This is my code: ``` // Trust standard CA and those trusted by our custom strategy final SSLContext sslcontext = SSLContexts.custom().loadTrustMaterial((chain, authType) -> true).build();
int timeout = 5; PoolingAsyncClientConnectionManager ccm = PoolingAsyncClientConnectionManagerBuilder.create().setTlsStrategy(ClientTlsStrategyBuilder.create() .setSslContext(sslcontext) .setTlsVersions(TLS.V_1_3, TLS.V_1_2) .setHostnameVerifier( NoopHostnameVerifier.INSTANCE) .build()) .setPoolConcurrencyPolicy(PoolConcurrencyPolicy.STRICT) .setConnPoolPolicy(PoolReusePolicy.LIFO) .setConnectionTimeToLive(TimeValue.ofMinutes(1L)).build(); try (CloseableHttpAsyncClient httpclient = HttpAsyncClients.custom().setConnectionManager(ccm).setDefaultRequestConfig( RequestConfig.custom().setConnectTimeout(Timeout.ofSeconds(timeout)).setResponseTimeout(Timeout.ofSeconds(timeout)) .setCookieSpec(CookieSpecs.STANDARD_STRICT.ident).build()).setVersionPolicy(HttpVersionPolicy.FORCE_HTTP_2).build()) { httpclient.start(); /* * It can't be POST because the CSRF is triggered. */ SimpleHttpRequest httpGet = SimpleHttpRequests.GET.create(restBaseUrl + "auth"); LOG.debug("Calling: " + restBaseUrl + "auth"); httpGet.setHeader("aaaa", username); httpGet.setHeader("bbbb", password); Future<SimpleHttpResponse> future = httpclient.execute(httpGet, null); httpclient.shutdown(CloseMode.GRACEFUL); SimpleHttpResponse response = future.get(); final String responseText = response.getBody().getBodyText(); ObjectMapper mapper = new ObjectMapper(); mapper.configure(JsonParser.Feature.AUTO_CLOSE_SOURCE, true); UserData userData = mapper.readValue(responseText, UserData.class); if (userData.getToken() == null) { throw new BadCredentialsException("Invalid username/password"); } final ConsoleUserPrincipal principal = new ConsoleUserPrincipal(userData.getUsername(), password, AuthorityUtils.createAuthorityList(userData.getAuthorities())); principal.setExpiryTime(userData.getExpiryTime()); principal.setToken(userData.getToken()); return new UsernamePasswordAuthenticationToken(principal, password, principal.getAuthorities()); } } catch (NoSuchAlgorithmException | InterruptedException | ExecutionException | KeyManagementException | KeyStoreException | IOException e) { LOG.error(e.getMessage(), e); throw new InternalAuthenticationServiceException(e.getMessage()); } ``` The exception happens after the httpClient shutdown on this line: SimpleHttpResponse response = future.get(); На пн, 29.07.2019 г. в 14:57 ч. Petar Tahchiev <paranoia...@gmail.com> написа: > Thank you Oleg, > it worked :). However now, once in a while I get this type of error: > ```` > Caused by: java.io.InterruptedIOException > at > org.apache.hc.client5.http.impl.async.AsyncConnectExec$2.cancelled(AsyncConnectExec.java:213) > at > org.apache.hc.client5.http.impl.async.InternalHttpAsyncExecRuntime$2.cancelled(InternalHttpAsyncExecRuntime.java:233) > at org.apache.hc.core5.concurrent.BasicFuture.cancel(BasicFuture.java:154) > at > org.apache.hc.core5.concurrent.ComplexFuture.cancel(ComplexFuture.java:93) > at org.apache.hc.core5.concurrent.BasicFuture.cancel(BasicFuture.java:161) > at > org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManager$2.cancelled(PoolingAsyncClientConnectionManager.java:395) > at org.apache.hc.core5.concurrent.BasicFuture.cancel(BasicFuture.java:154) > at > org.apache.hc.core5.concurrent.ComplexFuture.cancel(ComplexFuture.java:93) > at org.apache.hc.core5.concurrent.BasicFuture.cancel(BasicFuture.java:161) > at > org.apache.hc.client5.http.impl.nio.DefaultAsyncClientConnectionOperator$1.cancelled(DefaultAsyncClientConnectionOperator.java:111) > at org.apache.hc.core5.concurrent.BasicFuture.cancel(BasicFuture.java:154) > at > org.apache.hc.core5.concurrent.ComplexFuture.cancel(ComplexFuture.java:93) > at org.apache.hc.core5.concurrent.BasicFuture.cancel(BasicFuture.java:161) > at > org.apache.hc.client5.http.impl.nio.MultihomeIOSessionRequester$1$1.cancelled(MultihomeIOSessionRequester.java:147) > at org.apache.hc.core5.concurrent.BasicFuture.cancel(BasicFuture.java:154) > at org.apache.hc.core5.concurrent.BasicFuture.cancel(BasicFuture.java:161) > at > org.apache.hc.core5.reactor.IOSessionRequest.cancel(IOSessionRequest.java:83) > at > org.apache.hc.core5.reactor.SingleCoreIOReactor.closePendingConnectionRequests(SingleCoreIOReactor.java:366) > at > org.apache.hc.core5.reactor.SingleCoreIOReactor.doTerminate(SingleCoreIOReactor.java:101) > at > org.apache.hc.core5.reactor.AbstractSingleCoreIOReactor.execute(AbstractSingleCoreIOReactor.java:89) > at org.apache.hc.core5.reactor.IOReactorWorker.run(IOReactorWorker.java:44) > ```` > Not always - most of the times it works fine, it is just sometimes. > > > На пн, 22.07.2019 г. в 12:43 ч. Oleg Kalnichevski <ol...