On Tue, 2013-12-03 at 16:06 +0000, Tobias Woerenkaemper wrote:
> Oleg,
>
> here you go:
>
Please raise a JIRA ticket for this defect and attach your log to it (as
plain text file).
Oleg
> #############
> 2013-12-03 14:15:18,937 DEBUG
> [.http.impl.conn.PoolingHttpClientConnectionManager] - Connection request:
> [route: {}->proxyurl->targeturl][total kept alive: 0; route allocated: 0 of
> 2; total allocated: 0 of 20]
> 2013-12-03 14:15:18,949 DEBUG
> [.http.impl.conn.PoolingHttpClientConnectionManager] - Connection leased:
> [id: 0][route: {}->proxyurl->targeturl][total kept alive: 0; route allocated:
> 1 of 2; total allocated: 1 of 20]
> 2013-12-03 14:15:18,953 DEBUG [org.apache.http.impl.execchain.MainClientExec
> ] - Opening connection {}->proxyurl->targeturl
> 2013-12-03 14:15:18,955 DEBUG
> [org.apache.http.conn.HttpClientConnectionManager ] - Connecting to
> proxyurl/ip:8080
> 2013-12-03 14:15:18,958 DEBUG [org.apache.http.impl.execchain.MainClientExec
> ] - Executing request GET targeturl HTTP/1.1
> 2013-12-03 14:15:18,958 DEBUG [org.apache.http.impl.execchain.MainClientExec
> ] - Proxy auth state: UNCHALLENGED
> 2013-12-03 14:15:18,960 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 >> GET targeturl HTTP/1.1
> 2013-12-03 14:15:18,960 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 >> Host: targethost
> 2013-12-03 14:15:18,960 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 >> Accept: application/json
> 2013-12-03 14:15:18,960 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 >> Authorization: <authorization>
> 2013-12-03 14:15:18,960 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 >> Proxy-Connection: Keep-Alive
> 2013-12-03 14:15:18,960 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 >> User-Agent: Apache-HttpClient/4.3.1 (java 1.5)
> 2013-12-03 14:15:18,960 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 >> Accept-Encoding: gzip,deflate
> 2013-12-03 14:15:18,960 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 >> "GET targeturl HTTP/1.1[\r][\n]"
> 2013-12-03 14:15:18,960 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 >> "Host: targethost[\r][\n]"
> 2013-12-03 14:15:18,960 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 >> "Accept: application/json[\r][\n]"
> 2013-12-03 14:15:18,960 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 >> "Authorization: <authorization>[\r][\n]"
> 2013-12-03 14:15:18,960 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 >> "Proxy-Connection: Keep-Alive[\r][\n]"
> 2013-12-03 14:15:18,960 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 >> "User-Agent: Apache-HttpClient/4.3.1 (java
> 1.5)[\r][\n]"
> 2013-12-03 14:15:18,960 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 >> "Accept-Encoding: gzip,deflate[\r][\n]"
> 2013-12-03 14:15:18,960 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 >> "[\r][\n]"
> 2013-12-03 14:15:18,991 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 << "HTTP/1.1 407 authenticationrequired[\r][\n]"
> 2013-12-03 14:15:18,991 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 << "Content-Type: text/html[\r][\n]"
> 2013-12-03 14:15:18,991 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 << "Cache-Control: no-cache[\r][\n]"
> 2013-12-03 14:15:18,991 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 << "Content-Length: 5920[\r][\n]"
> 2013-12-03 14:15:18,991 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 << "Proxy-Connection: Keep-Alive[\r][\n]"
> 2013-12-03 14:15:18,991 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 << "Proxy-Authenticate: NTLM[\r][\n]"
> 2013-12-03 14:15:18,991 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 << "Proxy-Authenticate: Basic
> realm="proxyrealm"[\r][\n]"
> 2013-12-03 14:15:18,991 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 << "[\r][\n]"
> 2013-12-03 14:15:18,992 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 << "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0
> Transitional//EN"
> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>[\n]"
> 2013-12-03 14:15:18,992 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 << "[ ... some proxy content ... ]"
> 2013-12-03 14:15:18,999 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 << HTTP/1.1 407 authenticationrequired
> 2013-12-03 14:15:18,999 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 << Content-Type: text/html
