NTLM Authentication Error
HI! I'm trying to access a ntlm authenticated server, but it´s not working. The logs are returning the following: [HttpMethod] Already tried to authenticate to "tconet#null" but still receiving 401. Here´s my code: HttpClient client = new HttpClient(); client.setConnectionTimeout(6); client.getState().setCredentials( "tconet", new NTCredentials("Andre.Augusto","senha","ca_andreaugusto","CACEL01") ); String url = "http://tconet/index.asp";; GetMethod method = new GetMethod(url); method.setFollowRedirects(true); method.setStrictMode(false); method.setDoAuthentication(true); logger.info("Trying to reach " + url); String responseBody = null; long tempoinicial = System.currentTimeMillis(); long tempogasto = 0; try { int retorno = client.executeMethod(method); ... ... Thanks in advance, Andre Augusto - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: SSL Performance Problem
Oleg, I'm not using Jetty, at least not in this project. The server I'm monitoring is M$ IIS. Why are you asking? Andre -Original Message- From: Kalnichevski, Oleg [mailto:[EMAIL PROTECTED] Sent: quinta-feira, 3 de abril de 2003 12:36 To: Commons HttpClient Project Subject: RE: SSL Performance Problem Stupid me ;-) Actually HttpClient uses 3000ms timeout when expecting 100 (CONTINUE) status code. That has nothing to do with SSL and all my conspiracy theories. As now 'expect: 100-continue' is disabled per default, HttpClient treats all 100 status codes it receives as unexpected. This is perfectly ok. Some HTTP servers do send 100 (CONTINUE) status code even if they are not asked to do so. Are you using Jetty by any chance? Oleg -Original Message- From: André Augusto de Oliveira Aragão [mailto:[EMAIL PROTECTED] Sent: Donnerstag, 3. April 2003 17:24 To: 'Commons HttpClient Project' Subject: RE: SSL Performance Problem HI! I got the latest nightly build. The times are no more constant, and the performance is now ok. There is a new message in the log: org.apache.commons.httpclient.HttpMethod - Discarding unexpected response: HTTP/1.1 100 Continue Why is it discarding? Is the server sending me this anyway, or the httpclient is sending the header Expect 100: continue with my post data? Best regards, Andre -Original Message- From: Kalnichevski, Oleg [mailto:[EMAIL PROTECTED] Sent: quinta-feira, 3 de abril de 2003 12:14 To: Commons HttpClient Project Subject: RE: SSL Performance Problem Andre Recently there has been an SSL vulnerability discovered related (very roughly put) to the time it takes the server respond to an invalid authentication request. For more details refer to http://lasecwww.epfl.ch/memo_ssl.shtml I would not be too surprised if newer SSL implementation developed some pre-emptive measures against similar exploits by trying to equalize response time. It's just a wild guess on my part. By no means being a security expert I may be wrong about it. Oleg -----Original Message----- From: André Augusto de Oliveira Aragão [mailto:[EMAIL PROTECTED] Sent: Donnerstag, 3. April 2003 16:55 To: 'Commons HttpClient Project' Cc: '[EMAIL PROTECTED]' Subject: RE: SSL Performance Problem Thanks Michael, I´m trying to send it again, this time as zip file. About the poor performance, I'm measuring time only after receiving the 100 server response, in the second step of the handshaking process. In the C++ version I have, I don´t know if it does or not the 100 handshaking - I don't have the code. Anyway, it´s much faster, and I don´t believe it´s because it´s implemented in java. The http version has similar times in the java and C++ version. Can you point me a similar jsse implementation? What about the constant times? It´s the weird thing. It takes the same time in the first part of the negotiation, when it send the 100 header, and in the second part - actually when the request is processed in the server. Any explanations? Regards, Andre -Original Message- From: Michael Becke [mailto:[EMAIL PROTECTED] Sent: quinta-feira, 3 de abril de 2003 11:39 To: Commons HttpClient Project Subject: Re: SSL Performance Problem Hello André, Unfortunately it seems that the attachments were stipped from your message. Jeff, Oleg do you have any idea how we can get this fixed? I'm guessing the poor performance with SSL is due to the "Expect: 100-continue" header. Try calling setUseExpectHeader(false) on the post method. I would also suggest using the latest code from CVS or a nightly build. Mike André Augusto de Oliveira Aragão wrote: > HI! > > I think httpclient is having a strange behavior. I´m developing a software > that, among other things, must make performance measurements on web sites. > > I have a site called https://callcenter.tco.net.br. This site uses, as you > can see SSL. And I also have this site in a non ssl version - > http://www.tco.net.br/col. > > When I