SSLSocket blocks mostly over 3G but works over wifi - ssl

I have a very strange problem regarding networking. I created an andorid app which connects securely to a server running on a PC. Note that though the PC is behind NAT, the respective port has been forwarded. Also PC was placed into DMZ to avoid any port forwarding issue.
The problem is that when I use the code over WIFI, it works perfectly, however, over 3G it almost always (29 out of 30) blocks in the SSLSocket's getOutputStream method (on server side the accept happens).
Can you please assist me what the issue can be?
Thank you
Client code:
E.log("establishing connection: trying to create context");
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, new X509TrustManager[]{new X509TrustManager(){
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws CertificateException {}
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws CertificateException {}
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}}}, new SecureRandom());
E.log("establishing connection: trying to create socket factory");
SSLSocketFactory factory = (SSLSocketFactory) context.getSocketFactory ();
E.log("establishing connection: trying to create socket");
kkSocket = (SSLSocket)
factory.createSocket(host, Integer.parseInt(port));
E.log("establishing connection: trying to create out writer");
out = new PrintWriter(kkSocket.getOutputStream(), true);
E.log("establishing connection: trying to create in reader");
in = new BufferedReader(new InputStreamReader
(kkSocket.getInputStream()));
Failing log:
04-15 00:07:59.066: E/Bubu(17340): starting thread
04-15 00:07:59.076: I/System.out(17340): Mon Apr 15 00:07:59 CEST 2013 - establishing connection: trying to create context
04-15 00:07:59.076: I/System.out(17340): Mon Apr 15 00:07:59 CEST 2013 - establishing connection: trying to create socket factory
04-15 00:07:59.076: I/System.out(17340): Mon Apr 15 00:07:59 CEST 2013 - establishing connection: trying to create socket
04-15 00:07:59.146: D/dalvikvm(17340): GC_CONCURRENT freed 190K, 5% free 7530K/7880K, paused 4ms+2ms, total 23ms
04-15 00:08:01.056: I/System.out(17340): Mon Apr 15 00:08:01 CEST 2013 - establishing connection: trying to create out writer
Success:
04-15 00:13:15.506: E/Bubu(17750): starting thread
04-15 00:13:15.526: I/System.out(17750): Mon Apr 15 00:13:15 CEST 2013 - establishing connection: trying to create context
04-15 00:13:15.536: I/System.out(17750): Mon Apr 15 00:13:15 CEST 2013 - establishing connection: trying to create socket factory
04-15 00:13:15.536: I/System.out(17750): Mon Apr 15 00:13:15 CEST 2013 - establishing connection: trying to create socket
04-15 00:13:15.556: I/System.out(17750): Mon Apr 15 00:13:15 CEST 2013 - establishing connection: trying to create out writer
04-15 00:13:15.746: I/System.out(17750): Mon Apr 15 00:13:15 CEST 2013 - establishing connection: trying to create in reader
04-15 00:13:15.746: I/System.out(17750): Mon Apr 15 00:13:15 CEST 2013 - from server:bubu

Related

Scrapy+Splash returning wrong headers

When using Splash with Scrapy the headers are returned from the Splash server instead of the website Splash renders.
response.headers returns:
{b'Server': [b'TwistedWeb/19.7.0'], b'Date': [b'Sun, 11 Jul 2021 07:31:32 GMT'], b'Content-Type': [b'text/html; charset=utf-8']}
And I'm trying to get the headers of the actual website:
Connection: Keep-Alive
Content-Length: 5
Content-Type: text/html
Date: Sun, 11 Jul 2021 07:05:49 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
X-Cache: HIT
How can I get the headers of the website instead of the Splash server?
I got it to work with this:
splash_lua_script = """
function main(splash, args)
assert(splash:go(args.url))
assert(splash:wait(0.5))
local entries = splash:history()
local last_response = entries[#entries].response
return {
html = splash:html(),
headers = last_response.headers
}
end
"""
And then refer it to response.headers with Scrapy.

WebSocket over SSL in embedded Jetty 9

For this question I have prepared a test project WssEmbedded, which listens for incoming WebSocket connections at localhost:8080 and localhost:8443.
