I'm trying to use JAX-WS api to send some soap messages on a client application. However, I'm behind a firewall and the only option is to use a proxy server to go outside.
I'm trying to find on google any answer about this and so far all fail: To Use System.setProperty for http.proxyHost, http.proxyPort, http.proxyUser, http.proxyPassword. To use Authenticator like is described here.
I'm running out of options, if someone could help me on this would be great.
Also, I have a option to use org.apache.commons.httpclient but then I need to generate manually the XML. So could you suggest any other approach or API for WS?
You can use ws import command when creating web client to configure proxy.
-httpproxy::
use above command to configure proxy.
How to do this depend on your IDE.
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.wsfep.multiplatform.doc/info/ae/ae/rwbs_wsimport.html
For Jax-ws webservice client, use the following
//set proxy info to the ClientProxyFeature
ClientProxyFeature cpf = new ClientProxyFeature();
cpf.setProxyHost("proxyhost");
cpf.setProxyPort(8888);
cpf.setProxyUserName("proxyuser");
cpf.setProxyPassword("proxypwd");
//get the port with the Feature
MyPort port = myService.getPort(cpf);
Related
I am using quarkus 1.10.5.Final and need to call web service with web proxy.
Currently my code using microprofile client proxy and put below configuration in application.properties
client/mp-rest/url=https://remote.com
client/mp-rest/scope=javax.inject.Dependent
client/mp-rest/trustStore=classpath:/META-INF/resources/cacerts
client/mp-rest/connectTimeout=5000
client/mp-rest/readTimeout=5000
client/mp-rest/followRedirects=true
client/mp-rest/proxyAddress=http://proxy:8080
but still resulting RESTEASY004655: Unable to invoke request: java.net.UnknownHostException: No such host is known
I tried to use -Dhttp.proxyHost and -Dhttp.proxyPort to test the proxy and it was success.
the problem is I can't use -Dparams since it will break other service calls.
this link where I got config for mp-rest/proxyAddress
https://download.eclipse.org/microprofile/microprofile-rest-client-2.0-RC2/microprofile-rest-client-2.0-RC2.html
but its not mentioned in https://docs.jboss.org/resteasy/docs/4.1.1.Final/userguide/html/MicroProfile_Rest_Client.html
please let me know if I am looking on wrong thing.
May 2021 update
Quarkus 2.0 supports MicroProfile Rest Client 2.0. With it you can use the configuration you mention, namely
# A string value in the form of <proxyHost>:<proxyPort> that specifies the
# HTTP proxy server hostname (or IP address) and port for requests of
# this client to use.
client/mp-rest/proxyAddress=host:port
Or set it programmatically with
ProxiedClient client = RestClientBuilder.newBuilder()
.baseUri(someUri)
.proxyAddress("myproxy.mycompany.com", 8080)
.build(ProxiedClient.class);
Original answer
You should be able to set proxy for your Quarkus Rest client with the following properties:
org.jboss.resteasy.jaxrs.client.proxy.host
org.jboss.resteasy.jaxrs.client.proxy.port
org.jboss.resteasy.jaxrs.client.proxy.scheme
I just run into the same problem and found this issue.
Upgrade to MP Rest Client 2.0 #10520
MP-Rest-Client 2.0 is not available in quarkus 1.10.5.
So basically, I have made a RESTful API using ServiceTalk from Apple (Netty implementation) and Jersey and it works. Only through http though. I have seen that when I was making my React web page make a POST request through http, it would complain about CORS (which I'm still trying to fix) and that the browser (At least Brave) would not allow the request to be made because it was http and my web page was running on https using let's encrypt cert. How do I fix this issue? Do I need to add SSL with Netty? If so, how can I do that with a certificate that's going to be changing every once in a while?
I also have NGINX setup with Let's Encrypt and enabled auto-renew certificate setting from the setup wizard for NGINX + Let's Encrypt. If I can somehow make NGINX run the HTTPS request as a proxy to the netty server on http, then I think it would also be a better solution. I know this is a common practice with NodeJS Express + NGINX.
You are right, if you already have NGINX that serves your static content (html/css/js) it will be better to configure it as a proxy for a ServiceTalk backend service. That will let you keep SSL/TLS configuration in one place (NGINX config file only) and you will be able to use its auto-renew certificate feature. For an example of how you can configure NGINX as an SSL/TLS proxy for a backend service, see here: https://docs.nginx.com/nginx/admin-guide/security-controls/securing-http-traffic-upstream/
However, in this case, your connection between NGINX and ServiceTalk will not be encrypted. In some environments, it might be inappropriate according to security policies and requirements. If this is your case, you also need to configure SSL/TLS for ServiceTalk using HttpServerBuilder.secure() method that returns HttpServerSecurityConfigurator. Here is an example of a secure ServiceTalk server.
To avoid CORS, keep using NGINX as a proxy even when ServiceTalk also configured with SSL/TLS connections. If there is a requirement to avoid additional proxy on the way between a browser and backend service, target ServiceTalk directly. But NGINX gives additional features, like load balancing between multiple backend instances.
To get the best SSL performance in ServiceTalk/Netty we recommend to use OpenSSL provided instead of a built-in JDK provider. For more information, see Performance / netty-tcnative OpenSSL engine documentation section.