try to measure performance in the https://callcenter.tco.net.br, I > get always 3000 ms. I can run a dozen times, and I get it over and over > (with the log turned off), with very small changes - about 4 ms. It´s very > strange. This time is measured only in the second post interaction, ie, in > the reply to the 100-continue server response. > > When I use the non-ssl version, the time changes at each try, as expected. > > Other problem is the performance. When I use the non-ssl version, the time > changes from 800 ms to 1200 ms. Using the https, it´s always 3000 ms. I have > a similar function wrote in C++, and I get similar times using http or > https. Well, https sometimes get to 1500 ms, but generally speaking, the > degradation is not sensible. > > I´m sending my code, and the log generated for both situations, using the >
RE: SSL Performance Problem
HI! I got the latest nightly build. The times are no more constant, and the performance is now ok. There is a new message in the log: org.apache.commons.httpclient.HttpMethod - Discarding unexpected response: HTTP/1.1 100 Continue Why is it discarding? Is the server sending me this anyway, or the httpclient is sending the header Expect 100: continue with my post data? Best regards, Andre -Original Message- From: Kalnichevski, Oleg [mailto:[EMAIL PROTECTED] Sent: quinta-feira, 3 de abril de 2003 12:14 To: Commons HttpClient Project Subject: RE: SSL Performance Problem Andre Recently there has been an SSL vulnerability discovered related (very roughly put) to the time it takes the server respond to an invalid authentication request. For more details refer to http://lasecwww.epfl.ch/memo_ssl.shtml I would not be too surprised if newer SSL implementation developed some pre-emptive measures against similar exploits by trying to equalize response time. It's just a wild guess on my part. By no means being a security expert I may be wrong about it. Oleg -Original Message- From: André Augusto de Oliveira Aragão [mailto:[EMAIL PROTECTED] Sent: Donnerstag, 3. April 2003 16:55 To: 'Commons HttpClient Project' Cc: '[EMAIL PROTECTED]' Subject: RE: SSL Performance Problem Thanks Michael, I´m trying to send it again, this time as zip file. About the poor performance, I'm measuring time only after receiving the 100 server response, in the second step of the handshaking process. In the C++ version I have, I don´t know if it does or not the 100 handshaking - I don't have the code. Anyway, it´s much faster, and I don´t believe it´s because it´s implemented in java. The http version has similar times in the java and C++ version. Can you point me a similar jsse implementation? What about the constant times? It´s the weird thing. It takes the same time in the first part of the negotiation, when it send the 100 header, and in the second part - actually when the request is processed in the server. Any explanations? Regards, Andre -Original Message- From: Michael Becke [mailto:[EMAIL PROTECTED] Sent: quinta-feira, 3 de abril de 2003 11:39 To: Commons HttpClient Project Subject: Re: SSL Performance Problem Hello André, Unfortunately it seems that the attachments were stipped from your message. Jeff, Oleg do you have any idea how we can get this fixed? I'm guessing the poor performance with SSL is due to the "Expect: 100-continue" header. Try calling setUseExpectHeader(false) on the post method. I would also suggest using the latest code from CVS or a nightly build. Mike André Augusto de Oliveira Aragão wrote: > HI! > > I think httpclient is having a strange behavior. I´m developing a software > that, among other things, must make performance measurements on web sites. > > I have a site called https://callcenter.tco.net.br. This site uses, as you > can see SSL. And I also have this site in a non ssl version - > http://www.tco.net.br/col. > > When I try to measure performance in the https://callcenter.tco.net.br, I > get always 3000 ms. I can run a dozen times, and I get it over and over > (with the log turned off), with very small changes - about 4 ms. It´s very > strange. This time is measured only in the second post interaction, ie, in > the reply to the 100-continue server response. > > When I use the non-ssl version, the time changes at each try, as expected. > > Other problem is the performance. When I use the non-ssl version, the time > changes from 800 ms to 1200 ms. Using the https, it´s always 3000 ms. I have > a similar function wrote in C++, and I get similar times using http or > https. Well, https sometimes get to 1500 ms, but generally speaking, the > degradation is not sensible. > > I´m sending my code, and the log generated for both situations, using the > https and the http site. > > Another question: Why the httpclient always add the Expect: 100-continue > header? Is it part of the http spec? As I know, it should not be used on > "normal" situations, ie, when you have a small post to do to the server. > Correct me If I´m wrong. > > I´m using 2.0-alpha3-dev. > > Thanks in advance, > > Andre Augusto > TCO Celular > > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For a