In the MyHandler class I create 2 connectors for this purpose:
public class MyHandler extends WebSocketHandler {
#Override
public void configure(WebSocketServletFactory factory) {
factory.register(MyListener.class);
}
public static void main(String[] args) throws Exception {
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStorePath("keystore.jks");
sslContextFactory.setKeyStorePassword("OBF:1l1a1s3g1yf41xtv20731xtn1yf21s3m1kxs");
Server server = new Server();
server.setHandler(new MyHandler());
ServerConnector wsConnector = new ServerConnector(server);
wsConnector.setHost("127.0.0.1");
wsConnector.setPort(8080);
server.addConnector(wsConnector);
ServerConnector wssConnector = new ServerConnector(server,
new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()));
wssConnector.setHost("127.0.0.1");
wssConnector.setPort(8443);
server.addConnector(wssConnector);
server.start();
server.join();
}
}
I have added a key/certificate pair to keystore.jks with:
keytool -genkey -alias key1 -keyalg RSA -keypass password1 -keystore keystore.jks -storepass password1
The server starts without problems:
2016-06-22 13:34:45.254:INFO::main: Logging initialized #641ms
2016-06-22 13:34:45.404:INFO:oejs.Server:main: jetty-9.3.9.v20160517
2016-06-22 13:34:45.544:INFO:oejs.AbstractConnector:main: Started ServerConnector#3b354e17{HTTP/1.1,[http/1.1]}{127.0.0.1:8080}
2016-06-22 13:34:45.594:INFO:oejus.SslContextFactory:main: x509=X509#64d2d351(key1,h=[],w=[]) for SslContextFactory#1b68b9a4(file:///C:/Users/user1/jetty-newbie/WssEmbedded/keystore.jks,null)
2016-06-22 13:34:46.084:INFO:oejs.AbstractConnector:main: Started ServerConnector#1e53a15{SSL,[ssl]}{127.0.0.1:8443}
2016-06-22 13:34:46.084:INFO:oejs.Server:main: Started #1476ms
Then I have prepared a simple WssClient project for testing the above server:
public static void main(String[] args) {
final String WS_URL = "ws://127.0.0.1:8080";
MyListener socket = new MyListener("Hello world");
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setTrustAll(true);
WebSocketClient client = new WebSocketClient(sslContextFactory);
try {
client.start();
URI uri = new URI(WS_URL);
ClientUpgradeRequest cur = new ClientUpgradeRequest();
client.connect(socket, uri, cur);
socket.awaitClose(5, TimeUnit.SECONDS);
} catch (Throwable t) {
t.printStackTrace();
} finally {
try {
client.stop();
} catch (Exception e) {
e.printStackTrace();
}
}
}
The client works well and prints:
2016-06-22 13:36:06.130:INFO::main: Logging initialized #205ms
onWebSocketConnect: /127.0.0.1:8080
REQUEST:
Hello world
RESPONSE:
Hello /127.0.0.1:58518
onWebSocketClose: 1000 null
The server works well and prints:
2016-06-22 13:35:54.057:INFO:daw.MyListener:qtp1597462040-19: onWebSocketConnect: /127.0.0.1:58511
2016-06-22 13:35:54.097:INFO:daw.MyListener:qtp1597462040-14: onWebSocketText: Hello world
2016-06-22 13:35:54.107:INFO:daw.MyListener:qtp1597462040-13: onWebSocketClose: 1000 - null
However, when I change to WS_URL = "wss://127.0.0.1:8443" then it fails with:
2016-06-22 13:36:29.063:INFO::main: Logging initialized #208ms
onWebSocketError: java.nio.channels.ClosedChannelException
What have I missed here please? How to debug this?