> 2013-12-03 14:15:18,999 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 << Cache-Control: no-cache
> 2013-12-03 14:15:18,999 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 << Content-Length: 5920
> 2013-12-03 14:15:18,999 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 << Proxy-Connection: Keep-Alive
> 2013-12-03 14:15:18,999 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 << Proxy-Authenticate: NTLM
> 2013-12-03 14:15:19,000 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 << Proxy-Authenticate: Basic realm="proxyrealm"
> 2013-12-03 14:15:19,002 DEBUG [org.apache.http.impl.execchain.MainClientExec
> ] - Connection can be kept alive indefinitely
> 2013-12-03 14:15:19,002 DEBUG [org.apache.http.impl.auth.HttpAuthenticator
> ] - Authentication required
> 2013-12-03 14:15:19,002 DEBUG [org.apache.http.impl.auth.HttpAuthenticator
> ] - proxyurl:8080 requested authentication
> 2013-12-03 14:15:19,002 DEBUG
> [pache.http.impl.client.ProxyAuthenticationStrategy] - Authentication schemes
> in the order of preference: [negotiate, Kerberos, NTLM, Digest, Basic]
> 2013-12-03 14:15:19,002 DEBUG
> [pache.http.impl.client.ProxyAuthenticationStrategy] - Challenge for
> negotiate authentication scheme not available
> 2013-12-03 14:15:19,002 DEBUG
> [pache.http.impl.client.ProxyAuthenticationStrategy] - Challenge for Kerberos
> authentication scheme not available
> 2013-12-03 14:15:19,002 WARN
> [pache.http.impl.client.ProxyAuthenticationStrategy] - Authentication scheme
> NTLM not supported
> 2013-12-03 14:15:19,002 DEBUG
> [pache.http.impl.client.ProxyAuthenticationStrategy] - Challenge for Digest
> authentication scheme not available
> 2013-12-03 14:15:19,005 DEBUG [org.apache.http.impl.auth.HttpAuthenticator
> ] - Selected authentication options: [BASIC]
> 2013-12-03 14:15:19,006 DEBUG [org.apache.http.impl.execchain.MainClientExec
> ] - Executing request GET targeturl HTTP/1.1
> 2013-12-03 14:15:19,006 DEBUG [org.apache.http.impl.execchain.MainClientExec
> ] - Target auth state: UNCHALLENGED
> 2013-12-03 14:15:19,006 DEBUG [org.apache.http.impl.execchain.MainClientExec
> ] - Proxy auth state: CHALLENGED
> 2013-12-03 14:15:19,006 DEBUG [org.apache.http.impl.auth.HttpAuthenticator
> ] - Generating response to an authentication challenge using basic scheme
> 2013-12-03 14:15:19,007 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 >> GET targeturl HTTP/1.1
> 2013-12-03 14:15:19,007 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 >> Host: targethost
> 2013-12-03 14:15:19,007 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 >> Accept: application/json
> 2013-12-03 14:15:19,007 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 >> Proxy-Connection: Keep-Alive
> 2013-12-03 14:15:19,007 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 >> User-Agent: Apache-HttpClient/4.3.1 (java 1.5)
> 2013-12-03 14:15:19,007 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 >> Accept-Encoding: gzip,deflate
> 2013-12-03 14:15:19,007 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 >> Proxy-Authorization: Basic *********
> 2013-12-03 14:15:19,007 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 >> "GET targeturl HTTP/1.1[\r][\n]"
> 2013-12-03 14:15:19,007 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 >> "Host: targethost[\r][\n]"
> 2013-12-03 14:15:19,007 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 >> "Accept: application/json[\r][\n]"
> 2013-12-03 14:15:19,007 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 >> "Proxy-Connection: Keep-Alive[\r][\n]"
> 2013-12-03 14:15:19,007 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 >> "User-Agent: Apache-HttpClient/4.3.1 (java
> 1.5)[\r][\n]"
> 2013-12-03 14:15:19,007 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 >> "Accept-Encoding: gzip,deflate[\r][\n]"
> 2013-12-03 14:15:19,007 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 >> "Proxy-Authorization: Basic *********[\r][\n]"
> 2013-12-03 14:15:19,007 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 >> "[\r][\n]"
> 2013-12-03 14:15:19,334 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 << "HTTP/1.1 401 Unauthorized[\r][\n]"
> 2013-12-03 14:15:19,334 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 << "Date: Tue, 03 Dec 2013 13:15:18 GMT[\r][\n]"
> 2013-12-03 14:15:19,334 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 << "Datacenter: IAD1[\r][\n]"