RE: SSL Performance Problem
Thanks Michael, I´m trying to send it again, this time as zip file. About the poor performance, I'm measuring time only after receiving the 100 server response, in the second step of the handshaking process. In the C++ version I have, I don´t know if it does or not the 100 handshaking - I don't have the code. Anyway, it´s much faster, and I don´t believe it´s because it´s implemented in java. The http version has similar times in the java and C++ version. Can you point me a similar jsse implementation? What about the constant times? It´s the weird thing. It takes the same time in the first part of the negotiation, when it send the 100 header, and in the second part - actually when the request is processed in the server. Any explanations? Regards, Andre -Original Message- From: Michael Becke [mailto:[EMAIL PROTECTED] Sent: quinta-feira, 3 de abril de 2003 11:39 To: Commons HttpClient Project Subject: Re: SSL Performance Problem Hello André, Unfortunately it seems that the attachments were stipped from your message. Jeff, Oleg do you have any idea how we can get this fixed? I'm guessing the poor performance with SSL is due to the "Expect: 100-continue" header. Try calling setUseExpectHeader(false) on the post method. I would also suggest using the latest code from CVS or a nightly build. Mike André Augusto de Oliveira Aragão wrote: > HI! > > I think httpclient is having a strange behavior. I´m developing a software > that, among other things, must make performance measurements on web sites. > > I have a site called https://callcenter.tco.net.br. This site uses, as you > can see SSL. And I also have this site in a non ssl version - > http://www.tco.net.br/col. > > When I try to measure performance in the https://callcenter.tco.net.br, I > get always 3000 ms. I can run a dozen times, and I get it over and over > (with the log turned off), with very small changes - about 4 ms. It´s very > strange. This time is measured only in the second post interaction, ie, in > the reply to the 100-continue server response. > > When I use the non-ssl version, the time changes at each try, as expected. > > Other problem is the performance. When I use the non-ssl version, the time > changes from 800 ms to 1200 ms. Using the https, it´s always 3000 ms. I have > a similar function wrote in C++, and I get similar times using http or > https. Well, https sometimes get to 1500 ms, but generally speaking, the > degradation is not sensible. > > I´m sending my code, and the log generated for both situations, using the > https and the http site. > > Another question: Why the httpclient always add the Expect: 100-continue > header? Is it part of the http spec? As I know, it should not be used on > "normal" situations, ie, when you have a small post to do to the server. > Correct me If I´m wrong. > > I´m using 2.0-alpha3-dev. > > Thanks in advance, > > Andre Augusto > TCO Celular > > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
SSL Performance Problem
HI! I think httpclient is having a strange behavior. I´m developing a software that, among other things, must make performance measurements on web sites. I have a site called https://callcenter.tco.net.br. This site uses, as you can see SSL. And I also have this site in a non ssl version - http://www.tco.net.br/col. When I try to measure performance in the https://callcenter.tco.net.br, I get always 3000 ms. I can run a dozen times, and I get it over and over (with the log turned off), with very small changes - about 4 ms. It´s very strange. This time is measured only in the second post interaction, ie, in the reply to the 100-continue server response. When I use the non-ssl version, the time changes at each try, as expected. Other problem is the performance. When I use the non-ssl version, the time changes from 800 ms to 1200 ms. Using the https, it´s always 3000 ms. I have a similar function wrote in C++, and I get similar times using http or https. Well, https sometimes get to 1500 ms, but generally speaking, the degradation is not sensible. I´m sending my code, and the log generated for both situations, using the https and the http site. Another question: Why the httpclient always add the Expect: 100-continue header? Is it part of the http spec? As I know, it should not be used on "normal" situations, ie, when you have a small post to do to the server. Correct me If I´m wrong. I´m using 2.0-alpha3-dev. Thanks in advance, Andre Augusto TCO Celular - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]