I am trying to access a website from my code using HttpClient :
CloseableHttpClient httpclient = HttpClients.createDefault();
HttpGet httpget = new HttpGet("https://www.datamed.org/search.php?query=gene&searchtype=data");
ResponseHandler<String> responseHandler = new BasicResponseHandler();
String responseBody = httpclient.execute(httpget, responseHandler);
This is the error i am getting :
Exception in thread "main" javax.net.ssl.SSLException: hostname in certificate didn't match: <www.datamed.org> != <ucrexdc.ucsd.edu> OR <ucrexdc.ucsd.edu>
I checked the certificate from browser, it seems correct, with correct names.
Not sure from where it is picking up ucrexdc.ucsd.edu .
The code does work if I use a proxy.
Gone through a lot of similar issues on StackOverflow, but in most cases the server was under user's control. In my case, this is an already existing website. and i have this problem only for this website.
Can it be a problem with my environment?
UPDATE:
I found out that both the websites (datamed.org and ucrexdc.ucsd.edu) have the same IP , 169.228.51.21 . Can it be a problem, why doesn't the browser have issues with this?
UPDATE 2:
I was using apache http-client 4.3.1,
When i updated to 4.4.1, it was resolved. the issue was most possibly related to SNI.
HttpClient provides two implementations for Hostname verification.
DefaultHostnameVerifier
NoopHostnameVerifier
by default HttpClient uses DefaultHostnameVerifier implementation. You can try the different hostname verifier implementation.
SSLContext sslContext = SSLContexts.createSystemDefault();
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE);
HttpClient httpClient = HttpClientBuilder.create().setSSLSocketFactory(sslsf).build();
Related
I have a very basic java webservice call...
public static String contactWebservice(){
DefaultHttpClient httpclient = new DefaultHttpClient();
HttpHost target = new HttpHost(“www.someurl.com”, 443, "https");
HttpGet getRequest = new HttpGet("PARAMETERS FOR WEBSERVICE");
HttpResponse httpResponse = httpclient.execute(target, getRequest);
…more code...
I need to turn this into a SSL call without a cert. Much like a browser contacts an ssl secured webpage and gets data back without having a cert. I've tried many different methods but nothing has worked so far. I keep getting "peer not authenticated" errors.
I was happy to access SharePoint using PowerShell. It just picked -DefaultCredential and I didn't have to worry about that. That was for prototyping.
But my actual code is Java. Now I am not sure about this at all.
Even though I make REST calls, even SOAP would fail if I don't authenticate properly.
Method 1 : NTLM
Here the only thing I am not sure about is the workstation ID. I login using Citrix to a VM and there is an explicit Workstation ID. I use that.
Returns 401.
DefaultHttpClient client = new DefaultHttpClient();
HttpGet request = new HttpGet("http://teams.host.com/_vti_bin/listdata.svc/");
NTCredentials credentials = new NTCredentials("user", 'pass', "workstation", "Domain");
client.getCredentialsProvider().setCredentials(new AuthScope("teams.host.com",80), credentials);
HttpResponse response = client.execute(request);
Method 2 : Basic authentication.
HttpGet request = new HttpGet("http://teams.host.com/_vti_bin/listdata.svc/");
CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(AuthScope.ANY,
new UsernamePasswordCredentials("user", "password"));
CloseableHttpClient httpClient =
HttpClientBuilder.create().setDefaultCredentialsProvider(credentialsProvider).build();
HttpResponse response = httpClient.execute(request);
Returns 401.
What other method do I use ? Digest ? Since I don't know how -DefaultCredential in PowerShell worked I am back to the drawing board.
How should I investigate this ? I must be making some basic mistakes in this Java code. The flow is not right. That is my supposition.
So from Apache HttpClient this is the code that connects to SharePoint 2010. The workstation ID is the one used when I use Citrix XenDesktop to login to a Windows machine. I am able to get the result of my REST Get request.
This uses NTLM authentication.
DefaultHttpClient client = new DefaultHttpClient();
HttpGet request = new HttpGet("http://teams.host.com/_vti_bin/listdata.svc/");
NTCredentials credentials = new NTCredentials("user", 'pass', "workstation", "Domain");
client.getCredentialsProvider().setCredentials(new AuthScope("teams.host.com",80), credentials);
HttpResponse response = client.execute(request);
I had a problem of HttpURLConnection Invalid HTTP method: PATCH and got a suggestion here in which the X-HTTP-Method-Override work around did not work out for me. So I tried
CloseableHttpClient httpClient = HttpClients.createDefault();
HttpPatch httpPatch = new HttpPatch(new URI("http://example.com"));
CloseableHttpResponse response = httpClient.execute(httpPatch);
where I am facing a challenge. My request is an HTTPS request and I have the url as https://192.168.1.1/foo/bar. I neither know the hostname of the ip 192.168.1.1 which is validated by CloseableHttpClient with the hostname on the certificate, nor want to perform a DNS look up to happen(not even in the known hosts).
Are there any feasibility to perform a PATCH request in my case?
I've just upgraded to org.apache.httpcomponents.httpclient 4.3. Previously I created a client and did pre-emptive authentication like this:
final HttpClient client = new DefaultHttpClient();
final HttpRequestBase request = new HttpGet(url);
request.addHeader(BasicScheme.authenticate( new UsernamePasswordCredentials(username,password), "UTF-8", false));
Now that this is deprecated I have to create a client and authenticate like this:
HttpClientBuilder clientBuilder = HttpClientBuilder.create();
final CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(username, password));
clientBuilder = clientBuilder.setDefaultCredentialsProvider(credentialsProvider);
However instead of authenticating and making a successful GET I get a 302 in response. I think this could be fixed by setting pre-emptive authentication, but I can't find how. Maybe I have authentication in this second example all wrong?
Can I get some pointers, please?
It's not clear whether this is actually a real problem.
HTTP 302 is a redirection. You need to follow the redirect.
I need to connect to our solr server which is behind a proxy(?).
Following I tried (nothing special):
SolrServer server = new HttpSolrServer("https://urltosolr/solr");
try {
SolrPingResponse pingResponse = server.ping();
} catch (SolrServerException e) {
....
}
stacktrace:
org.apache.solr.client.solrj.SolrServerException: IOException occured when talking to server at: https://urltosolr/solr
...
Caused by: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
After that I tried the other constructor for HttpSolrServer but I don't know how to set username and password correctly into HttpClient. Can anyone help?
I don't see where you're trying to connect through a proxy in your code, you only provided the solr url while creating the HttpSolrServer. You can provide your own HttpClient instance while creating your HttpSolrServer instance. Your HttpClient instance can contain the information about the proxy. The needed code should be the following, which you can find in the http-components examples:
DefaultHttpClient httpclient = new DefaultHttpClient();
HttpHost proxy = new HttpHost(proxyHost, proxyPort, "http");
httpclient.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY, proxy);
httpclient.getCredentialsProvider().setCredentials(
AuthScope.ANY,
new UsernamePasswordCredentials(username, password));
SolrServer solrServer = new HttpSolrServer(solrUrl, httpclient);
Looking more at your question, I don't think you need to connect using a proxy. You error is about https. Have a look at this other question and answers to see what you need to do. The version of httpclient you need to look at is 4.x.