Have you checked problems regarding ntlm2? If one of the machines is WIn7 or Win2008 I would double check this.... There are often problems with NTLM2 eg. when a WIN7 Client wants to access an older SMB Linux File Server. _____
Von: [email protected] [mailto:[email protected]] Im Auftrag von Pierre Gilquin Bereitgestellt: Dienstag, 15. März 2011 14:41 Bereitgestellt in: WebObjects Unterhaltung: java client and ntlm proxy Betreff: Re: java client and ntlm proxy I try what you said with httpclient, my code looks like : proxyclient.getHostConfiguration().setHost("www.yahoo.com <http://www.yahoo.com/> "); // set the proxy host and port proxyclient.getHostConfiguration().setProxy("vali.hcuge.ch", 8080); // set the proxy credentials, only necessary for authenticating proxies proxyclient.getState().setProxyCredentials( AuthScope.ANY, new NTCredentials("pegn", "mypassword","localhost","huge")); I used NTCredentials in order to use the domain of my login but now it is complaining with authentication : 15 mars 2011 12:33:48 org.apache.commons.httpclient.auth.AuthChallengeProcessor selectAuthScheme INFO: ntlm authentication scheme selected 15 mars 2011 12:33:50 org.apache.commons.httpclient.HttpMethodDirector processProxyAuthChallenge INFO: Failure authenticating with NTLM <any realm>@vali.hcuge.ch:8080 Connect failed: HTTP/1.1 407 Proxy Authentication Required did I miss something ? it's seems it doenot use my credentials ... Thanks Pierre ----- Original Message ----- From: Aurélien Minet <mailto:[email protected]> To: [email protected] ; [email protected] Sent: Tuesday, March 15, 2011 12:22 AM Subject: Re: java client and ntlm proxy On 03/14/2011 09:32 AM, Pierre Gilquin wrote: > Merci Aurélien. De rien Pierre the methode createSocket in the class extending EOHTTPChanel have to return a socket I think Apache HttpClient would help to create one and handle proxy stuff see http://svn.apache.org/repos/asf/httpcomponents/oac.hc3x/branches/HTTPCLIENT_ 3_0_BRANCH/src/examples/ProxyTunnelDemo.java after Socket socket = response.getSocket(); you may have to add socket.setTcpNoDelay(true); socket.setSoTimeout(2147483647); I also found that in NSSocketUtilities the creation of the socket was done in a internal class SocketThread which extends Thread Aurélien ps: cntlm would be necessary if an NTLM authentication is necessary , if not Java Client only have to connect to the proxy for accessing the application which behind it. > I have already try to extend EOHTTPChannel. Until now without success ... > It's why i try to use cntlm. > > My last attempt is to use cntlm tunneling : >>cntlm.exe -c cntlm.ini -v > cntlm: New tunnel from 127.0.0.1:11443 to host.domain.tld:80 > > > In this case the launch don't use any http.proxy but directly the port 11443 on localhost: >>java MyClassUsingEOClientApplicationSupport -applicationURL http://localhost:11443/cgi-bin/WebObjects/MyAppli.woa > > I dont understand why this is not working ... > > Thanks for any idea > > Pierre > > ----- Original Message ----- > From: Aurélien Minet > To: [email protected] <mailto:[email protected]> ; WebObjects (Group) > Sent: Sunday, March 13, 2011 10:56 PM > Subject: Re: java client and ntlm proxy > > > Hi > > Yes the socket is open directly, in fact stuff behind EOHTTPChannel (createSocket) doesn't take in account http.proxy* > args cause finally use java.net.Socket and not java.net.URL, so Java Client can't connect to the application trough any > HTTP proxy (NTML or not). > A solution could be to override NSSocketUtilities.getSocketWithTimeout or to extend > com.webobjects.eodistribution.client.EOHTTPChannel with a class having a methode createSocket which return a Socket. > We have got the same problem for Java Client connecting to the application using an https URL. A colleague make a POC > with a class which extends EOHTTPChannel and use javax.net.ssl > > Aurelien > > ps : for command line launching > java -classpath "jar