I am adding code to use a proxy server to access the Internet.
The code works fine when requesting a file from a normal (HTTP) location, but does not work when accessing a secure location (HTTPS).
This is the code that works just fine:
URL = "http://UnSecureSite.net/file.xml"
Dim wr As HttpWebRequest = CType(WebRequest.Create(URL), HttpWebRequest)
Dim proxy As System.Net.IWebProxy
proxy = WebRequest.GetSystemWebProxy
wr.Proxy.Credentials = System.Net.CredentialCache.DefaultCredentials
Dim ws As HttpWebResponse = CType(wr.GetResponse(), HttpWebResponse)
// (more work here)
As soon as I change the URL to go to HTTPS, I get a 407 returned to me.
Anyone have any ideas?
URL = "https://SecureSite.net/file.xml"
Dim wr As HttpWebRequest = CType(WebRequest.Create(URL), HttpWebRequest)
Dim proxy As System.Net.IWebProxy
proxy = WebRequest.GetSystemWebProxy
wr.Proxy.Credentials = System.Net.CredentialCache.DefaultCredentials
Dim myCache As New CredentialCache()
myCache.Add(New Uri("https://SecureSite.net"), "Basic", New NetworkCredential(UserName, Password))
wr.Credentials = myCache
Dim ws As HttpWebResponse = CType(wr.GetResponse(), HttpWebResponse)
// (more work here)
A HTTPS request through a web-proxy is different from a standard HTTP request. A regular HTTP request will use the GET method. However, a HTTPS request needs to use a CONNECT method. Then, the proxy will merely establish a tunnel to the server. Subsequent messages will be sent directly between the client and the server through the proxy tunnel. The proxy has no way of interpreting the data flowing in between.
Under normal situations:
Client -+- [CONNECT] ---> Proxy --- [DIRECT TCP] -+-> Server
| | |
+-------------[ENCRYPTED TCP]-------------+
I am not familiar enough with the VB code to know if that is what is happening. However, I suspect that it is not. The easiest way to check is to intercept the message being sent to the proxy. Make sure that it begins with a "CONNECT ...".
Related
I am facing some trouble with the WebClient when using proxy, i.e. the code below does not work
WebClient webClient = WebClient.builder().baseUri("BASEURL").proxy(getProxy()).build();
Single<WebClientResponse> res = webClient.get().path("/MY/SUB/PATH").addHeader("Authorization", "Bearer " + MY_TOKEN).request();
WebClientResponse webClientRes = res.get();
String resContent = webClientRes.content().as(String.class).get();
public Proxy getProxy(){
return Proxy.builder().type(Proxy.ProxyType.HTTP).host(host).port(port).password("SECRET_PASSWORD".toCharArray()).username(username).build();
}
However the if we use Apache HttpClient the code works (working code below)
HttpHost proxy = new HttpHost(host, port);
CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(new AuthScope(proxy), new UsernamePasswordCredentials(username, "SECRET_PASSWORD"));
HttpGet request = new HttpGet("BASEURL" + "/MY/SUB/PATH");
request.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + MY_TOKEN);
CloseableHttpClient httpClient = HttpClients.custom().setProxy(proxy).setDefaultCredentialsProvider(credentialsProvider).build();
String resContent = EntityUtils.toString(httpClient.execute(request).getEntity());
could anyone let us know if we are overlooking something basic?
We are using helidon MP 2.5.2
When you set a proxy in WebClient, it will use absolute URI in the request because of changes made in https://github.com/helidon-io/helidon/issues/2302 and https://github.com/helidon-io/helidon/issues/3438. The use of absolute URI was implemented because of section 5.1.2 Request-URI in https://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html which states:
The absoluteURI form is REQUIRED when the request is being made to a
proxy.
The problem is that some hosts have issue processing a request with absolute URI as they expect relative URI instead. I have encountered while working on issue https://github.com/helidon-io/helidon/issues/4644 where my testcase has a client that is connecting to KeyCloak as an OIDC server, and KeyCloak will return a 404 because it cannot handle the absoluteURI.
There is a special Webclient config property called relative-uris that you can use to force the request URI to use the relative form rather than absolute. So you can try adding config() in your WebClient.builder() and set that property like this:
.config(Config.create(ConfigSources.create(Map.of("relative-uris", "true")))
where Config needs to be imported as io.helidon.config.Config and ConfigSources as io.helidon.config.ConfigSources. As an alternative, you can also add something like this in your application.yaml:
force-relative-uris:
relative-uris: true
and add config() in the WebClient.builder() like this:
.config(config.get("force-relative-uris"))
where config is instantiated prior to WebClient.builder() like this:
Config config = Config.create();
In the upcoming Helidon v2.5.5 (and v3.0.3), there will be a new relativeUris(boolean relativeUris) in WebClient.builder() so that you don’t have to use config() as in my examples above, which is slightly cumbersome.
