I have made a web service client importing a third party wsdl in eclipse.
But I got this exception:
javax.xml.ws.WebServiceException: Connection IO Exception. Check nested exception for details. (Unable to connect to 1X.XXX.X.XX:X0 - Connection timed out).
I hope this exception occurred for the proxy only.
There is a proxy server between me and that third party. I don't know how to do the proxy authentication and where in coding I need to this proxy authentication.
Is your end point on HTTPS? There different ways proxies support HTTPS - one ways is SSL bridging and the other is SSL Tunneling..
May be your client side libraries you used to connect may not support the one being used by the proxy...
You must explicitly set the proxy server in Java, the JRE does not retrieve it from the OS configuration. You can find the detailed explanation here. As per the link, a standard configuration may look like this:
System.setProperty("http.proxyHost", "myproxy.com");
System.setPropery("http.proxyPort", "8080");
Obviously, you can also define the system properties as VM arguments during startup.
Related
For getting the blob container details we are using the below mentioned REST API.
Vhd is the blob container name.
https://(storageAccountName).blob.core.windows.net/vhd?restype=container&comp=list
When we use proxy server details (example:SQUID Proxy) to access the storage REST API calls, we are getting the below mentioned error.
HttpResponse for Blobs:: ResourceNotFoundThe
specified resource does not exist.
RequestId:6dc7e6f2-0001-000d-30f9-d56eb3000xxx
If we access the same rest api without proxy server, we are getting the valid response and it's working.
Per my experience, normally, using squid is as reverse proxy for backend services, but here you want to access the storage REST APIs via squid as forward proxy. You can refer to the wiki page https://en.wikipedia.org/wiki/Proxy_server, the SO thread Difference between proxy server and reverse proxy server and the blog to know the differences between both.
So the solution for the issue is that configuring the proxy server as forward proxy.
For Squid, you can try to refer to the squid wiki pages http://wiki.squid-cache.org/SquidFaq/ConfiguringSquid and http://wiki.squid-cache.org/Features/HTTPS to know how to configure as forword proxy with HTTPS.
For Apache, you can try to refer to the apache doc page http://httpd.apache.org/docs/2.0/mod/mod_proxy.html#forwardreverse to do.
Then, setting the system properties for Java to enable proxy support after setting up forward proxy successfully.
There are two ways support proxy for Java.
Command Line JVM Settings: The proxy settings are given to the JVM via command line arguments:
java -Dhttp.proxyHost=proxyhostURL -Dhttp.proxyPort=proxyPortNumber -Dhttp.proxyUser=someUserName -Dhttp.proxyPassword=somePassword HelloWorldClass
Setting System Properties in Code: Adding the following lines in your Java code so that JVM uses the proxy to make HTTP calls.
System.setProperty("http.proxyPort", "someProxyPort");
System.setProperty("http.proxyUser", "someUserName");
System.setProperty("http.proxyPassword", "somePassword");
System.setProperty("http.proxyHost", "someProxyURL");
More information for Networking & Proxies & Properties in Java, Please refer to http://docs.oracle.com/javase/7/docs/technotes/guides/net/proxies.html and http://docs.oracle.com/javase/7/docs/technotes/guides/net/properties.html.
we got the solution. The issue is we are invoking asynchronous calls for all storage accounts at a time. For example : if we have 5 storage accounts and each storage accounts 5 vhd containers and in for loop if we invoke all 5 at time and with callback waiting for 5 response,In this case it's not working. so we are invoking each call separately and it's started working.
I have a webservice in Java 1.6 that extends javax.xml.ws.Service. The WSDL URL is located at an HTTPS endpoint and I am behind a corporate proxy (NTLM I believe). I have the proxy host, port, username, and password. I have verified that I can access the WSDL using curl if I specify the proxy in my .curlrc file. When the constructor is called it will eventually timeout with the error:
javax.xml.ws.WebServiceException: Failed to access the WSDL at: https://www.blah.com/myservice.asmx?wsdl. It failed with:
Connection timed out.
The call that fails is:
public MyService_Service() {
// this call to super is the one that times out
super(__getWsdlLocation(), MYSERVICE_QNAME);
}
I have tried the following but none of the solutions work.
Client Webservice in java - proxy authentication
Java Web Service client basic authentication
What can I do to call the web service from behind a proxy?
I was able to get this to work by adding the following code before the server instantiation:
System.setProperty("proxyHost", "myproxy.com");
System.setProperty("proxyPort", "8080");
Strangely this worked when I tested it by setting the VM options -DproxyHost and -DproxyPort so then searched for how to set it programmatically.
I am trying at write a java program that hits a url over ssl, and prints out the response to find out if the application on this port is running or not. We are using 2way ssl. I am fairly new to working with ssl and java security. Right now I am getting this error
Remote host closed connection during handshake
I am using this command to run the program
java -Djavax.net.ssl.trustStore=rs.truststore TmpUtil
Is there a way to find out what am I doing wrong and where exactly is the problem ?
You can generally debug an SSL/TLS connection that uses the JSSE in Java using the javax.net.debug system property. You'll find more details in the documentation.
Since you're after client-certificate authentication, it's most likely that your application needs a keystore to be configured. You'll find some details about the difference between keystore and truststore in this answer, and in the JSSE Reference Guide of course.
I would like to run a servlet in Jetty on an HTTPS site that requires a client certificate for only part of the site (specific URLs). For example:
https://example.com/someservlet/public - no client cert required
https://example.com/someservlet/protected - client cert required
In Apache I can accomplish this by specifying SSLVerifyClient require inside a <Directory> or <Location> which forces Apache to renegotiate the SSL connection after the request is made.
I do not want to run Jetty embedded in anything else, just standalone. Is this possible? Can a Servlet cause this directly somehow? Can it be done via configuration?
As far as I know you can only specify the SSL options on a per-port basis.
Even if you could the configuration you are trying to achieve is problematic, as it needs the SSLRenegotiation which has been changed about a year ago because of a security vulnerability. The new method for performing an SSLRenogitiation is therefore only supported by newer clients and sometimes even if it is supported it does not work because of bugs.
My recommendation for an easy workaround: Configure Jetty to listen on two SSL ports:
For example on 443 without HTTPS Client auth and on 8443 with HTTPS client auth required. Then make your protected servlet only available on 8443. This is not a nice solution but 100% robust, works with Jetty and with all clients.
I'm writing a job that will connect to a client's FTP/S server over my SOCKS5 proxy and I'm utilizing the Apache Commons Net package. The issue is that my SOCKS proxy is configured to not require authentication but I am still getting the following exception:
java.net.SocketException: SOCKS : authentication failed
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:443)
at java.net.Socket.connect(Socket.java:519)
I've tried setting the java.net.socks.username and password properties to empty strings but I still get it. Is there a way I can tell the code to not use authentication? Digging into the underlying source i almost think it's querying the proxy server for the authentication requirement, but I'm not sure.
Alright so the issue was that my SOCKS proxy was set up to ask for authentication but to also accept connections that did not authenticate. We use Dante and while programs like Filezilla are smart enough to iterate through all of the acceptable authentication methods, it seems like the java.net package only goes off the first method supplied. Since my authentication configuration in my sockd.conf file was as follows:
method: username none
user.notprivileged: nobody
java.net was demanding a username and password. I simply flipped the methods to "none username" and both Filezilla and java.net correctly pass through the proxy. It's a bit of an IT solution but whatever gets the code to work, right?