[jira] Commented: (CXF-2223) Proxy authentication failure with SSL tunneling

Tue, 26 May 2009 06:56:22 -0700 

    [ 
https://issues.apache.org/jira/browse/CXF-2223?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12713010#action_12713010
 ] 

Mathieu Chauvin commented on CXF-2223:
--------------------------------------

The problem is still there with the 2.1.5 release.

I started from the very simple wsdl_first sample to show this issue. You will 
find attached the cxf.xml configuration that I updated to get the following 
exception:
     [java] Invoking sayHi...
     [java] Exception in thread "Main Thread" 
javax.xml.ws.soap.SOAPFaultException: Could not send Message.
     [java]     at 
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:145)
     [java]     at $Proxy41.sayHi(Unknown Source)
     [java]     at demo.hw.client.Client.main(Client.java:61)
     [java] Caused by: org.apache.cxf.interceptor.Fault: Could not send Message.
     [java]     at 
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:64)
     [java]     at 
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:226)
     [java]     at 
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:469)
     [java]     at 
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:299)
     [java]     at 
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:251)
     [java]     at 
org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
     [java]     at 
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
     [java]     ... 2 more
     [java] Caused by: java.io.IOException: Unable to tunnel through proxy. 
Proxy returns "HTTP/1.0 407 Proxy Authentication Required"
     [java]     at 
sun.net.www.protocol.http.HttpURLConnection.doTunneling(HttpURLConnection.java:1350)
     [java]     at 
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:164)
     [java]     at 
sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:857)
     [java]     at 
sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:230)
     [java]     at 
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCaching(HTTPConduit.java:1904)
     [java]     at 
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1859)
     [java]     at 
org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:42)
     [java]     at 
org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)
     [java]     at 
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1922)
     [java]     at 
org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
     [java]     at 
org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:626)
     [java]     at 
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
     [java]     ... 8 more
     [java] Java Result: 1

As the proxy fails client authentication, it is not even necessary to deploy 
the target server with an SSL listener. That's the reason why I started from 
the basic sample instead of the https one.
The wsdl_first client works fine with this configuration (assuming the proxy 
configuration is correct of course) using http, but setting the protocol to 
'https' within the wsdl leads to this issue.

Let me know if any additional information is required.

Mathieu.

> Proxy authentication failure with SSL tunneling
> -----------------------------------------------
>
>                 Key: CXF-2223
>                 URL: https://issues.apache.org/jira/browse/CXF-2223
>             Project: CXF
>          Issue Type: Bug
>          Components: Transports
>    Affects Versions: 2.1.2
>            Reporter: Mathieu Chauvin
>
> We are facing the very same issue as the one described at the following URL:
> http://www.mail-archive.com/us...@cxf.apache.org/msg06422.html
> Https transport appears not to send proxy-authorization within the CONNECT 
> operation as it should.
> Olivier Billard's workaround works just fine but requires java programming, 
> and makes it impossible to configure proxy related properties in a simple 
> manner.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to