I'm working on creating a simple method that send SOAP request to EWS and it seems everything is OK. But when I run it I get error:
java.net.ProtocolException: Server
redirected too many times (20)
Any ideas why I get this when I try to connect to https://my.exchange.server/ews/Services.wsdl ?
Note: my.exchange.server is just a cover for my real URL
Make sure to enable Basic Authentication on EWS, sorry that's on the server side :).
I am using EWS Java Api http://archive.msdn.microsoft.com/ewsjavaapi and it works fine even cross domains:
ExchangeService service = new ExchangeService();
ExchangeCredentials credentials = new WebCredentials("Administrator#yourdomain.com", "Password",
"yourdomain.com");
service.setCredentials(credentials);
service.setUrl(new URI("http://yourserver/EWS/Exchange.asmx"));
service.setPreAuthenticate(true);
BTW, I am also successfully reaching it with plain SOAP using SoapUI, but the key factor is enabled Basic Authentication, and URL is "http://yourserver/EWS/Exchange.asmx"
Good luck,
Boris
Herndon, VA
Related
i'm trying to integrate java application with azure ad .
i have registered an app in azure and added redirect url's , after successful login , it was redirected to my java application where i am fetching authorization code using msal library.
Getting the below exception
com.microsoft.aad.msal4j.MsalServiceException: AADSTS500112: The reply address
'http://testUrl' does not match the reply address 'https://testUrl
the only difference i see in the above url's is http and https, even though i mentioned https in both redirect url in the app registrations as well as redirect_uri in the microsoft login url.
btw, it was working with my local environment, not working when i hosted it on the server .
We had the same issue after it was deployed in production environment. The reason the https became http is since I was in a load-balanced environment, the outside URL differed from the inside URL (The load balancers off-loaded the SSL processing). When the http request from azure reached our web filter, the httpRequest.getRequestURL().toString() get the http instead of https. What we did is, ask devops team to add a header in httprequest with the original url sent to load balancer, and in our code, we extract the http header instead of the http request itself.
Specifically, change
String currentUri = httpRequest.getRequestURL().toString();
to
String currentUri = httpRequest.req.getHeader(HEADER_PROXY_URL);
The HEADER_PROXY_URL is the header name that devops inject the original url.
According to my research, the redirect URL for web apps and services must begin with the scheme https. If you want to use the scheme http, you just can use http:\\localhost. For more details, please refer to https://learn.microsoft.com/en-us/azure/active-directory/develop/azure-ad-endpoint-comparison#restrictions-on-redirect-urls
I want to create a Java client for a SOAP web service with Basic Authorization. I generate a client in the Eclipse Oxy (Web Service Client) with Apache Axis 1.4 runtime. Our cases use Basic Authorization with required username, password and domain (Figure 1: SOUP UI tool).
In SOAP UI the service return success status, while java code return status 401 Unauthorized.
The following code is used when making a call to service (I send null content, because I only want to get success answer from service just like in SOAP UI tool):
IntegrationService_AdEl service = locator.getBasicHttpBinding_IntegrationService_AdEl();
((Stub) service)._setProperty(Call.USERNAME_PROPERTY,"test");
((Stub) service)._setProperty(Call.PASSWORD_PROPERTY, "123");
((Stub) service)._setProperty("DOMAIN", "dmn");
IntegrationService_AdElPersonScreeningCreateResponse c = service.personScreeningCreate(null);
I am wondering how to make a successful call with the parameters for Basic Authorization.
Thanks for the help.
I crawled google a lot to find some documentation on the subject but did not find anything.
I am trying to use a kerberos ticket to access a secured server but i get a 401 error.
What i do is add a header with the base64 encoded token before calling the web service
HessianConnection conn = ...
conn.addHeader("Authorization", "Negotiate " + token);
...
conn.sendRequest();
I know that hessian supports Basic auth (HessianProxyFactory => setUser/PWD/BasicAuth), but i m not sure about Spnego/Negotiate.
Note that we managed to setup spnego with cxf in another project (It has HttpAuthSupplierImpl), but this one uses hessian.
Question : is it possible or i am wasting my time ?
Thanks
Actually i checked HTTP traffic server side with wireshark, it seems that headers are correctly sent with this code. So this works and this question can be closed. The ticket is however not correctly recognized but this is another problem ...
I'm simulating an HTTPS process with Google App Engine's URL fetch API. The process has 2 steps: first, a GET request will return an URL with URL-encoded session information and a cookie; and second, a POST with some payload to the returned URL.
I have used Firebug to capture the headers of the 2 requests, e.g User-agent, Keep-alive, Connection, Cookie. I used these same headers in my code (the cookie value is updated according to the response). Testing on my computer is successful but the code always fails at the POST step on Google's server. On my development box, the remote .NET app website replies to the POST request with a 200-OK with the information that I want, but on Google side, the remote .NET app website also give a 200-OK response but with a "Session timeout" message (which I don't want). So what have I missed?
Are you connectiong to the GAE applictation through appspot.com domain or a custom domain? SSL is supported only on appspot.com, so maybe this the reason?
I'm trying to consume a restful webservice in java using the Apache Wink framework through my school web proxy requiring authentification
ClientConfig clientConfig = new ClientConfig();
clientConfig.proxyHost("proxy.school.com");
clientConfig.proxyPort(3128);
//nothing to set username and password :(
RestClient client = new RestClient(clientConfig);
Resource resource = client.resource("http://vimeo.com/api/v2/artist/videos.xml");
String response = resource.accept("text/plain").get(String.class);
I've also tried to use the BasicAuthSecurityHandler but it seems to be used to authenticate directly to a web server, not the web proxy
BasicAuthSecurityHandler basicAuthHandler = new BasicAuthSecurityHandler();
basicAuthHandler.setUserName("username");
basicAuthHandler.setPassword("password");
config.handlers(basicAuthHandler);
It still fail with a HTTP 407 error code : Proxy Authentication Required.
I've googled the best I could, nothing came up better to consume a webservice from a Java client through a web proxy, if someone has another idea, feel free to respond
Ok that was pretty hard but I found it ! I logged the HTTP requests that were being made from my browser with Fiddler and found out that the Proxy-Connection and Proxy-Authorization were what I was looking for after reading extensive documentation like RFC 2616 about HTTP/1.1
So I copy-pasted the values that were being sent into my java code :
resource.header("Proxy-Connection", "Keep-Alive");
resource.header("Proxy-Authorization", "Basic encodedString");
where encodedString is what is being sent by my browser : username:password base64 encoded
And it now works perfectly :)
This issue was raised as [1] and has since been resolved with the addition of a ProxyAuthSecurityHandler available to Apache Wink client developers.
[1]: https://issues.apache.org/jira/browse/WINK-292 Apache Wink JIRA issue WINK-292