|
»
»
»
Using HttpClient with a proxy from an untrusted applet
|
View:
New views
5 Messages
—
Rating Filter:
Alert me
|
 |
Using HttpClient with a proxy from an untrusted applet
by Randall Scarberry
::
Rate this Message:
Hello,
I've been going in circles all day trying to use HttpClient in an untrusted applet to download data from the server through a proxy. Finally, I found a way to obtain the proxy information in the applet, but the information cannot be put to use without generating an AccessControlException. The old version of our code that uses a simple URLConnection works transparently. It just inherits the settings from the browser. HttpClient apparently needs the info to be explicitly set, but applet security constraints get in the way. Is HttpClient not meant to be used in applets? Or only with trusted applets? Here's an example of what I'm trying to do: String urlSpec = "http://servername/mediawiki/index.php?title=somewikipage"; HttpClient client = new HttpClient(); try { // Get the proxy information. This works. // System.getProperty() calls generate AccessControlExceptions. ProxyInfo info[] = ProxyService.getProxyInfo(new URL(urlSpec)); if(info != null && info.length > 0 && info[0] != null) { String proxyHost = info[0].getHost(); int proxyPort = info[0].getPort(); if (proxyHost != null && proxyHost.length() > 0 && proxyPort > 0) { // Set the proxy info in the host configuration. client.getHostConfiguration().setProxy(proxyHost, proxyPort); } } }catch (Exception ex) { ex.printStackTrace(); System.err.println( "could not retrieve proxy configuration, attempting direct connection."); } GetMethod method = new GetMethod(urlSpec + "&action=edit"); int responseCode = 200; String responseBody = null; // Manually set the cookies. method.getParams().setCookiePolicy(CookiePolicy.IGNORE_COOKIES); // Call method which returns the cookies as one string. String cookies = getCookieString(); if (cookies.length() > 0) { method.setRequestHeader("Cookie", cookies); } try { responseCode = client.executeMethod(method); // ... Do stuff with the response. } finally { method.releaseConnection(); } Here are the relevant parts of the stack trace. Note that the AccessControlException occurs when the get method is executed, not when the proxy information is set. Caused by: java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:8081 connect,resolve) at java.security.AccessControlContext.checkPermission(Unknown Source) at java.security.AccessController.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPermission(Unknown Source) at java.lang.SecurityManager.checkConnect(Unknown Source) at java.net.Socket.connect(Unknown Source) at java.net.Socket.connect(Unknown Source) at java.net.Socket.<init>(Unknown Source) at java.net.Socket.<init>(Unknown Source) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) at < -- from: "responseCode = client.executeMethod(method);" --> Any help would be greatly, greatly appreciated! Randy S --------------------------------------------------------------------- To unsubscribe, e-mail: httpclient-users-unsubscribe@... For additional commands, e-mail: httpclient-users-help@... |
|
|
Re: Using HttpClient with a proxy from an untrusted applet
by olegk
::
Rate this Message:
Randall Scarberry wrote:
> Hello, > > I've been going in circles all day trying to use HttpClient in an untrusted applet to download data from the server through a proxy. Finally, I found a way to obtain the proxy information in the applet, but the information cannot be put to use without generating an AccessControlException. > > The old version of our code that uses a simple URLConnection works transparently. It just inherits the settings from the browser. HttpClient apparently needs the info to be explicitly set, but applet security constraints get in the way. Is HttpClient not meant to be used in applets? Or only with trusted applets? > > Here's an example of what I'm trying to do: > > String urlSpec = "http://servername/mediawiki/index.php?title=somewikipage"; > > HttpClient client = new HttpClient(); > > try { > // Get the proxy information. This works. > // System.getProperty() calls generate AccessControlExceptions. > ProxyInfo info[] = ProxyService.getProxyInfo(new URL(urlSpec)); > if(info != null && info.length > 0 && info[0] != null) { > String proxyHost = info[0].getHost(); > int proxyPort = info[0].getPort(); > if (proxyHost != null && proxyHost.length() > 0 && proxyPort > 0) { > // Set the proxy info in the host configuration. > client.getHostConfiguration().setProxy(proxyHost, proxyPort); > } > } > }catch (Exception ex) { > ex.printStackTrace(); > System.err.println( > "could not retrieve proxy configuration, attempting direct connection."); > } > > GetMethod method = new GetMethod(urlSpec + "&action=edit"); > int responseCode = 200; > String responseBody = null; > > // Manually set the cookies. > method.getParams().setCookiePolicy(CookiePolicy.IGNORE_COOKIES); > // Call method which returns the cookies as one string. > String cookies = getCookieString(); > if (cookies.length() > 0) { > method.setRequestHeader("Cookie", cookies); > } > > try { > > responseCode = client.executeMethod(method); > > // ... Do stuff with the response. > > } finally { > > method.releaseConnection(); > } > > Here are the relevant parts of the stack trace. Note that the AccessControlException occurs when the get method is executed, not when the proxy information is set. > > Caused by: java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:8081 connect,resolve) > at java.security.AccessControlContext.checkPermission(Unknown Source) > at java.security.AccessController.checkPermission(Unknown Source) > at java.lang.SecurityManager.checkPermission(Unknown Source) > at java.lang.SecurityManager.checkConnect(Unknown Source) > at java.net.Socket.connect(Unknown Source) Randy, Please note the exception is thrown when opening a socket to 127.0.0.1:8081 and NOT when executing HTTP GET. You need to configure SocketPermissions for your applet accordingly. Oleg > at java.net.Socket.connect(Unknown Source) > at java.net.Socket.