My push java app is behind a web proxy. I used below code to set proxy:
ProxyManager.setProxy("", "");
After executed, I got:
javapns.communication.exceptions.CommunicationException: Communication exception: java.io.IOException: Unable to tunnel through. Proxy returns "HTTP/1.1 403 Proxy Error"
Please guide me how to solve this issue.
If there is a username and password required for the proxy, then you also need to set the proxyAuthorization of the ProxyManager.
To encode the username and password, you can use the existing encodeProxyAuthorization method of the ProxyManager:
String encodeProxyAuthorization = ProxyManager.encodeProxyAuthorization(username, password);
ProxyManager.setProxyAuthorization(encodeProxyAuthorization);
Related
I have implemented a proxy extending jetty's ProxyServlet.Transparent.
However upon testing I noticed there is a difference on error messages the user sees when the server returns an error.
For example, when connecting directly to one of our application server with an invalid user credential, the server should return something more specific with instructions on the auth as we have set it this way. When connecting to the proxy server the error is in its most generic form like Authentication failed: Unauthorized
I suspect at some stage jetty checks on the server response and set the proxy response with minimal information so I am looking into the Transparent class code and its parent classes to find which method I can override to intercept the original server response and forward the information in the proxy response, assuming my understanding on these two responses are correct.
Thanks for the help.
I work in a company where we use a proxy to access any browser website.
We would like to start API testing with JMeter, but have a problem.
Whenever I try to add an API call to petstore.swagger.io/v2/pet/10, for example, and put in the proxy details in the "Advanced" section of the HTTP request + adding an HTTP authorization manager with Username + Password, it still gives me a "407 Authenticationrequired" error back.
Request headers:
Response headers:
In the information I have also it's that the proxy is "Ruleset Name: Authentication with Kerberos and NTLM Fallback".
This is quite a problem if I'd like to test internal APIs with any authorization on it.
HTTP Status code 407 means that proxy authentication required, it seems that you're using a corporate proxy to access the application under test and this proxy requires credentials.
You have 2 options of passing the proxy credentials to JMeter:
Command-line arguments like:
jmeter -H my.proxy.server -P 8000 -u username -a password
JMeter System properties (you can put these lines to system.properties file
http.proxyUser=username
http.proxyPass=password
I am trying to send a response to an HTTPS request, using FiddlerCore.
I need things to work like this: I put some fake URL in browser, like https://my_url_that_doesnt_exist.com/, then I intercept this request with FiddlerCore and respond to it with my data. But I only see a CONNECT and the host URL. I know this is because of HTTPS and Fiddler being a proxy. But is there a way to get the real full URL and be able to respond to HTTPS request, using FiddlerCore?
Also I use this code to create a root certificate if it's missing:
if (!Fiddler.CertMaker.rootCertExists())
{
if (!Fiddler.CertMaker.createRootCert())
{
throw new Exception("Could not create a certificate.");
}
}
also, I use these startup settings:
FiddlerCoreStartupFlags fcsf = FiddlerCoreStartupFlags.Default | FiddlerCoreStartupFlags.DecryptSSL|FiddlerCoreStartupFlags.AllowRemoteClients;
and CONFIG.IgnoreServerCertErrors = true;
This HTTPS request is not visible in Fiddler itself. I mean when I try some non-existent URL to which I'd like my app to respond with some custom content. It's also HTTP, not HTTPS, and Fiddler itself contains the following in response:
[Fiddler] DNS Lookup for "my_url_that_doesnt_exist.com" failed. The requested name is valid, but no data of the requested type was found
But if I use some existing HTTPS URL, like google plus or anything like that, I can see the HTTPS and all the request details.
So the question follows: How can I intercept HTTPS request to a non-existent URL and serve my content instead?
I can provide any additional details if needed.
Also makecert.exe is in the same folder where all my binaries are.
The problem is that HTTPS traffic flows through a CONNECT tunnel, and by default that secure traffic won't be sent if creating the CONNECT tunnel to the target server doesn't first succeed. Of course, if that target server doesn't exist, you end up with a DNS error in creating the tunnel, so the secure requests are never sent.
The workaround is to tell Fiddler to tell the client that the CONNECT tunnel was created, without even trying to contact the server. Do so by adding this inside the BeforeRequest handler:
if (oSession.HTTPMethodIs("CONNECT"))
{
oSession.oFlags["x-replywithtunnel"] = "GenerateTunnel";
return;
}
I'm using savon to communicate with a soap web service.
It all works well, and I now need to get the ruby code into production where we have to go through a proxy server.
This proxy server requires authentication.
So my question is, how can I go ahead to specify proxy server authentication details with savon?
Some further info:
I've figured out that you can specify a proxy server as such:
client = Savon::Client.new do
...
http.proxy = "http://proxy.example.com"
end
Looking through the code for savon, I found that the http variable in the client block refers to the following:
def http
#http ||= HTTPI::Request.new
end
Unfortunately, going through the code for HTTPI::Request, I couldn't see a way to specify authentication for the proxy itself. Here's the code for the httpi request: https://github.com/rubiii/httpi/blob/master/lib/httpi/request.rb
Just to be clear: I'm not trying to do HTTP authentication, I'm attempting to perform proxy authentication.
When specifying the proxy server, I get the following error, because I can't find a way to specify the proxy authentication credentials:
407 "Proxy Authentication Required"
Thanks in advance for any help.
Try this:
http.proxy = "http://username:password#host:port"
Managed to resolve it with the following code:
#proxy_path = '<insert your proxy url here>'
#wsdl_path = '<insert your wsdl url here>'
#client = Savon.client do |variable|
variable.proxy #proxy_path
variable.wsdl #wsdl_path
end
#client.operations #to list operations
I am trying to connect to service which is accesssible over https and need authentication.
The error I get is:
Test method
TestProject1.UnitTest1.TestReharB2B
threw exception:
System.ServiceModel.Security.MessageSecurityException:
The HTTP request is unauthorized with
client authentication scheme
'Anonymous'. The authentication header
received from the server was 'Basic
realm="Application"'. --->
System.Net.WebException: The remote
server returned an error: (401)
Unauthorized..
It seems to me like that username and password is not sent to service. What am I missing?
The code:
EndpointAddress address = new EndpointAddress(
new Uri("https://84.52.158.151:8443/JavaStore/services/B2BService"),
EndpointIdentity.CreateDnsIdentity("JavaStore"),
new AddressHeaderCollection()
);
BasicHttpBinding binding = new BasicHttpBinding();
binding.Security.Mode = BasicHttpSecurityMode.TransportWithMessageCredential;
binding.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;
var client = new ReharB2BService.B2BServicePortTypeClient(binding, address);
client.ChannelFactory.Credentials.UserName.UserName = "dotNet";
client.ChannelFactory.Credentials.UserName.Password = "dotnetpwd";
client.Open();
client.getAllItems();
Your service returns error because there is some misconfiguration between server and client. Your client uses transport security with UserName message credentials. That means that HTTPS is used and message contains SOAP header with user name and password. But your service returns exception because it (probably IIS) expects transport security with Basic credentials. That means HTTPS and HTTP Basic authentication (HTTP header).