list" com.webobjects.eoapplication.client.EOClientApplicationSupport > -applicationURL http://host.domain.tld/cgi-bin/WebObjects/App.woa [other arguments] > (prefer a .jnlp file for deployment) > > > On 03/08/2011 09:43 AM, Pierre Gilquin wrote: > > Hi David, > > > > Starting the application with JWS or at command line gives the same result. > > I guess that the socket is open directly (port 80) without going thru the proxy and that's why I get a timeout error. > > > > I dont get your idea, what can you check in the jnlp file ? > > Thanks > > > > Pierre > > > > > > > > ----- Original Message ----- > > *From:* David Avendasora <mailto:[email protected]> > > *To:* Pierre Gilquin <mailto:[email protected]> > > *Cc:* [email protected] <mailto:[email protected]> > <mailto:[email protected]> > > *Sent:* Monday, March 07, 2011 8:26 PM > > *Subject:* Re: java client and ntlm proxy > > > > Hi Pierre, > > > > Are you launching the application from a link that downloads a .jnlp file from the server? If so, look at it's > > contents to be sure it is using the ports you think it is. > > > > Dave > > > > > > On Mar 7, 2011, at 11:52 AM, Pierre Gilquin wrote: > > > >> Hi all, > >> > >> I am trying to use a java client inside a entreprise network using an ntml proxy with authentification for > >> accessing the outside world. > >> > >> Seems that java cannot pass that kind of proxy. At least, I was not able to do it. > >> So I try to use cntlm http://cntlm.sourceforge.net/ <x-msg://292/> before starting the java client : > >> > >> >cntlm.exe -c cntlm.ini -v > >> cntlm: Proxy listening on 127.0.0.1:3128 > >> cntlm: Resolving proxy TheBorringProxy ... > >> cntlm: Workstation name used: localhost > >> cntlm: Using following NTLM hashes: NTLMv2(1) NT(0) LM(0) > >> cntlm: PID 980: Cntlm ready, staying in the foreground > >> > >> Then I start my java client : > >> java -Dhttp.proxySet=true -Dhttp.proxyHost=127.0.0.1 -Dhttp.proxyPort=3128 MyClass > >> -applicationURL http://www.externaldomain.com/cgi-bin/WebObjects/MyAppli.woa <x-msg://292/> > >> > >> But not better, the java client cannot create the socket : > >> com.webobjects.foundation.NSForwardException for java.io.IOException: Timed out trying to create Socket > >> at com.webobjects.foundation.NSSocketUtilities._getSocketWithTimeout(NSSocketUt ilities.java:145) > >> at com.webobjects.foundation.NSSocketUtilities.getSocketWithTimeout(NSSocketUti lities.java:100) > >> at com.webobjects.foundation.NSSocketUtilities.getSocketWithTimeout(NSSocketUti lities.java:58) > >> at com.webobjects.eodistribution.client.EOHTTPChannel.createSocket(EOHTTPChanne l.java:401) > >> > >> Am I missing something ? May be I am wrong about the way i start my java client ? > >> > >> Thanks for any idea. > >> > >> Pierre > > > > > > > > _______________________________________________ > > Do not post admin requests to the list. They will be ignored. > > Webobjects-dev mailing list ([email protected] <mailto:[email protected]>) > > Help/Unsubscribe/Update your Subscription: > > http://lists.apple.com/mailman/options/webobjects-dev/aurelien.minet%40univ- provence.fr > > > > This email sent to [email protected] <mailto:[email protected]> > > _______________________________________________ > WebObjects-dev mailing list > [email protected] <mailto:[email protected]> > http://www.omnigroup.com/mailman/listinfo/webobjects-dev > > > > _______________________________________________ > Do not post admin requests to the list. They will be ignored. > Webobjects-dev mailing list ([email protected]) > Help/Unsubscribe/Update your Subscription: > http://lists.apple.com/mailman/options/webobjects-dev/aurelien.minet%40univ- provence.fr > > This email sent to [email protected] _______________________________________________ WebObjects-dev mailing list [email protected] http://www.omnigroup.com/mailman/listinfo/webobjects-dev
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com This email sent to [email protected]