<init>(Unknown Source) > at java.net.Socket.<init>(Unknown Source) > at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) > at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) > at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) > at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387) > at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) > at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) > at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) > at < -- from: "responseCode = client.executeMethod(method);" --> > > Any help would be greatly, greatly appreciated! > > Randy S > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: httpclient-users-unsubscribe@... > For additional commands, e-mail: httpclient-users-help@... > --------------------------------------------------------------------- To unsubscribe, e-mail: httpclient-users-unsubscribe@... For additional commands, e-mail: httpclient-users-help@... |
|
|
Re: Using HttpClient with a proxy from an untrusted applet
by Randall Scarberry
::
Rate this Message:
--- On Thu, 8/21/08, Oleg Kalnichevski <olegk@...> wrote: > Randy, > > Please note the exception is thrown when opening a socket > to > 127.0.0.1:8081 and NOT when executing HTTP GET. You need to > configure > SocketPermissions for your applet accordingly. > > Oleg > Thanks for the quick response, Oleg. Modifying the java policy file isn't an option for us. For now, when HttpClient fails to work, we have our code fall back and use good ol' URLConnections, since they just work through proxies without changing the policy file or signing the applet. Randy S. New code: String urlSpec = "http://servername/mediawiki/index.php?title=somewikipage"; URL url = new URL(urlSpec + "&action=edit"); URLConnection conn = url.openConnection(); // Call method in local utility class to set the cookies. HttpUtilities.setCookies(conn, mCookiePairs); // Don't have to get the proxy info -- the URLConnection already has it. conn.connect(); BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "UTF-8")); // Read the response ... ... --------------------------------------------------------------------- To unsubscribe, e-mail: httpclient-users-unsubscribe@... For additional commands, e-mail: httpclient-users-help@... |
|
|
Re: Using HttpClient with a proxy from an untrusted applet
by Randall Scarberry
::
Rate this Message:
> Randy, > > Please note the exception is thrown when opening a socket > to > 127.0.0.1:8081 and NOT when executing HTTP GET. You need to > configure > SocketPermissions for your applet accordingly. > > Oleg > In my previous response I failed to mention that I'm using TCPMon as a proxy on localhost port 8081. I'm testing the applet in firefox with its proxy set to 127.0.0.1:8081. The applet is embedded on a webpage served up by another system. --------------------------------------------------------------------- To unsubscribe, e-mail: httpclient-users-unsubscribe@... For additional commands, e-mail: httpclient-users-help@... |
|
|
Re: Using HttpClient with a proxy from an untrusted applet
by olegk
::
Rate this Message:
On Fri, 2008-08-22 at 11:22 -0700, Randall Scarberry wrote:
> --- On Thu, 8/21/08, Oleg Kalnichevski <olegk@...> wrote: > > Randy, > > > > Please note the exception is thrown when opening a socket > > to > > 127.0.0.1:8081 and NOT when executing HTTP GET. You need to > > configure > > SocketPermissions for your applet accordingly. > > > > Oleg > > > > Thanks for the quick response, Oleg. > > Modifying the java policy file isn't an option for us. For now, when HttpClient fails to work, we have our code fall back and use good ol' URLConnections, since they just work through proxies without changing the policy file or signing the applet. > > Randy S. > Randy I know next to nothing about applets. Probably HttpClient jar is not trusted by the default security policy. Oleg > New code: > > String urlSpec = "http://servername/mediawiki/index.php?title=somewikipage"; > > URL url = new URL(urlSpec + "&action=edit"); > URLConnection conn = url.openConnection(); > > // Call method in local utility class to set the cookies. > HttpUtilities.setCookies(conn, mCookiePairs); > > // Don't have to get the proxy info -- the URLConnection already has it. > > conn.connect(); > > BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "UTF-8")); > > // Read the response ... > ... > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: httpclient-users-unsubscribe@... > For additional commands, e-mail: httpclient-users-help@... > --------------------------------------------------------------------- To unsubscribe, e-mail: httpclient-users-unsubscribe@... For additional commands, e-mail: httpclient-users-help@... |
| Free Forum Powered by Nabble | Forum Help |