I try to connect to https web service over proxy at my end.
below is code snippet
Dim strProxyURL As String = "http://myproxy.com"
Dim mypingRequest As New pingRequest()
Dim httpUri As New Uri("https://mysite.com")
Dim mybinding As New WSHttpBinding()
Dim remoteAddress As New EndpointAddress(httpUri)
mybinding.UseDefaultWebProxy = True
mybinding.BypassProxyOnLocal = True
mybinding.Security.Transport.ProxyCredentialType = HttpProxyCredentialType.Windows
mybinding.MessageEncoding = WSMessageEncoding.Mtom
mybinding.TextEncoding = System.Text.Encoding.UTF8
mybinding.Security.Mode = SecurityMode.TransportWithMessageCredential 'TransportWithMessageCredential
mybinding.Security.Message.ClientCredentialType = MessageCredentialType.Windows
Dim myMBClient As New v1_PortTypeClient(mybinding, remoteAddress)
myMBClient.ClientCredentials.Windows.ClientCredential.UserName = "username"
myMBClient.ClientCredentials.Windows.ClientCredential.Password = "pwd"
myMBClient.ping()
when I use proxy I error proxy authentication required error
if I remove proxy from desktop and use direct internet then I go to site web service but cannot login even thought the gave correct username and password
issue is resolved. WCF web services uses Custom binding hence error. also i have add webrequest.defaultwebproxy and credentials to access via web proxy at requesting client side WCF Custom Http Proxy Authentication
My application is supposed to work on a Company Network where proxy is enabled,
By default when logged in all applications like browser and all can access internet normally
But when i open my application "The remote server returned an error [407] Proxy Authentication Required" error is coming
In normal internet connected PC it works well
Is there any way to set manual proxy or more preferably set the system proxy as default to the application
I am too novice in the programming field
My code is
Dim PartURL As String = "http://www.google.com"
Dim request As System.Net.HttpWebRequest = System.Net.HttpWebRequest.Create(PartURL)
Dim response As System.Net.HttpWebResponse = request.GetResponse()
Dim sr As System.IO.StreamReader = New System.IO.StreamReader(response.GetResponseStream())
Dim sourcecode As String = sr.ReadToEnd()
SearchPageSource = sourcecode
Also my proxy settings is
Address: abcserver04
Port: 8080
Ipconfig output on cmd prompt is
Ethernet adapter local area connection
Connection Specific DNS Suffix : abc.defgroup.net
IP Address : 10.4.8.xx
Subnet Mask : 255.255.255.0
Default Gateway : 10.4.8.254
Try this...
request.Proxy.Credentials = System.Net.CredentialCache.DefaultCredentials
You can also use app.config.
From https://stackoverflow.com/a/8180854/239408
<system.net>
<defaultProxy useDefaultCredentials="true" />
</system.net>
In my Windows CE 6.0 app, I am communicating with a proprietary web server device that is returning bad header information (more specifically, it's returning NO header information).
I believe this lack of header information is the reason why my HttpWebRequest methods are not working properly.
I recall that the .NET "regular" Framework allows for us to programmatically configure the System.Net.Configuration assembly to allow for invalid headers (useUnsafeHeaderParsing).
Unfortunately, for me, the System.Net.Configuration assembly is not included in the Compact Framework.
Is there a similar configuration in CF that is exposed that allows us to programmatically allow for invalid headers?
I was unable to find a work-around for setting the UseUnsafeHeaderParsing. I decided to remove the implementation of the HttpWebRequest class and use the TcpClient instead. Using the TcpClient class will ignore any problems that may exist with the HTTP Headers - the TcpClient doesn't even think in those terms.
Anyway, using the TcpClient I am able to get the data (including the HTTP Headers) from the proprietary web server that I mentioned in my original post .
For the record, here is a sample of how to retrieve data from a web server via the TcpClient:
The code below is essentially sending a client side HTTP Header packet to a web server.
static string GetUrl(string hostAddress, int hostPort, string pathAndQueryString)
{
string response = string.Empty;
//Get the stream that will be used to send/receive data
TcpClient socket = new TcpClient();
socket.Connect(hostAddress, hostPort);
NetworkStream ns = socket.GetStream();
//Write the HTTP Header info to the stream
StreamWriter sw = new StreamWriter(ns);
sw.WriteLine(string.Format("GET /{0} HTTP/1.1", pathAndQueryString));
sw.Flush();
//Save the data that lives in the stream (Ha! sounds like an activist!)
string packet = string.Empty;
StreamReader sr = new StreamReader(ns);
do
{
packet = sr.ReadLine();
response += packet;
}
while (packet != null);
socket.Close();
return (response);
}
I'm trying to call the AddAttachment of the Lists.asmx SharePoint web service the below code works fine if I'm calling the web service over HTTP.
Dim img(MyFile.PostedFile.ContentLength - 1) As Byte
MyFile.PostedFile.InputStream.Read(img, 0, img.Length)
'Dim fStream As FileStream = File.OpenRead(FullFileName)
Dim fileName As String = MyFile.PostedFile.FileName.Substring(3)
Dim listService As New wsList.Lists()
Dim credentials As New System.Net.NetworkCredential(UserName, Password, Domain)
If Not SiteUrl.EndsWith("/") Then
SiteUrl += "/"
End If
SiteUrl += "_vti_bin/Lists.asmx"
'SiteUrl = SiteUrl.ToLower.Replace("http:", "https:")
listService.Url = SiteUrl
listService.Credentials = credentials
Dim addAttach As String = listService.AddAttachment(ListName, ItemId, fileName, img)
ReturnValue = True
However if I uncomment out this line
'SiteUrl = SiteUrl.ToLower.Replace("http:", "https:")
I will get the following error: The request failed with HTTP status 401: Unauthorized
Now if I leave the above line commented out AND then also comment out this line
listService.Credentials = credentials
I will get the same 401 error (expected) so it appears the credentials are being accepted correctly over HTTP but not HTTPS. Can one help explain this to me and have any thoughts on how to fix the issue?
Thanks in advance!
This morning I was working with one of our system guys. He checked some IIS logs and could see errors trying to access the web service over HTTPS. He went into Central Admin and added some Alternate Access Mappings to include the HTTPS urls. Then everything worked!