UPDATE:
Thinking that the problem could be the self-signed certificate used above, I have taken a Thawte certificate valid for 3 years for my web domains slova.de and www.slova.de (they point to different IP addresses!) and imported it on CentOS 7 Linux into keystore using Oracle jdk1.8.0_91-1.8.0_91-fcs.x86_64:
# keytool -importcert -file /etc/pki/tls/certs/slova.de.crt -keystore keystore.jks -storepass password1
Owner: CN=slova.de
Issuer: CN=thawte DV SSL SHA256 CA, OU=Domain Validated SSL, O="thawte, Inc.", C=US
Serial number: 9354a665699cafbfa7875490d5a9894
Valid from: Mon Apr 04 02:00:00 CEST 2016 until: Fri Apr 05 01:59:59 CEST 2019
Certificate fingerprints:
MD5: 33:BB:62:8A:09:24:11:0F:C9:40:AA:68:F4:CD:2A:B7
SHA1: 52:E2:B6:79:55:F4:FE:05:0D:2E:7C:18:78:58:22:16:ED:28:4F:B6
SHA256: A3:D3:83:4E:99:01:BF:AE:FB:EB:59:40:23:74:1D:28:93:4B:20:15:1D:E1:AC:1A:97:31:C6:0C:9B:E1:2D:03
Signature algorithm name: SHA256withRSA
Version: 3
As you can see, I have now a trusted certificate there:
# keytool -list -keystore keystore.jks -storepass password1
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 2 entries
key1, Jun 22, 2016, PrivateKeyEntry,
Certificate fingerprint (SHA1): 8F:7D:8E:E0:8F:9E:39:A1:0C:23:D3:FF:4B:47:F5:0D:BA:EC:EE:F3
mykey, Jun 22, 2016, trustedCertEntry,
Certificate fingerprint (SHA1): 52:E2:B6:79:55:F4:FE:05:0D:2E:7C:18:78:58:22:16:ED:28:4F:B6
Then I have started the WssEmbedded program at the www.slova.de:8443 (at my Linux server it is different IP address from slova.de on which Apache is running):
# java -classpath $CPATHS de.afarber.wssembedded.MyHandler 144.76.184.154:8443
2016-06-22 19:45:21.093:INFO::main: Logging initialized #73ms
2016-06-22 19:45:21.144:INFO:oejs.Server:main: jetty-9.3.9.v20160517
2016-06-22 19:45:21.167:INFO:oejs.AbstractConnector:main: Started ServerConnector#6a38e57f{HTTP/1.1,[http/1.1]}{www.slova.de:8080}
2016-06-22 19:45:21.188:INFO:oejus.SslContextFactory:main: x509=X509#7a46a697(key1,h=[],w=[]) for SslContextFactory#5f205aa(file:///usr/share/java/words/keystore.jks,null)
2016-06-22 19:45:21.189:INFO:oejus.SslContextFactory:main: x509=X509#6d86b085(mykey,h=[slova.de, www.slova.de],w=[]) for SslContextFactory#5f205aa(file:///usr/share/java/words/keystore.jks,null)
2016-06-22 19:45:21.327:INFO:oejs.AbstractConnector:main: Started ServerConnector#71bbf57e{SSL,[ssl]}{www.slova.de:8443}
2016-06-22 19:45:21.327:INFO:oejs.Server:main: Started #309ms
And then I have run WssClient against wss://www.slova.de:8443 in NetBeans at my Macbook:
Executing command line: /Library/Java/JavaVirtualMachines/jdk1.8.0_45.jdk/Contents/Home/bin/java -Xdebug -Xrunjdwp:transport=dt_socket,server=n,address=56634 -classpath /Users/afarber/src/jetty-newbie/WssClient/target/classes:/Users/afarber/.m2/repository/org/eclipse/jetty/websocket/websocket-client/9.3.9.v20160517/websocket-client-9.3.9.v20160517.jar:/Users/afarber/.m2/repository/org/eclipse/jetty/jetty-util/9.3.9.v20160517/jetty-util-9.3.9.v20160517.jar:/Users/afarber/.m2/repository/org/eclipse/jetty/jetty-io/9.3.9.v20160517/jetty-io-9.3.9.v20160517.jar:/Users/afarber/.m2/repository/org/eclipse/jetty/websocket/websocket-common/9.3.9.v20160517/websocket-common-9.3.9.v20160517.jar:/Users/afarber/.m2/repository/org/eclipse/jetty/websocket/websocket-api/9.3.9.v20160517/websocket-api-9.3.9.v20160517.jar de.afarber.wssclient.Main
2016-06-22 19:45:31.718:INFO::main: Logging initialized #325ms
onWebSocketError: java.nio.channels.ClosedChannelException
(Nothing changed at the WssEmbedded server output).
