If you were able to solve this, can you help how? i am in a similar situation.
Mudnal, Fayaz K wrote: > > I set the auth realm to AuthScope.ANY, but this did not work either: > httpstate.setCredentials(AuthScope.ANY, credentials); > > Fayaz > > -----Original Message----- > From: Mudnal, Fayaz K [mailto:[email protected]] > Sent: Tuesday, October 12, 2010 4:19 PM > To: [email protected] > Subject: HTTPS redirects and then basic auth fails > > Hi > I am trying to upload a file to a https site. The site redirects 3 times > and then login fails with a 401 error. I am using HttpClient 3.0. The > server folks said they could not see the credentials on their side. I > would greatly appreciate any help. Here is the code: > > String header = "multipart/form-data"; > PostMethod method = null; > > try { > HttpClient client = new HttpClient(); > HostConfiguration hostConfig = client.getHostConfiguration(); > hostConfig.setHost(new URI(URL, true)); > LOGGER.debug("Open connection to: " + URL); > if (username != null && password != null && > username.trim().length() > 0 && password.trim().length() > 0) { > LOGGER.debug("Setting credentials."); > Credentials credentials = new > UsernamePasswordCredentials(username, password); > AuthScope authScope = new AuthScope(hostConfig.getHost(), > hostConfig.getPort()); > HttpState state = client.getState(); > state.setCredentials(authScope, credentials); > LOGGER.debug("Credentials set"); > List authPrefs = new ArrayList(3); > authPrefs.add(AuthPolicy.BASIC); > authPrefs.add(AuthPolicy.DIGEST); > authPrefs.add(AuthPolicy.NTLM); > > > client.getParams().setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, > authPrefs); > client.getParams().setAuthenticationPreemptive(true); > LOGGER.debug("Preemptive Authentication set"); > } > RequestEntity entity = new > InputStreamRequestEntity(inputStream, "application/upload"); > method = new PostMethod(URL); > method.setRequestEntity(entity); > LOGGER.debug("FileInputStream set"); > method.setRequestHeader("filename", fileName); > method.setRequestHeader("Content-Type", header); > method.setRequestHeader("Content-Disposition", "form-data"); > method.setDoAuthentication(true); > method.setFollowRedirects( false ); > LOGGER.debug("Uploading file..."); > int responseStatusCode = client.executeMethod(hostConfig, > method); > LOGGER.debug("HTTPS ResponseStatusCode=" + > responseStatusCode); > LOGGER.debug(method.getStatusLine()); > LOGGER.debug(method.getResponseBodyAsString()); > > // Handle redirects > int redirResponseStatusCode = 0; > if (responseStatusCode == HttpStatus.SC_MOVED_TEMPORARILY || > responseStatusCode == HttpStatus.SC_MOVED_PERMANENTLY > || > responseStatusCode == HttpStatus.SC_SEE_OTHER || > responseStatusCode == > HttpStatus.SC_TEMPORARY_REDIRECT) { > > LOGGER.debug("Redirection encountered:" + > responseStatusCode); > // handle a max of 10 redirects > for (int i = 1; i < 11; i++) { > LOGGER.debug("Redirect attempt: " + i); > redirResponseStatusCode = 0; > > Header locationHeader = > method.getResponseHeader("location"); > if (locationHeader == null) { > throw new DeliveryException("Redirected without a > location"); > } > String location = locationHeader.getValue(); > hostConfig.setHost(new URI(location, true)); > method.setURI(new URI(location, true)); > > if (username != null && password != null && > username.trim().length() > 0 && password.trim().length() > 0) { > LOGGER.debug("Setting credentials for redirect."); > Credentials credentials = new > UsernamePasswordCredentials(username, password); > AuthScope authScope = new > AuthScope(hostConfig.getHost(), hostConfig.getPort()); > HttpState state = client.getState(); > state.setCredentials(authScope, credentials); > LOGGER.debug("Credentials set"); > List authPrefs = new