> 2013-12-03 14:15:19,334 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 << "Content-Type: text/html;charset=utf-8[\r][\n]"
> 2013-12-03 14:15:19,334 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 << "Content-Length: 1038[\r][\n]"
> 2013-12-03 14:15:19,334 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 << "Proxy-Connection: Keep-Alive[\r][\n]"
> 2013-12-03 14:15:19,334 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 << "[\r][\n]"
> 2013-12-03 14:15:19,334 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 << HTTP/1.1 401 Unauthorized
> 2013-12-03 14:15:19,334 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 << Date: Tue, 03 Dec 2013 13:15:18 GMT
> 2013-12-03 14:15:19,334 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 << Datacenter: IAD1
> 2013-12-03 14:15:19,334 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 << Content-Type: text/html;charset=utf-8
> 2013-12-03 14:15:19,335 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 << Content-Length: 1038
> 2013-12-03 14:15:19,335 DEBUG [org.apache.http.headers
> ] - http-outgoing-0 << Proxy-Connection: Keep-Alive
> 2013-12-03 14:15:19,335 DEBUG [org.apache.http.impl.execchain.MainClientExec
> ] - Connection can be kept alive indefinitely
> 2013-12-03 14:15:19,335 DEBUG [org.apache.http.impl.auth.HttpAuthenticator
> ] - Authentication required
> 2013-12-03 14:15:19,335 DEBUG [org.apache.http.impl.auth.HttpAuthenticator
> ] - targethost:80 requested authentication
> 2013-12-03 14:15:19,335 DEBUG [org.apache.http.impl.auth.HttpAuthenticator
> ] - Response contains no authentication challenges
> 2013-12-03 14:15:19,341 DEBUG [org.apache.http.wire
> ] - http-outgoing-0 << "[ some target error output ]"
> 2013-12-03 14:15:19,341 DEBUG
> [.http.impl.conn.PoolingHttpClientConnectionManager] - Connection [id:
> 0][route: {}->proxyurl->targeturl] can be kept alive indefinitely
> 2013-12-03 14:15:19,341 DEBUG
> [.http.impl.conn.PoolingHttpClientConnectionManager] - Connection released:
> [id: 0][route: {}->proxyurl->targeturl][total kept alive: 1; route allocated:
> 1 of 2; total allocated: 1 of 20]
> #######################
>
>
>
> Tobias
>
>
>
> -----Ursprüngliche Nachricht-----
> Von: Oleg Kalnichevski [mailto:ol...@apache.org]
> Gesendet: Dienstag, 3. Dezember 2013 16:56
> An: HttpClient User Discussion
> Betreff: Re: Request loses authorization header when redirected by proxy
>
> On Tue, 2013-12-03 at 15:51 +0000, Tobias Woerenkaemper wrote:
> > Hi Oleg,
> >
> > I am using httpclient 4.3.1 and configured my http client like this:
> >
> > HttpHost tmpProxy = new HttpHost("proxyhost", Integer.parseInt(####));
> > AuthScope tmpAuthScope = new AuthScope(tmpProxy);
> > BasicCredentialsProvider tmpCredentialsProvider = new
> > BasicCredentialsProvider();
> > Credentials tmpCredentials = new
> > UsernamePasswordCredentials("username", "****");
> > tmpCredentialsProvider.setCredentials(tmpAuthScope, tmpCredentials);
> >
> > RequestConfig tmpRequestConfig = RequestConfig.custom()
> > .setConnectTimeout(4000)
> > .setProxyPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC))
> > .setTargetPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC))
> > .build();
> >
> > HttpClient tmpClient = HttpClients.custom()
> > .setDefaultRequestConfig(tmpRequestConfig)
> > .setProxy(tmpProxy)
> > .setDefaultCredentialsProvider(tmpCredentialsProvider)
> > .setTargetAuthenticationStrategy(new SummonAuthenticationStrategy())
> > .build();
> >
> > Now I am sending an http request with an Authorization/Authentication
> > header since the request target needs basic authentication as well:
> >
> > HttpGet tmpGetRequest = new HttpGet("target url");
> > tmpGetRequest.addHeader("Authorization", ".....");
> >
> > While being routed through the proxy the (2nd) request seems to lose this
> > authentication header and hence I am getting a 401 by the target server.
> >
> > Best Regards
> > Tobias
>
>
> Tobias,
>
> Could you please post a wire / context log (obfuscated if necessary) of
> the session?
>
> Oleg
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org
> For additional commands, e-mail: httpclient-users-h...@hc.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org
> For additional commands, e-mail: httpclient-users-h...@hc.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org
For additional commands, e-mail: httpclient-users-h...@hc.apache.org