Please help, how to get WSS working with embedded Jetty 9?
After adding -Dorg.eclipse.jetty.LEVEL=DEBUG -Djavax.net.debug=ssl friendly folks at the Jetty mailing list have pointed out, that there were NPEs at the server side caused by missing HttpConnectionFactory.
I have missed to copy that part from the embedded/LikeJettyXML example.
The following code in wssembedded/MyHandler.java works better:
public static void main(String[] args) throws Exception {
Server server = new Server();
server.setHandler(new MyHandler());
HttpConfiguration http_config = new HttpConfiguration();
http_config.setSecureScheme("https");
http_config.setSecurePort(8443);
HttpConfiguration https_config = new HttpConfiguration(http_config);
https_config.addCustomizer(new SecureRequestCustomizer());
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStorePath("keystore.jks");
sslContextFactory.setKeyStorePassword("OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0");
ServerConnector wsConnector = new ServerConnector(server);
wsConnector.setHost("localhost");
wsConnector.setPort(8080);
server.addConnector(wsConnector);
ServerConnector wssConnector = new ServerConnector(server,
new SslConnectionFactory(sslContextFactory,
HttpVersion.HTTP_1_1.asString()),
new HttpConnectionFactory(https_config)); // THIS WAS MISSING
wssConnector.setHost("localhost");
wssConnector.setPort(8443);
server.addConnector(wssConnector);
server.start();
server.join();
}

Https Proxy with Restlet Client

I am trying to get an https page over a proxy in restlet 2.1.7 with HTTPClient 4.1 and it is not authorizing with the proxy. If I connect to a page through http the authorization works. Connecting with httpurlconnect through the proxy to the same https site also works.
public class TestProxy {
public static void main(String[] args) {
Series<Parameter> parameters = null;
ClientResource clientResource = null;
Representation representation = null;
try {
Client client = new Client(new Context(), Protocol.HTTPS);
parameters = client.getContext().getParameters();
// proxy with credentials Works as excepted with http sites
parameters.add("proxyHost", PROXYIP);
parameters.add("proxyPort", PROXYPORT);
// create trust manager that trusts everything to eliminate
// certificates as an issue
TrustManager tm = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
// This will never throw an exception.
// This doesn't check anything at all: it's insecure.
}
};
final SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, new TrustManager[] { tm }, null);
Context context = client.getContext();
context.getAttributes().put("sslContextFactory",
new SslContextFactory() {
public void init(Series<Parameter> parameters) {
}
public SSLContext createSslContext() {
return sslContext;
}
});
clientResource = new ClientResource("https://www.google.com");
clientResource.setProxyChallengeResponse(
ChallengeScheme.HTTP_BASIC, USER, PASS);
clientResource.setNext(client);
representation = clientResource.get();
System.out.println(representation.getText());
clientResource.get();
} catch (Exception e) {
e.printStackTrace();
}
}
}