ArrayList(3); > authPrefs.add(AuthPolicy.BASIC); > authPrefs.add(AuthPolicy.DIGEST); > authPrefs.add(AuthPolicy.NTLM); > > > client.getParams().setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, > authPrefs); > > //client.getState().setAuthenticationPreemptive(true); > > client.getParams().setAuthenticationPreemptive(true); > LOGGER.debug("Preemptive Authentication set"); > } > > > LOGGER.debug("Redirecting to location:" + location); > redirResponseStatusCode = > client.executeMethod(hostConfig, method); > > > LOGGER.debug("HTTPS RedirectResponseStatusCode=" + > redirResponseStatusCode); > LOGGER.debug(method.getStatusLine()); > LOGGER.debug(method.getResponseBodyAsString()); > if (redirResponseStatusCode != > HttpStatus.SC_MOVED_TEMPORARILY && > redirResponseStatusCode != > HttpStatus.SC_MOVED_PERMANENTLY && > redirResponseStatusCode != > HttpStatus.SC_SEE_OTHER && > redirResponseStatusCode != > HttpStatus.SC_TEMPORARY_REDIRECT) > break; > > if (i == 10) {LOGGER.debug("MAX Redirects > exceeded.");} > } > } > // Handle redirects > > if ((responseStatusCode >= 400)||(redirResponseStatusCode >= > 400)) { > LOGGER.debug("File upload via HTTPS failed."); > throw new DeliveryException("File upload via HTTPS > failed."); > } else > LOGGER.debug("File upload via HTTPS Successful."); > > } catch (Exception e) { > LOGGER.debug("File upload via HTTPS failed."); > e.printStackTrace(); > throw new DeliveryException(e); > } finally { > method.releaseConnection(); > } > > Here are the logs: > [10/12/10 0:52:56:136 GMT] 00000164 SystemOut O - username:xxxxx > password:xxxxx > [10/12/10 0:52:56:137 GMT] 00000164 SystemOut O - Open connection to: > https://159.37.35.247/ > [10/12/10 0:52:56:137 GMT] 00000164 SystemOut O - Setting credentials. > [10/12/10 0:52:56:138 GMT] 00000164 SystemOut O - Credentials set > [10/12/10 0:52:56:139 GMT] 00000164 SystemOut O - Preemptive > Authentication set > [10/12/10 0:52:56:140 GMT] 00000164 SystemOut O - FileInputStream set > [10/12/10 0:52:56:141 GMT] 00000164 SystemOut O - Uploading file... > [10/12/10 0:52:56:452 GMT] 00000164 HttpMethodDir I > org.apache.commons.httpclient.HttpMethodDirector isRedirectNeeded Redirect > requested but followRedirects is disabled > [10/12/10 0:52:56:459 GMT] 00000164 SystemOut O - HTTPS > ResponseStatusCode=302 > [10/12/10 0:52:56:459 GMT] 00000164 SystemOut O - HTTP/1.1 302 Found > [10/12/10 0:52:56:459 GMT] 00000164 HttpMethodBas W > org.apache.commons.httpclient.HttpMethodBase getResponseBody Going to > buffer response body of large or unknown size. Using > getResponseBodyAsStream instead is recommended. > [10/12/10 0:52:56:475 GMT] 00000164 SystemOut O - <!DOCTYPE HTML > PUBLIC "-//IETF//DTD HTML 2.0//EN"> > <HTML><HEAD> > <TITLE>302 Found</TITLE> > </HEAD><BODY> > <H1>Found</H1> > The document has moved > https://159.37.35.247:443/?&STCO=1TLOxTpeXQHAAAEqsStY&STCOEND here > .<P> > <P>Additionally, a 302 Found > error was encountered while trying to use an ErrorDocument to handle the > request. > </BODY></HTML> > > [10/12/10 0:52:56:475 GMT] 00000164 SystemOut O - Redirection > encountered:302 > [10/12/10 0:52:56:476 GMT] 00000164 SystemOut O - Redirect attempt: 1 > [10/12/10 0:52:56:476 GMT] 00000164 SystemOut O - Setting credentials > for redirect. > [10/12/10 0:52:56:477 GMT] 00000164 SystemOut O - Credentials set > [10/12/10 0:52:56:478 GMT] 00000164 SystemOut O - Preemptive > Authentication set > [10/12/10 0:52:56:478 GMT] 00000164 SystemOut O - Redirecting to > location:https://159.37.35.247:443/?&STCO=1TLOxTpeXQHAAAEqsStY&STCOEND > [10/12/10 0:52:56:561 GMT] 00000164 HttpMethodDir I > org.apache.commons.httpclient.HttpMethodDirector isRedirectNeeded Redirect > requested but followRedirects is disabled > [10/12/10 0:52:56:568 GMT] 00000164 SystemOut O - HTTPS > RedirectResponseStatusCode=302 > [10/12/10 0:52:56:568 GMT] 00000164 SystemOut O - HTTP/1.1 302 Found > [10/12/10 0:52:56:569 GMT] 00000164 HttpMethodBas W > org.apache.commons.httpclient.HttpMethodBase getResponseBody Going to > buffer response body of large or unknown size. Using > getResponseBodyAsStream instead is recommended. > [10/12/10 0:52:56:584 GMT] 00000164 SystemOut O - <!DOCTYPE HTML > PUBLIC "-//IETF//DTD HTML 2.0//EN"> > <HTML><HEAD> > <TITLE>302 Found</TITLE> > </HEAD><BODY> > <H1>Found</H1> > The document has moved > https://159.37.35.247/?