I am a beginner making my first ktor server. I have a functional website that allows users to push data to the server. Next, I need the server to push that data to the database. The way I am trying to accomplish this now is by sending a get request with the data as a query parameter from the server to the database.
First I searched "ktor send get request", and found https://ktor.io/docs/request.html but this is listed under the "ktor client" and doesn't seem to have a counterpart in "ktor server".
Next, I tried doing a basic HTTP request with java. I used
import java.net.http.HttpClient
import java.net.http.HttpRequest
import java.net.http.HttpResponse
to send a get request the same way you would in plain old java. And since these references resolved just fine in the IDE, I thought I was good to go. But when I tried to deploy the server to heroku, I got
remote: e: /tmp/build_c9454b1c/src/main/kotlin/com/example/Application.kt: (23, 17): Unresolved reference: http
remote: e: /tmp/build_c9454b1c/src/main/kotlin/com/example/Application.kt: (24, 17): Unresolved reference: http
remote: e: /tmp/build_c9454b1c/src/main/kotlin/com/example/Application.kt: (25, 17): Unresolved reference: http
remote: e: /tmp/build_c9454b1c/src/main/kotlin/com/example/Application.kt: (119, 16): Unresolved reference: HttpClient
remote: e: /tmp/build_c9454b1c/src/main/kotlin/com/example/Application.kt: (120, 17): Unresolved reference: HttpRequest
remote: e: /tmp/build_c9454b1c/src/main/kotlin/com/example/Application.kt: (124, 39): Unresolved reference: HttpResponse
What am I missing?
As #Enzeit and #Broot explained to me in the comments, I can just use ktor-client in my server as well.
Related
I'm trying to publish message to a Tibco Queue on a SSL Tibco Server through JMeter 5.4.1 using JMS Point-to-Point Logic Controller.
JMS Point To Point Controller Config
But I'm getting the following error message:
2021-06-13 12:25:46,278 ERROR o.a.j.p.j.s.JMSSampler: Not permitted:
Failed to connect to any server at: ssl://[server-name]:7352,
ssl://[server-name]:7352 [Error: Failed to connect via SSL to
[ssl://[server-name]:7352]: Received fatal alert:
protocol_version: url that returned this exception =
SSL://[server-name]:7352 ]
javax.naming.AuthenticationException: Not permitted: Failed to connect
to any server at: ssl://[server-name]:7352,
ssl://[server-name]:7352 [Error: Failed to connect via SSL to
[ssl://[server-name]:7352]: Received fatal alert:
protocol_version: url that returned this exception =
SSL://[server-name] ] at
com.tibco.tibjms.naming.TibjmsContext.lookup(TibjmsContext.java:670)
~[tibjms.jar:8.0.0] at
com.tibco.tibjms.naming.TibjmsContext.lookup(TibjmsContext.java:491)
~[tibjms.jar:8.0.0] at
javax.naming.InitialContext.lookup(InitialContext.java:417)
~[?:1.8.0_291] at
org.apache.jmeter.protocol.jms.sampler.JMSSampler.threadStarted(JMSSampler.java:638)
[ApacheJMeter_jms.jar:5.4.1] at
org.apache.jmeter.threads.JMeterThread$ThreadListenerTraverser.addNode(JMeterThread.java:784)
[ApacheJMeter_core.jar:5.4.1] at
org.apache.jorphan.collections.HashTree.traverseInto(HashTree.java:993)
[jorphan.jar:5.4.1] at
org.apache.jorphan.collections.HashTree.traverse(HashTree.java:976)
[jorphan.jar:5.4.1] at
org.apache.jmeter.threads.JMeterThread.threadStarted(JMeterThread.java:752)
[ApacheJMeter_core.jar:5.4.1] at
org.apache.jmeter.threads.JMeterThread.initRun(JMeterThread.java:740)
[ApacheJMeter_core.jar:5.4.1] at
org.apache.jmeter.threads.JMeterThread.run(JMeterThread.java:252)
[ApacheJMeter_core.jar:5.4.1]
I tried:
openssl s_client -connect [server-name]:7352
It gave the following output:
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID:
Session-ID-ctx:
So added the following line in jmeter.properties file.
https.default.protocol=TLSv1.2
Also commented jdk.tls.disabledAlgorithms from java.security file for JDK (I'm using jdk1.8.0_291)
# jdk.tls.disabledAlgorithms=SSLv3, TLSv1, TLSv1.1, RC4, DES, MD5withRSA, \
# DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL, \
# include jdk.disabled.namedCurves
But still I'm getting the same error. Someone please help.