It then throws a 407 proxy not authorized exception
Starting the Apache HTTP client
ThreadSafeClientConnManager.java:221) Get connection: HttpRoute[{tls}->http://PROXYIP:3128->https://www.google.com], timeout = 0
13 Jul 2015 10:18:11,747 DEBUG (ConnPoolByRoute.java:350) [HttpRoute[{tls}->http://PROXYIP:3128->https://www.google.com]] total kept alive: 0, total issued: 0, total allocated: 0 out of 20
13 Jul 2015 10:18:11,748 DEBUG (ConnPoolByRoute.java:523) No free connections [HttpRoute[{tls}->http://PROXYIP:3128->https://www.google.com]][null]
13 Jul 2015 10:18:11,749 DEBUG (ConnPoolByRoute.java:369) Available capacity: 10 out of 10 [HttpRoute[{tls}->http://PROXYIP:3128->https://www.google.com]][null]
13 Jul 2015 10:18:11,749 DEBUG (ConnPoolByRoute.java:549) Creating new connection [HttpRoute[{tls}->http://PROXYIP:3128->https://www.google.com]]
13 Jul 2015 10:18:11,769 DEBUG (DefaultClientConnectionOperator.java:145) Connecting to /PROXYIP:3128
13 Jul 2015 10:18:16,426 DEBUG (RequestAuthCache.java:75) Auth cache not set in the context
13 Jul 2015 10:18:16,426 DEBUG (DefaultClientConnection.java:264) Sending request: CONNECT www.google.com:443 HTTP/1.1
13 Jul 2015 10:18:16,428 DEBUG (Wire.java:63) >> "CONNECT www.google.com:443 HTTP/1.1[\r][\n]"
13 Jul 2015 10:18:16,430 DEBUG (Wire.java:63) >> "Host: www.google.com[\r][\n]"
13 Jul 2015 10:18:16,430 DEBUG (Wire.java:63) >> "Proxy-Connection: Keep-Alive[\r][\n]"
13 Jul 2015 10:18:16,431 DEBUG (Wire.java:63) >> "[\r][\n]"
13 Jul 2015 10:18:16,431 DEBUG (DefaultClientConnection.java:268) >> CONNECT www.google.com:443 HTTP/1.1
13 Jul 2015 10:18:16,432 DEBUG (DefaultClientConnection.java:271) >> Host: www.google.com
13 Jul 2015 10:18:16,432 DEBUG (DefaultClientConnection.java:271) >> Proxy-Connection: Keep-Alive
13 Jul 2015 10:18:16,455 DEBUG (Wire.java:63) << "HTTP/1.0 407 Proxy Authentication Required[\r][\n]"
13 Jul 2015 10:18:16,458 DEBUG (Wire.java:63) << "Server: squid/2.6.STABLE21[\r][\n]"
13 Jul 2015 10:18:16,459 DEBUG (Wire.java:63) << "Date: Mon, 13 Jul 2015 09:29:46 GMT[\r][\n]"
13 Jul 2015 10:18:16,459 DEBUG (Wire.java:63) << "Content-Type: text/html[\r][\n]"
13 Jul 2015 10:18:16,459 DEBUG (Wire.java:63) << "Content-Length: 1298[\r][\n]"
13 Jul 2015 10:18:16,460 DEBUG (Wire.java:63) << "Expires: Mon, 13 Jul 2015 09:29:46 GMT[\r][\n]"
13 Jul 2015 10:18:16,460 DEBUG (Wire.java:63) << "X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0[\r][\n]"
13 Jul 2015 10:18:16,461 DEBUG (Wire.java:63) << "Proxy-Authenticate: Basic realm="Squid proxy-caching web server"[\r][\n]"
13 Jul 2015 10:18:16,461 DEBUG (Wire.java:63) << "X-Cache: MISS from hostname.domain.tld[\r][\n]"
13 Jul 2015 10:18:16,461 DEBUG (Wire.java:63) << "X-Cache-Lookup: NONE from hostname.domain.tld:3128[\r][\n]"
13 Jul 2015 10:18:16,462 DEBUG (Wire.java:63) << "Via: 1.0 hostname.domain.tld:3128 (squid/2.6.STABLE21)[\r][\n]"
13 Jul 2015 10:18:16,462 DEBUG (Wire.java:63) << "Proxy-Connection: close[\r][\n]"
13 Jul 2015 10:18:16,462 DEBUG (Wire.java:63) << "[\r][\n]"
13 Jul 2015 10:18:16,464 DEBUG (DefaultClientConnection.java:249) Receiving response: HTTP/1.0 407 Proxy Authentication Required