&STCO=2TLOxTpeXQHAAAEqsStY&STCOEND here > .<P> > <P>Additionally, a 302 Found > error was encountered while trying to use an ErrorDocument to handle the > request. > </BODY></HTML> > > [10/12/10 0:52:56:585 GMT] 00000164 SystemOut O - Redirect attempt: 2 > [10/12/10 0:52:56:585 GMT] 00000164 SystemOut O - Setting credentials > for redirect. > [10/12/10 0:52:56:586 GMT] 00000164 SystemOut O - Credentials set > [10/12/10 0:52:56:586 GMT] 00000164 SystemOut O - Preemptive > Authentication set > [10/12/10 0:52:56:587 GMT] 00000164 SystemOut O - Redirecting to > location:https://159.37.35.247/?&STCO=2TLOxTpeXQHAAAEqsStY&STCOEND > [10/12/10 0:52:56:672 GMT] 00000164 HttpMethodDir I > org.apache.commons.httpclient.HttpMethodDirector isRedirectNeeded Redirect > requested but followRedirects is disabled > [10/12/10 0:52:56:680 GMT] 00000164 SystemOut O - HTTPS > RedirectResponseStatusCode=302 > [10/12/10 0:52:56:681 GMT] 00000164 SystemOut O - HTTP/1.1 302 Found > [10/12/10 0:52:56:681 GMT] 00000164 HttpMethodBas W > org.apache.commons.httpclient.HttpMethodBase getResponseBody Going to > buffer response body of large or unknown size. Using > getResponseBodyAsStream instead is recommended. > [10/12/10 0:52:56:696 GMT] 00000164 SystemOut O - <!DOCTYPE HTML > PUBLIC "-//IETF//DTD HTML 2.0//EN"> > <HTML><HEAD> > <TITLE>302 Found</TITLE> > </HEAD><BODY> > <H1>Found</H1> > The document has moved https://159.37.35.247/ here .<P> > <P>Additionally, a 302 Found > error was encountered while trying to use an ErrorDocument to handle the > request. > </BODY></HTML> > > [10/12/10 0:52:56:696 GMT] 00000164 SystemOut O - Redirect attempt: 3 > [10/12/10 0:52:56:697 GMT] 00000164 SystemOut O - Setting credentials > for redirect. > [10/12/10 0:52:56:698 GMT] 00000164 SystemOut O - Credentials set > [10/12/10 0:52:56:698 GMT] 00000164 SystemOut O - Preemptive > Authentication set > [10/12/10 0:52:56:698 GMT] 00000164 SystemOut O - Redirecting to > location:https://159.37.35.247/ > [10/12/10 0:52:56:778 GMT] 00000164 AuthChallenge I > org.apache.commons.httpclient.auth.AuthChallengeProcessor selectAuthScheme > Basic authentication scheme selected [10/12/10 0:52:56:786 GMT] 00000164 > HttpMethodDir I org.apache.commons.httpclient.HttpMethodDirector > processWWWAuthChallenge Failure authenticating with BASIC > 'FileDriveWWW'@159.37.35.247:443 > [10/12/10 0:52:56:792 GMT] 00000164 SystemOut O - HTTPS > RedirectResponseStatusCode=401 > [10/12/10 0:52:56:792 GMT] 00000164 SystemOut O - HTTP/1.1 401 > Authorization Required > [10/12/10 0:52:56:793 GMT] 00000164 HttpMethodBas W > org.apache.commons.httpclient.HttpMethodBase getResponseBody Going to > buffer response body of large or unknown size. Using > getResponseBodyAsStream instead is recommended. > [10/12/10 0:52:56:809 GMT] 00000164 SystemOut O - <!DOCTYPE HTML > PUBLIC "-//IETF//DTD HTML 2.0//EN"> > <HTML><HEAD> > <TITLE>401 Authorization Required</TITLE> </HEAD><BODY> <H1>Authorization > Required</H1> This server could not verify that you are authorized to > access the document requested. Either you supplied the wrong credentials > (e.g., bad password), or your browser doesn't understand how to supply the > credentials required.<P> </BODY></HTML> > > [10/12/10 0:52:56:809 GMT] 00000164 SystemOut O - File upload via > HTTPS failed. > > > Thanks > Fayaz > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > > -- View this message in context: http://old.nabble.com/HTTPS-redirects-and-then-basic-auth-fails-tp29948240p31227255.html Sent from the HttpClient-User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