I think you're using the wrong property (not only the wrong property but the wrong place as well), you're setting default protocol for HTTPS, while you need to set it for TLS, i.e. add the next line to system.properties file
jdk.tls.client.protocols=TLSv1.2
JMeter restart will be required to apply this property.
If it won't help or you will get different errors - consider adding the next line there as well:
javax.net.debug=all
and then check jmeter.log file and stdout for any suspicious entries
More information:
Configuring JMeter
Apache JMeter Properties Customization Guide
I resolved it by using the latest tibjms.jar in the lib directory in JMeter as the Tibco server was upgraded some hours before I raised this issue.
I can successfully upload files to my Minio server using mc command line client (logged in as root):
./mc cp roobina.jpg minio/mag
roobina.jpg: 63.50 KiB / 63.50 KiB
But when I try to upload a file to a bucket using minio's own web interface I receive this error:
Unauthorized request.
When using api (in a php application using AmazonS3 libraries), I receive this error:
Error:Error executing "PutObject" on "https://s3.***.net/clbu/public/4d/4b/d1ad580690058a636ad58e5af931541336ec.jpg"; AWS HTTP error: Client error: `PUT https://s3.***.net/clbu/public/4d/4b/d1ad580690058a636ad58e5af931541336ec.jpg` resulted in a `403 Forbidden` response:
Forbidden (truncated...) Unable to parse error information from response - Error parsing XML: String could not be parsed as XML
Could someone please help?
After looking at different possible causes, I found that mod_security of apache (used as reverse proxy of minio:9000) was interfering with uploads causing the problem.
I disabled mod_security on the reverse proxy account and the problem is now solved.
I got this error:
SSL: hello: ssl_handshake.erl:171:Fatal error: internal error - server_has_no_suitable_certificates
when supplying a der-decocded certificate for the callback function in the {sni_fun, CallbackFun} option. The CallbackFun returns [{cacerts, [Cert]}], where Cert is der-encoded. So things comply with Erlang ssl module's documentation.
I tried look into the otp source code. It seems that whatever the callback returns is ignored, thus causing this function clause to be evaluated:
certificate_chain(undefined, _, _) ->
{error, no_cert};
which leads to that error! But I could be wrong as I kind of lost in browsing the code base...
If it helps, I use a self-signed CA to sign CSRs that are generated as a SNI is found during a TLS handshake (via sni_fun option).
please advise! thanks a lot!
Update:
I tried Erlang OTP 20.3 release and get another error:
TLS server: In state hello at tls_connection.erl:739 generated SERVER ALERT: Fatal - Handshake Failure - malformed_handshake_data
Looking at OTP source code, it is result of an exception from this block:
try
Version = ssl_handshake:select_version(tls_record, ClientVersion, Versions),
case ssl_cipher:is_fallback(CipherSuites) of
true ->
Highest = tls_record:highest_protocol_version(Versions),
case tls_record:is_higher(Highest, Version) of
true ->
?ALERT_REC(?FATAL, ?INAPPROPRIATE_FALLBACK);
false ->
handle_client_hello(Version, Hello, SslOpts, Info, Renegotiation)
end;
false ->
handle_client_hello(Version, Hello, SslOpts, Info, Renegotiation)
end
catch
_:_ ->
?ALERT_REC(?FATAL, ?HANDSHAKE_FAILURE, malformed_handshake_data)
end.
I am sure the cert is fine, I could view it as well as convert it between DER/PEM formats with openssl with no error. Is there a way to reveal what kind of exception it is in this case?
