On Wed, 2019-07-31 at 11:31 +0200, Jochen Wiedmann wrote:
> I've got an application, which is sending a SOAP request to an
> external server via a corporate proxy, which I do not control.
> Sending
> the request fails with a message "HTTP/1.1 500 handshakefailed".
> However, sending another request via SoapUI through the same proxy
> works just fine.
>
> In order to find a difference, I detected a surprising fact: Th
> Wireshark trace shows, that SoapUI is doing an HTTP CONNECT, rather
> than an HTTP POST. The complete headers look like this:
>
> CONNECT proxy.company.com:443 HTTP/1.1
> Host: reverseproxy.othercompany.com
> Proxy-Connection: Keep-Alive
> User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
>
> The proxy servers response is
>
> HTTP/1.0 Connection established.
>
> The rest of the connection is mainly unreadable, except for some
> words, which make me believe, that an SSL Certificate is being passed
> through from the remote server to my client.
>
> My impression is, that SoapUI establishes an SSL connection to the
> proxy server, although I did not configure it to do so. (In fact, the
> SoapUI preferences do not provide that option, AFAICT.) Perhaps
> SoapUI
> does so, because the remote URL is an https URL?
>
> My question is: How can I configure the Apache HttpClient to do the
> same? Obviously, SoapUI does that, because the headers show, that it
> is using Apache HttpClient, too, albeit a different version.
> Currently, my proxy related code looks like this:
>
> CredentialsProvider provider = new BasicCredentialsProvider();
> UsernamePasswordCredentials upc = new
> UsernamePasswordCredentials(getUserName(), getPassword());
> if (getProxyUrl() != null && getProxyUserName() != null) {
> provider.setCredentials(new
> AuthScope(getProxyUrl().getHost(),
>
> getProxyUrl().getPort()),
> new UsernamePasswordCredentials(getProxyUserName(),
>
> getProxyPassword()));
> }
> provider.setCredentials(AuthScope.ANY, upc);
>
>
> Thanks in advance,
>
> Jochen
Jochen
This is depends on the connection route defined by the route planner.
If the connection route in marked as secure HttpClient will attempt to
establish a tunnel through the proxy (by way of CONNECT request)
instead of passing the request the the proxy for execution. All
connection routes that use HTTPS scheme are considered secure by
default.
Make sure the request you are trying to execute has been configured to
use HTTPS.
Hope this helps.
Oleg
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org
For additional commands, e-mail: httpclient-users-h...@hc.apache.org