13 Jul 2015 10:18:16,464 DEBUG (DefaultClientConnection.java:252) << HTTP/1.0 407 Proxy Authentication Required
13 Jul 2015 10:18:16,464 DEBUG (DefaultClientConnection.java:255) << Server: squid/2.6.STABLE21
13 Jul 2015 10:18:16,465 DEBUG (DefaultClientConnection.java:255) << Date: Mon, 13 Jul 2015 09:29:46 GMT
13 Jul 2015 10:18:16,465 DEBUG (DefaultClientConnection.java:255) << Content-Type: text/html
13 Jul 2015 10:18:16,465 DEBUG (DefaultClientConnection.java:255) << Content-Length: 1298
13 Jul 2015 10:18:16,466 DEBUG (DefaultClientConnection.java:255) << Expires: Mon, 13 Jul 2015 09:29:46 GMT
13 Jul 2015 10:18:16,466 DEBUG (DefaultClientConnection.java:255) << X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0
13 Jul 2015 10:18:16,466 DEBUG (DefaultClientConnection.java:255) << Proxy-Authenticate: Basic realm="Squid proxy-caching web server"
13 Jul 2015 10:18:16,467 DEBUG (DefaultClientConnection.java:255) << X-Cache: MISS from hostname.domain.tld
13 Jul 2015 10:18:16,467 DEBUG (DefaultClientConnection.java:255) << X-Cache-Lookup: NONE from hostname.domain.tld:3128
13 Jul 2015 10:18:16,467 DEBUG (DefaultClientConnection.java:255) << Via: 1.0 hostname.domain.tld:3128 (squid/2.6.STABLE21)
13 Jul 2015 10:18:16,468 DEBUG (DefaultClientConnection.java:255) << Proxy-Connection: close
13 Jul 2015 10:18:16,470 DEBUG (ResponseProcessCookies.java:78) Cookie spec not specified in HTTP context
13 Jul 2015 10:18:16,473 DEBUG (Wire.java:63) << "<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">[\n]"
13 Jul 2015 10:18:16,474 DEBUG (Wire.java:63) << "<HTML><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">[\n]"
13 Jul 2015 10:18:16,474 DEBUG (Wire.java:63) << "<TITLE>ERROR: Cache Access Denied</TITLE>[\n]"
13 Jul 2015 10:18:16,475 DEBUG (Wire.java:63) << "<STYLE type="text/css"><!--BODY{background-color:#ffffff;font-family:verdana,sans-serif}PRE{font-family:sans-serif}--></STYLE>[\n]"
13 Jul 2015 10:18:16,475 DEBUG (Wire.java:63) << "</HEAD>[\n]"
13 Jul 2015 10:18:16,476 DEBUG (Wire.java:63) << "<BODY>[\n]"
13 Jul 2015 10:18:16,476 DEBUG (Wire.java:63) << "<H1>ERROR</H1>[\n]"
13 Jul 2015 10:18:16,477 DEBUG (Wire.java:63) << "<H2>Cache Access Denied</H2>[\n]"
13 Jul 2015 10:18:16,477 DEBUG (Wire.java:63) << "<HR noshade size="1px">[\n]"
13 Jul 2015 10:18:16,478 DEBUG (Wire.java:63) << "<P>[\n]"
13 Jul 2015 10:18:16,478 DEBUG (Wire.java:63) << "While trying to retrieve the URL:[\n]"
13 Jul 2015 10:18:16,479 DEBUG (Wire.java:63) << "www.google.com:443[\n]"
13 Jul 2015 10:18:16,479 DEBUG (Wire.java:63) << "<P>[\n]"
13 Jul 2015 10:18:16,480 DEBUG (Wire.java:63) << "The following error was encountered:[\n]"
13 Jul 2015 10:18:16,480 DEBUG (Wire.java:63) << "<UL>[\n]"
13 Jul 2015 10:18:16,480 DEBUG (Wire.java:63) << "<LI>[\n]"
13 Jul 2015 10:18:16,481 DEBUG (Wire.java:63) << "<STRONG>[\n]"
13 Jul 2015 10:18:16,481 DEBUG (Wire.java:63) << "Cache Access Denied.[\n]"
13 Jul 2015 10:18:16,482 DEBUG (Wire.java:63) << "</STRONG>[\n]"
13 Jul 2015 10:18:16,482 DEBUG (Wire.java:63) << "</UL>[\n]"
