
> www.securesite.com:443
> 2007/04/23 09:55:48:359 EST [DEBUG] HttpMethodDirector - Closing the
> connection.
> 2007/04/23 09:55:48:359 EST [INFO] HttpMethodDirector - I/O exception
> (java.net.ConnectException) caught when processing request: Connection timed
> out: connect
> 2007/04/23 09:55:48:359 EST [DEBUG] HttpMethodDirector - Connection timed
> out: connect <java.net.ConnectException: Connection timed out:
> connect>java.net.ConnectException: Connection timed out: connect
> at java.net.PlainSocketImpl.socketConnect(Native Method)
> at java.net.PlainSocketImpl.doConnect(Unknown Source)
> at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
> at java.net.PlainSocketImpl.connect(Unknown Source)
> at java.net.SocksSocketImpl.connect(Unknown Source)
> at java.net.Socket.connect(Unknown Source)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(Unknown Source)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.<init>(Unknown Source)
> at
> com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl.createSocket(Unknown
> Source)
> at
> org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.createSocket(Unknown
> Source)
> at
> org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.createSocket(Unknown
> Source)
> at org.apache.commons.httpclient.HttpConnection.open(Unknown Source)
> at
> org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown
> Source)
> at
> org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown
> Source)
> at org.apache.commons.httpclient.HttpClient.executeMethod(Unknown
> Source)
> at org.apache.commons.httpclient.HttpClient.executeMethod(Unknown
> Source)
>
> <removed trace from here down>
>
> 2007/04/23 09:55:48:359 EST [INFO] HttpMethodDirector - Retrying request
> 2007/04/23 09:55:48:359 EST [DEBUG] HttpConnection - Open connection to
> www.securesite.com:443
>
> So just to add to this posting ill give your some info about what i am
> trying to do again. I have a secure site with with basic authentication
> that i need to access. I can get my app to access a non SSL site with basic
> authent without any probs but have been unable to do the same with a
> particular intra network SSL site. Here is the code i have to deal with the
> certificates as well:
>
Ross,
This appears to be some kind of connectivity problem. Is this an
intranet or internet site? Can you establish a connection to that site
using a browser?
You do not explicitly set a connect timeout value, so JRE the default
one applies. Try explicitly setting the connect timeout value to
something like 10 min and see what happens.
Oleg
> TrustManager[] trustAllCerts = new TrustManager[]{
> new X509TrustManager() {
> public java.security.cert.X509Certificate[]
> getAcceptedIssuers() {
> return null;
> }
> public void checkClientTrusted(
> java.security.cert.X509Certificate[] certs, String
> authType) {
> }
> public void checkServerTrusted(
> java.security.cert.X509Certificate[] certs, String
> authType) {
> }
> }
> };
>
> try {
> SSLContext sc = SSLContext.getInstance("SSLv3");
> sc.init(null, trustAllCerts, new java.security.SecureRandom());
>
> HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
> } catch (Exception e) {
>
> e.getMessage();
>
> }
>
> </pre>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