@apache.org> > написа: > >> On Mon, 2019-07-22 at 12:29 +0300, Petar Tahchiev wrote: >> > Hello, >> > I have a Tomcat server running on port 8112 via HTTPS. The Tomcat has >> > http2 >> > enabled and is running with OpenJDK11. >> > Now when I try to connect with HTTPClient 5.0-beta5 I get this >> > exception: >> > =================== >> > 2019-07-22 12:22:57,699 [https-jsse-nio-8443-exec-2] INFO : >> > Recoverable I/O >> > exception (org.apache.hc.core5.http.NoHttpResponseException) caught >> > when >> > processing request to {s}->https://localhost:8112 >> > 2019-07-22 12:22:57,709 [https-jsse-nio-8443-exec-2] INFO : >> > Recoverable I/O >> > exception (org.apache.hc.core5.http.NoHttpResponseException) caught >> > when >> > processing request to {s}->https://localhost:8112 >> > 2019-07-22 12:22:57,719 [https-jsse-nio-8443-exec-2] INFO : >> > Recoverable I/O >> > exception (org.apache.hc.core5.http.NoHttpResponseException) caught >> > when >> > processing request to {s}->https://localhost:8112 >> > 2019-07-22 12:22:57,732 [https-jsse-nio-8443-exec-2] ERROR: >> > localhost:8112 >> > failed to respond >> > org.apache.hc.core5.http.NoHttpResponseException: localhost:8112 >> > failed to >> > respond >> > at >> > org.apache.hc.core5.http.impl.io.DefaultHttpResponseParser.createConn >> > ectionClosedException(DefaultHttpResponseParser.java:87) >> > at >> > org.apache.hc.core5.http.impl.io.AbstractMessageParser.parse(Abstract >> > MessageParser.java:243) >> > at >> > org.apache.hc.core5.http.impl.io.AbstractMessageParser.parse(Abstract >> > MessageParser.java:53) >> > at >> > org.apache.hc.core5.http.impl.io.DefaultBHttpClientConnection.receive >> > ResponseHeader(DefaultBHttpClientConnection.java:187) >> > at >> > org.apache.hc.core5.http.impl.io.HttpRequestExecutor.execute(HttpRequ >> > estExecutor.java:181) >> > at >> > org.apache.hc.core5.http.impl.io.HttpRequestExecutor.execute(HttpRequ >> > estExecutor.java:224) >> > at >> > org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager >> > $InternalConnectionEndpoint.execute(PoolingHttpClientConnectionManage >> > r.java:596) >> > at >> > org.apache.hc.client5.http.impl.classic.InternalExecRuntime.execute(I >> > nternalExecRuntime.java:220) >> > at >> > org.apache.hc.client5.http.impl.classic.MainClientExec.execute(MainCl >> > ientExec.java:107) >> > at >> > org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(Exec >> > ChainElement.java:51) >> > at >> > org.apache.hc.client5.http.impl.classic.ExecChainElement$1.proceed(Ex >> > ecChainElement.java:57) >> > at >> > org.apache.hc.client5.http.impl.classic.ConnectExec.execute(ConnectEx >> > ec.java:181) >> > at >> > org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(Exec >> > ChainElement.java:51) >> > at >> > org.apache.hc.client5.http.impl.classic.ExecChainElement$1.proceed(Ex >> > ecChainElement.java:57) >> > at >> > org.apache.hc.client5.http.impl.classic.ProtocolExec.execute(Protocol >> > Exec.java:165) >> > at >> > org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(Exec >> > ChainElement.java:51) >> > at >> > org.apache.hc.client5.http.impl.classic.ExecChainElement$1.proceed(Ex >> > ecChainElement.java:57) >> > at >> > org.apache.hc.client5.http.impl.classic.RetryExec.execute(RetryExec.j >> > ava:88) >> > at >> > org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(Exec >> > ChainElement.java:51) >> > at >> > org.apache.hc.client5.http.impl.classic.ExecChainElement$1.proceed(Ex >> > ecChainElement.java:57) >> > at >> > org.apache.hc.client5.http.impl.classic.RedirectExec.execute(Redirect >> > Exec.java:116) >> > at >> > org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(Exec >> > ChainElement.java:51) >> > at >> > org.apache.hc.client5.http.impl.classic.ExecChainElement$1.proceed(Ex >> > ecChainElement.java:57) >> > at >> > org.apache.hc.client5.http.impl.classic.ContentCompressionExec.execut >> > e(ContentCompressionExec.java:125) >> > at >> > org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(Exec >> > ChainElement.java:51) >> > at >> > org.apache.hc.client5.http.impl.classic.InternalHttpClient.doExecute( >> > InternalHttpClient.java:175) >> > at >> > org.apache.hc.client5.http.impl.classic.CloseableHttpClient.execute(C >> > loseableHttpClient.java:77) >> > at >> > com.nemesis.console.backend.storefront.DefaultRestAuthenticationProvi >> > der.authenticate(DefaultRestAuthenticationProvider.java:116) >> > =================== >> > >> > - If I change the URL from >> > https://localhost:8112/storefront/rest/auth to >> > https://some-website-with-valid-certificate.com/ it all works fine. >> > - If I change the Tomcat server to work with HTTP1.1 it all works >> > fine. >> > Here is my code: >> > =================== >> > >> > try { >> > // Trust standard CA and those trusted by our custom strategy >> > final SSLContext sslcontext = >> > SSLContexts.custom().loadTrustMaterial(new TrustStrategy() { >> > >> > @Override >> > public boolean isTrusted(final X509Certificate[] chain, final >> > String authType) throws CertificateException { >> > return true; >> > } >> > >> > }).build(); >> > >> > int timeout = 5; >> > >> > RequestConfig config = >> > RequestConfig.custom().setResponseTimeout(timeout, >> > TimeUnit.SECONDS).setConnectTimeout(timeout, >> > TimeUnit.SECONDS).build(); >> > >> > // Allow TLSv1.2 protocol only >> > final SSLConnectionSocketFactory sslSocketFactory = >> > SSLConnectionSocketFactoryBuilder.create().setSslContext(sslcontext). >> > setTlsVersions(TLS.V_1_2) >> > >> > >> > .setHostnameVerifier(NoopHostnameVerifier.INSTANCE).build(); >> > >> > Registry<ConnectionSocketFactory> registry = >> > RegistryBuilder.<ConnectionSocketFactory>create().register("https", >> > sslSocketFactory).build(); >> > >> > HttpClientConnectionManager ccm = new >> > PoolingHttpClientConnectionManager(registry); >> > >> > try (CloseableHttpClient httpclient = >> > HttpClients.custom().setRetryHandler(new >> > DefaultHttpRequestRetryHandler(3)).setDefaultRequestConfig(config) >> > >> > .setConnectionManager(ccm).build()) { >> > >> > HttpGet httpGet = new HttpGet(restBaseUrl + "auth"); >> > >> > LOG.debug("Calling: " + restBaseUrl + "auth"); >> > >> > httpGet.setHeader("test", username); >> > httpGet.setHeader("more-test", password); >> > >> > final HttpClientContext clientContext = >> > HttpClientContext.create(); >> > >> > try (final CloseableHttpResponse response2 = >> > httpclient.execute(httpGet, clientContext)) { >> > HttpEntity entity2 = response2.getEntity(); >> > final String response = EntityUtils.toString(entity2, >> > Charset.defaultCharset()); >> > LOG.info(response); >> > } >> > } >> > } catch (NoSuchAlgorithmException | KeyManagementException | >> > ParseException | KeyStoreException | IOException e) { >> > LOG.error(e.getMessage(), e); >> > } >> > >> > ======================= >> > >> > Any clues will be appreciated. >> >> Hi Petar >> >> Classic HttpClient 5.0 support HTTP/1.1 version only. You need to >> migrate to HttpAsyncClient 5.0 to be able to use HTTP/2. >> >> For migration instructions you can refer to this migration guide >> >> https://ok2c.github.io/httpclient-migration-guide/ >> >> Oleg >> >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org >> For additional commands, e-mail: httpclient-users-h...@hc.apache.org >> >> > > -- > Regards, Petar! > Karlovo, Bulgaria. > --- > Public PGP Key at: > http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x19658550C3110611 > Key Fingerprint: A369 A7EE 61BC 93A3 CDFF 55A5 1965 8550 C311 0611 > -- Regards, Petar! Karlovo, Bulgaria. --- Public PGP Key at: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x19658550C3110611 Key Fingerprint: A369 A7EE 61BC 93A3 CDFF 55A5 1965 8550 C311 0611