13 Jul 2015 10:18:16,483 DEBUG (Wire.java:63) << "</P>[\n]"
13 Jul 2015 10:18:16,483 DEBUG (Wire.java:63) << "[\n]"
13 Jul 2015 10:18:16,483 DEBUG (Wire.java:63) << "<P>Sorry, you are not currently allowed to request:[\n]"
13 Jul 2015 10:18:16,484 DEBUG (Wire.java:63) << "<PRE> www.google.com:443</PRE>[\n]"
13 Jul 2015 10:18:16,484 DEBUG (Wire.java:63) << "from this cache until you have authenticated yourself.[\n]"
13 Jul 2015 10:18:16,485 DEBUG (Wire.java:63) << "</P>[\n]"
13 Jul 2015 10:18:16,485 DEBUG (Wire.java:63) << "[\n]"
13 Jul 2015 10:18:16,486 DEBUG (Wire.java:63) << "<P>[\n]"
13 Jul 2015 10:18:16,486 DEBUG (Wire.java:63) << "You need to use Netscape version 2.0 or greater, or Microsoft Internet[\n]"
13 Jul 2015 10:18:16,487 DEBUG (Wire.java:63) << "Explorer 3.0, or an HTTP/1.1 compliant browser for this to work. Please[\n]"
13 Jul 2015 10:18:16,487 DEBUG (Wire.java:63) << "contact the cache administrator if you have[\n]"
13 Jul 2015 10:18:16,487 DEBUG (Wire.java:63) << "difficulties authenticating yourself or [\n]"
13 Jul 2015 10:18:16,488 DEBUG (Wire.java:63) << "change your default password.[\n]"
13 Jul 2015 10:18:16,488 DEBUG (Wire.java:63) << "</P>[\n]"
13 Jul 2015 10:18:16,488 DEBUG (Wire.java:63) << "[\n]"
13 Jul 2015 10:18:16,489 DEBUG (Wire.java:63) << "<BR clear="all">[\n]"
13 Jul 2015 10:18:16,489 DEBUG (Wire.java:63) << "<HR noshade size="1px">[\n]"
13 Jul 2015 10:18:16,489 DEBUG (Wire.java:63) << "<ADDRESS>[\n]"
13 Jul 2015 10:18:16,490 DEBUG (Wire.java:63) << "Generated Mon, 13 Jul 2015 09:29:46 GMT by hostname.domain.tld (squid/2.6.STABLE21)[\n]"
13 Jul 2015 10:18:16,490 DEBUG (Wire.java:63) << "</ADDRESS>[\n]"
13 Jul 2015 10:18:16,490 DEBUG (Wire.java:63) << "</BODY></HTML>[\n]"
13 Jul 2015 10:18:16,491 DEBUG (DefaultClientConnection.java:165) Connection closed
13 Jul 2015 10:18:16,491 DEBUG (DefaultRequestDirector.java:418) CONNECT refused by proxy: HTTP/1.0 407 Proxy Authentication Required
13 Jul 2015 10:18:16,492 DEBUG (ThreadSafeClientConnManager.java:272) Released connection is not reusable.
13 Jul 2015 10:18:16,492 DEBUG (ConnPoolByRoute.java:434) Releasing connection [HttpRoute[{tls}->http://PROXYIP:3128->https://www.google.com]][null]
13 Jul 2015 10:18:16,493 DEBUG (ConnPoolByRoute.java:679) Notifying no-one, there are no waiting threads
Proxy Authentication Required (407) - Proxy Authentication Required
at org.restlet.resource.ClientResource.doError(ClientResource.java:612)
at org.restlet.resource.ClientResource.handleInbound(ClientResource.java:1202)
at org.restlet.resource.ClientResource.handle(ClientResource.java:1069)
at org.restlet.resource.ClientResource.handle(ClientResource.java:1044)
at org.restlet.resource.ClientResource.handle(ClientResource.java:950)
at org.restlet.resource.ClientResource.get(ClientResource.java:658)
at TestProxy.main(TestProxy.java:68)

httpclient unable to send more than two requests

I am writing a Client-Server Application. I am using CloseableHttpClient on the client side for sending GET requests. I want to send 5 GET requests to the server. However, only I am getting response for only first two requests.