I solved the problem: the sni_fun must return the list of
[{cert, DerdecodedCert}, {keyfile, PathToTheCsrKeyFile}]
I was returning only
[{cert, DerdecodedCert}]
(which was so instructed by Erlang ssl doc)
Hope this helps anyone who bumps into similar problem as I did!
Trying to get a working installation of the Google EarthExplorer. I am inside a robust corporate firewall, and had to examine the certificate used by Chrome to verify the server/address being verified (using Chrome's dev tools).
After some reading - it looks like the situation is that:
1) when calling Initialize method on ee object, ee uses requests to manage the connection.
2) To configure the VirtualEnv correctly, I had to configure my virtualenv to use the organization provided certificate. Based on this SE (SE Python SSL Requests...) I was clued in to the fact that the python stack was using requests, which along with certifi manage a cert bundle for SSL on python.
3) After configuring the supplied certificate (matching that used with Chrome), I can open a connection to google inside my VirtualEnv using requests. Great!
(earthengine) X:\_01_VirtualEnvs\earthengine>python
Python 2.7.10 (default, May 23 2015, 09:40:32) [MSC v.1500 32 bit (Intel)] on win32
Type "help", "copyright", "credits" or "license" for more information.
>>> import requests
>>> requests.get("https://earthengine.google.com/", verify = True)
<Response [200]>
>>>
I think this is 'working' now ... when I try the same outside of the VirtualEnv, I get failed SSL3_GET_SERVER_CERTIFICATE... message. This lets me know that I got my certificate in the right place, and it seems to be working correctly.
However, I'm still getting errors on the ee.Initialize():
>>> ee.Initialize()
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "X:\_01_VirtualEnvs\earthengine\lib\site-packages\ee\__init__.py", line 9
3, in Initialize
ApiFunction.initialize()
File "X:\_01_VirtualEnvs\earthengine\lib\site-packages\ee\apifunction.py", lin
e 151, in initialize
signatures = data.getAlgorithms()
File "X:\_01_VirtualEnvs\earthengine\lib\site-packages\ee\data.py", line 410,
in getAlgorithms
return send_('/algorithms', {}, 'GET')
File "X:\_01_VirtualEnvs\earthengine\lib\site-packages\ee\data.py", line 738,
in send_
response, content = send_with_backoff()
File "X:\_01_VirtualEnvs\earthengine\lib\site-packages\ee\data.py", line 735,
in send_with_backoff
'Unexpected HTTP error: %s' % e.message)
ee.ee_exception.EEException: Unexpected HTTP error: [Errno 1] _ssl.c:510: error:
14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Anyone have any ideas on what is going wrong here? I thought that ee was using requests, therefore setting the python environments' requests properly.
From looking at the exception trace-back, it seems that ee has sub-class of requests based on the similarity of the trace-back signature... am I reading this right? The trace-back in both cases points towards the same _ssl.c:510 failure - failing on the same filename on the same line?
Is there a way to get more info from the exception? I'm really at a loss at this point.
So it looks like the EE stack is using httplib2 to handle the authentication. This gives a few options:
In data.py ~ line 700 Override the SSL check (the quick and dirty):
http = httplib2.Http(timeout=(_deadline_ms / 1000.0) or None,
disable_ssl_certificate_validation=True)
It looks like you should be able to explicitly direct httplib2 when instantiating the http connection object with:
HTTPLIB_CA_CERTS_PATH = os.environ.get('HTTPLIB_CA_CERTS_PATH')
http = httplib2.Http(timeout=(_deadline_ms / 1000.0) or None,
ca_certs=HTTPLIB_CA_CERTS_PATH)
I found this in the ca_certs_locator module, __init__.py. It is being sourced in the ee.Initialize() method (probably through something in data.py but I can't back track it. Regardless, the second option (explicitly passing the ca_certs path) doesn't solve the problem.
I'm rolling with the disable SSL validation, and using only earthengine.google.com endpoint.