Note: ServiceTalk does not auto-renew SSL/TLS certificates. You will need to restart the server when certificate expires.
For getting the blob container details we are using the below mentioned REST API.
Vhd is the blob container name.
https://(storageAccountName).blob.core.windows.net/vhd?restype=container&comp=list
When we use proxy server details (example:SQUID Proxy) to access the storage REST API calls, we are getting the below mentioned error.
HttpResponse for Blobs:: ResourceNotFoundThe
specified resource does not exist.
RequestId:6dc7e6f2-0001-000d-30f9-d56eb3000xxx
If we access the same rest api without proxy server, we are getting the valid response and it's working.
Per my experience, normally, using squid is as reverse proxy for backend services, but here you want to access the storage REST APIs via squid as forward proxy. You can refer to the wiki page https://en.wikipedia.org/wiki/Proxy_server, the SO thread Difference between proxy server and reverse proxy server and the blog to know the differences between both.
So the solution for the issue is that configuring the proxy server as forward proxy.
For Squid, you can try to refer to the squid wiki pages http://wiki.squid-cache.org/SquidFaq/ConfiguringSquid and http://wiki.squid-cache.org/Features/HTTPS to know how to configure as forword proxy with HTTPS.
For Apache, you can try to refer to the apache doc page http://httpd.apache.org/docs/2.0/mod/mod_proxy.html#forwardreverse to do.
Then, setting the system properties for Java to enable proxy support after setting up forward proxy successfully.
There are two ways support proxy for Java.
Command Line JVM Settings: The proxy settings are given to the JVM via command line arguments:
java -Dhttp.proxyHost=proxyhostURL -Dhttp.proxyPort=proxyPortNumber -Dhttp.proxyUser=someUserName -Dhttp.proxyPassword=somePassword HelloWorldClass
Setting System Properties in Code: Adding the following lines in your Java code so that JVM uses the proxy to make HTTP calls.
System.setProperty("http.proxyPort", "someProxyPort");
System.setProperty("http.proxyUser", "someUserName");
System.setProperty("http.proxyPassword", "somePassword");
System.setProperty("http.proxyHost", "someProxyURL");
More information for Networking & Proxies & Properties in Java, Please refer to http://docs.oracle.com/javase/7/docs/technotes/guides/net/proxies.html and http://docs.oracle.com/javase/7/docs/technotes/guides/net/properties.html.
we got the solution. The issue is we are invoking asynchronous calls for all storage accounts at a time. For example : if we have 5 storage accounts and each storage accounts 5 vhd containers and in for loop if we invoke all 5 at time and with callback waiting for 5 response,In this case it's not working. so we are invoking each call separately and it's started working.
I'm consuming a web service in a java class standalone and it works fine.
I deployed that class as a part of a web-app in tomcat apache and it works fine.
Then, I deployed it in a glassfish server and I get this error:
WSS1601: Transport binding configured in policy but incoming message was not SSL enabled
I have several weeks stuck here. Seems like some glassfish setting doesn't accepts that my web-app uses a web service that works through HTTP (this is, and has to be the case).
The webservice client was made with the web service client wizard tool of netbeans (it uses wsimport-JAX-WS). More details on the error trace from the server:
com.sun.xml.wss.impl.XWSSecurityRuntimeException: WSS1601: Transport binding configured in policy but incoming message was not SSL enabled
at com.sun.xml.wss.impl.policy.verifier.MessagePolicyVerifier.verifyPolicy(MessagePolicyVerifier.java:125)
Has anybody else faced this issue?
Any help or ideas appreciated.
EDIT: I tried generating the stubs using the axis2 tool and it works great, so i'm sensing some kind of error in jax-ws when used in glassfish.
I guess you are trying to access the service enables with SSL. Try invoking the service with https also you have to install the valid SSL certificate in the client JDK.
The following link explain how to obtain and install a signed certificate :
https://docs.oracle.com/cd/E19798-01/821-1794/aeogl/index.html
Good luck :)
I'm trying to use java rome-fetcher to acquire rss feeds for processing. Everything works fine when I have direct internet access.
However, I need to be able to run my application behind a proxy server.
I have been unable to figure out how this can be done with rome-fetcher.
I am aware of the jvm
System.setProperty("http.proxyHost", proxy);
System.setProperty("http.proxyPort", proxyPort);
hack, but that is not an option for reasons I don't really want to explain.
With HttpClient you typically do something like this.
DefaultHttpClient client = new DefaultHttpClient();
HttpHost proxyTarget = new HttpHost("proxy.server.com", 4444);
client.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY, proxyTarget);
Does anyone how to assign proxy settings, and authentication credentials for that matter, to rome-fetcher?
Setting http.proxyHost and http.proxyPort is the only option to use http proxy for Rome for the time being.
Because the System.setProperty(...) is the only proxy option for rome-fetcher I ended up downloading a copy of the rome-fetcher source and made modifications to the underlying http client so it can handle different proxy configurations.
Fetcher was deprecated in version 1.6 of Rome and will be removed in version 2.0:
https://github.com/rometools/rome/issues/276
One of the reasons given is that the user doesn't have full control over the underlying HTTP connection -- an example being the inability to specify a proxy. Directly using Apache HttpClient is suggested instead.