Here is my client code :
import java.io.IOException;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
public class Test {
public static void main(String[] args) {
HttpGet getreq = new HttpGet("http://shalakha:8089/Gateway/ReverseInvokeListener");
CloseableHttpClient c1 = HttpClients.createMinimal();
try {
for(int i=0;i<5;i++){
CloseableHttpResponse resp = c1.execute(getreq);
System.out.println(resp);
}
} catch (ClientProtocolException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
}
Here is the response I am getting :
HTTP/1.1 200 OK [Server: Apache-Coyote/1.1, Set-Cookie: JSESSIONID=0D4ABDC362FEC3030A5EE3709F3096FD; Path=/Gateway, CLIENTREQ: NO, Content-Length: 0, Date: Thu, 09 Apr 2015 09:22:22 GMT]
HTTP/1.1 200 OK [Server: Apache-Coyote/1.1, CLIENTREQ: NO, Content-Length: 0, Date: Thu, 09 Apr 2015 09:22:26 GMT]
where 'CLIENTREQ' is a CUSTOM header that I have added from the server side while sending the response.
Any pointers as to what must be causing this?
The connectionTimeout in server.xml is set to '-1' which indicates infinite timeout.
Your code has leaked all connections available to it (which are two by default) and has exhausted the connection pool. You need to close response objects to ensure that connections get released back to the pool.
http://hc.apache.org/httpcomponents-client-4.4.x/tutorial/html/fundamentals.html#d5e145

Programmatically configure WCF client binding to access SSL + Soap 1.1 + Basic Auth

I'm trying to write a C# WCF client (generated by svcutil from wsdl) to access a CXF (java) service implementing the same wsdl.
The service is working fine but I'm having trouble connecting to it on my C# client because the CXF is configured with SSL + Soap 1.1 + Basic Auth.
So far I've tried the following:
Why would Basic Auth not work with my WCF client to Java SOAP Web Service?
new BasicHttpBinding()
{
Security =
{
Mode = BasicHttpSecurityMode.Transport,
Transport =
{
ClientCredentialType = HttpClientCredentialType.Basic,
ProxyCredentialType = HttpProxyCredentialType.None
},
Message =
{
ClientCredentialType = BasicHttpMessageCredentialType.UserName,
AlgorithmSuite = SecurityAlgorithmSuite.Default
}
}
}
var client = new WebServiceClient(binding, endpoint);
client.ClientCredentials.UserName.UserName = username;
client.ClientCredentials.UserName.Password = password;
But it doesn't seem to send the Auth Header correctly.
I've also tried adding the header manually as outlined by http://social.msdn.microsoft.com/Forums/en-US/wcf/thread/4f8ab001-dafa-4347-bc41-95255ecc9230. but I am not satisfied that this being the best solution.
Can any WCF expert outline a way of creating a binding programmatically that supports SSL + Soap 1.1 + Basic Auth?
Following is the header sent with WCF
System.Net Information: 0 : [13620] ConnectStream#64929093 - Sending headers
{
Content-Type: text/xml; charset=utf-8
SOAPAction: "http://api.test.com/services/GetThings"
Host: api.test.com
Content-Length: 552
Expect: 100-continue
Accept-Encoding: gzip, deflate
}
While this is the proper header sent by SoapUI
Mon May 13 15:33:08 EDT 2013:DEBUG:>> "Accept-Encoding: gzip,deflate[\r][\n]"
Mon May 13 15:33:08 EDT 2013:DEBUG:>> "Content-Type: text/xml;charset=UTF-8[\r][\n]"
Mon May 13 15:33:08 EDT 2013:DEBUG:>> "SOAPAction: "http://api.test.com/services/GetThings"[\r][\n]"
Mon May 13 15:33:08 EDT 2013:DEBUG:>> "Authorization: Basic bXliVlcHJpbQbWwOTkxMjg=[\r][\n]"
Mon May 13 15:33:08 EDT 2013:DEBUG:>> "Content-Length: 317[\r][\n]"
Mon May 13 15:33:08 EDT 2013:DEBUG:>> "Host: api.test.com[\r][\n]"
Mon May 13 15:33:08 EDT 2013:DEBUG:>> "Connection: Keep-Alive[\r][\n]"
Mon May 13 15:33:08 EDT 2013:DEBUG:>> "User-Agent: Apache-HttpClient/4.1.1 (java 1.5)[\r][\n]"