In more recent versions, the ee.Initialize() method is accepting a http_transport argument, so we no longer need to modify its source code, but rather create it in our own:
_http_transport = httplib2.Http(disable_ssl_certificate_validation=True)
ee.Initialize(credentials, http_transport=_http_transport)
This way you can also control the ca_certs option, but I haven't tried that one.
I'm new to Alamofire, but this should be really simple, and I'm not sure why I'm running into an issue.
I'm using XCode8, Swift3, and Alamofire 4.0.1, and building for iOS9.
The URL I'm accessing is secured with a brand new cert acquired from GoDaddy. Both Chrome and Safari can load the secure site on my MacBookPo, and all looks well.
However the following code:
Alamofire.request(buildRequestString().addingPercentEncoding(withAllowedCharacters: NSCharacterSet.urlQueryAllowed)! ).validate().responseJSON { response in
switch response.result {
case .success(let data):
print(JSON(data))
case .failure(let error):
print(error)
}
}
results in the following error: (not I have replace my address/domain for security reasons)
[] nw_coretls_read_one_record tls_handshake_process: [-9801]
[] nw_endpoint_flow_protocol_error [1.1 12.345.67.890:443 in_progress socket-flow (satisfied)] TLS protocol sent error: [-9801]
[] nw_endpoint_flow_protocol_disconnected [1.1 12.345.67.890:443 in_progress socket-flow (satisfied)] Output protocol disconnected
[] nw_endpoint_resolver_receive_report [1 sub.domain.ext:443 in_progress resolver (satisfied)] received child report:[1.1 12.345.67.890:443 failed socket-flow (satisfied)]
[] nw_connection_endpoint_report [1.1 12.345.67.890:443 failed socket-flow (satisfied)] reported event flow:failed_connect, error Error Domain=kNWErrorDomainTLS Code=-9801 "Security Error: -9801" UserInfo={NSDescription=Security Error: -9801}
[] nw_connection_endpoint_report [1 sub.domain.ext:443 failed resolver (satisfied)] reported event flow:failed_connect
[] __tcp_connection_start_block_invoke 1 sending event TCP_CONNECTION_EVENT_DISCONNECTED in response to state failed and error Error Domain=kNWErrorDomainTLS Code=-9801 "Security Error: -9801" UserInfo={NSDescription=Security Error: -9801}
[] tcp_connection_event_notify 1 event: TCP_CONNECTION_EVENT_DISCONNECTED, reason: nw_connection event, should deliver: true
[] tcp_connection_cancel 1
[] nw_endpoint_handler_cancel [1 sub.domain.ext:443 failed resolver (satisfied)]
NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9801)
[] nw_endpoint_handler_cancel [1.1 12.345.67.890:443 failed socket-flow (satisfied)]
[] nw_resolver_cancel_on_queue 0x600000101b00
[] -[NWConcrete_tcp_connection dealloc] 1
Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={_kCFStreamErrorCodeKey=-9801, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, NSUnderlyingError=0x608000046e70 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, _kCFNetworkCFStreamSSLErrorOriginalValue=-9801, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9801}}, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., NSErrorFailingURLKey=https://sub.domain.ext/api/v1/Assignment?query=%22%22&device=%22%22, NSErrorFailingURLStringKey=https://sub.domain.ext/api/v1/Assignment?query=%22%22&device=%22%22, _kCFStreamErrorDomainKey=3}
Can anyone give me some insight as to why this error is occurring? It appears as if the site is not being trusted, even though there is a valid cert in place. Are there any other settings within XCode I need to adjust to allow this connection? The Alamofire documentation seemed to indicate the code above was all that was necessary.
To summarize the comments, #OP's site did not meet Apple's iOS ATS requirements. When tested with SSL Labs, the site scored an F and indicated lack of support for TLS. While bypassing ATS could have been an option, the server's TLS configuration was improved using the IIS Crypto tool as described at https://scotthelme.co.uk/getting-an-a-on-the-qualys-ssl-test-windows-edition/
Note: DO NOT set up Strict Transport Security without knowing what it does.
This addressed the issue.