1
0
-1

Hi all,

We did a service in order to check the proxy configuration. Service is :

import com.avoka.tm.http.GetRequest
import com.avoka.tm.http.HttpResponse
import com.avoka.tm.vo.SvcDef
import com.avoka.tm.vo.Txn
import com.avoka.tm.vo.User
import javax.servlet.http.HttpServletRequest

class FluentDynamicData {

    /*
     * Perform Form Dynamic Data service call.
     *
     * returns: REST response text data
     */
    String invoke(SvcDef svcDef, Txn txn, HttpServletRequest request, User user) {

        HttpResponse response
        try {
            response = new GetRequest(request.getParameter('url')).execute()
        } catch (Exception e) {
            return e.toString()
        }

        return response.status
    }
}

As far as I understood by reading the GetRequest documentation is :

  1. public class GetRequest extends HttpRequest
  2. Socket connections will also apply any JVM proxy settings automatically.

So, I did this in configuration file in  avoka/transact/manager/server/standalone/configuration/standalone.xml

        <property name="http.proxyUser" value="######"/>

        <property name="http.proxyPassword" value="########"/>

        <property name="https.proxyUser" value="#####"/>

        <property name="https.proxyPassword" value="######"/>

        <property name="http.proxyHost" value="######"/>

        <property name="http.proxyPort" value="######"/>

        <property name="https.proxyHost" value="######"/>

        <property name="https.proxyPort" value="######"/>

        <property name="http.nonProxyHosts" value="######"/>

 

When I'm running the service If I'm trying to reach an internal page, I'm getting a 200 HTTP response.

When I'm trying to reach an external page such as http://google.com, I'm getting a 407 HTTP response, meaning proxy needs authentication.

I'm not really fluent in development but as far as I understand it sounds com.avoka.tm.http.GetRequest  or com.avoka.tm.http.HttpResquest  is not implementing the authentication mechanism thru  java.net.Authenticator.

 

May be someone from Avoka product dev team can check this point ?

Thx in advance for any answer.

Fabrice

 

    CommentAdd your comment...

    1 answer

    1.  
      3
      2
      1

      Hi Fabrice,

      The GetRequest and HttpRequest provide fluent API wrappers around the Apache HTTP Components classes.

      For proxy configuration the HttpRequest class uses the Apache HttpClients.createSystem() method which should be using any JVM proxy configurations.

      https://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache/http/impl/client/HttpClients.html#createSystem()

      http://grepcode.com/file/repo1.maven.org/maven2/org.apache.httpcomponents/httpclient/4.5/org/apache/http/impl/client/HttpClients.java/

      Please note the Apache HttpClient packages are in the Fluent security whitelist so you should be able to test different proxy configurations using HttpClient directly.  If you find anything you are missing please let us know and we can look at adding these.

      regards Malcolm

       

      1. Fabrice Bacou

        Hi Malcom,

        Thx for your fast reply.  I red the Apache documentation HTTPClient   :

        public class HttpClientBuilder
        extends Object

        Builder for CloseableHttpClient instances.

        When a particular component is not explicitly set this class will use its default implementation. System properties will be taken into account when configuring the default implementations when useSystemProperties() method is called prior to calling build().

        • ssl.TrustManagerFactory.algorithm
        • javax.net.ssl.trustStoreType
        • javax.net.ssl.trustStore
        • javax.net.ssl.trustStoreProvider
        • javax.net.ssl.trustStorePassword
        • ssl.KeyManagerFactory.algorithm
        • javax.net.ssl.keyStoreType
        • javax.net.ssl.keyStore
        • javax.net.ssl.keyStoreProvider
        • javax.net.ssl.keyStorePassword
        • https.protocols
        • https.cipherSuites
        • http.proxyHost
        • http.proxyPort
        • http.nonProxyHosts
        • http.keepAlive
        • http.maxConnections
        • http.agent

         

        and as far my skills go, my understanding is

        • http.proxyUser
        • http.proxyPassword

        are not considered as default properties and must be set by using   the  setProxyAuthenticationStrategy method.

        My concern is not writing directly a service code on which I have the full authority but using services such as DOCUSIGN or eSignLive thru the dedicated service connections provided by Avoka. I'm pretty sure those services are writing using :

        implementations.

        So the test I'm doing here is to be sure that my Avoka TM box (on premise) is correctly set to reach Internet world ( even now with a proxy authen mode) and then to focus on services issue if they appear.

        Regards

        Fabrice

      2. Malcolm Edgar

        Reading through the internal Apache HttpClientBuilder I think we may need to expose setting the proxy Host and authentication strategy 

        http://grepcode.com/file/repo1.maven.org/maven2/org.apache.httpcomponents/httpclient/4.5/org/apache/http/impl/client/HttpClientBuilder.java#HttpClientBuilder.setProxy%28org.apache.http.HttpHost%29

        With regard to the Exchange services, the Exchange team will probably be able to turn around some updates for you pretty quickly once you have figure out your Proxy/Authentication solution.

        regards Malcolm

      CommentAdd your comment...