Nio and http proxy

Similar Messages

• Java Nio and http proxy

  Hello,
  I would send a http request through a http proxy with a Nio Client. So I wrote by hand the
  http request :
  buffer.append("HTTP/1.1\n");
  buffer.append("Content-type: text/xml\n");
  Then I send this request with a Nio Client but the request doesn't pass.
  Can you help me ?

  I use tcp to send my request with a nio Client. The header of my http request :
  StringBuffer buffer = new StringBuffer();
  buffer.append("POST ");
  String path = "/";
  buffer.append(path + " ");
  buffer.append("HTTP/1.1\r\n");
  buffer.append("Content-type: text/xml\r\n");
  buffer.append("Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2\r\n");
  buffer.append("Host: 10.194.55.23:80\r\n");
  buffer.append("Connection: keep-alive\r\n");
  buffer.append("Content-Length: 0\r\n");
  buffer.append("\r\n");

• WWSAPI - Cannot connect to web service via SSL and HTTP proxy authentication with NTLM, errorCode 0x803d0016, HTTP status 407

  Hi,
  I built a web service client using WWSAPI. The connection works via SSL (without HTTP proxy) and it works with SSL and proxy with basic authentication as well. When I try to connect using a proxy with NTLM authentication, then I get the errorCode
  0x803d0016, HTTP status "407 (0x197)", "Proxy Authentication Required".
  In WireShark I see only one HTTP request to connect to the proxy with NTLM Message Type: NTLMSSP_NEGOTIATE. The HTTP Response returns Status 407 and the connection ist closed. Comparing this to Internet Explorer - the Connection is not closed and
  a second request with NTLMSSP_AUTH is sent.
  Why doesn't it make the complete NTLM handshake? Why wasn't sent the NTLMSSP_AUTH directly?
  I oriented in the HttpCalculatorWithKerberosOverSslClientExample.
  Using WS_HTTP_HEADER_AUTH_SECURITY_BINDING,
  WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_SCHEME was set to WS_HTTP_HEADER_AUTH_SCHEME_NTLM, WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_TARGET to WS_HTTP_HEADER_AUTH_TARGET_PROXY. I tried WS_DEFAULT_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE but also WS_STRING_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE.
  Any idea?
  Thanks

  Hi,
  I built a web service client using WWSAPI. The connection works via SSL (without HTTP proxy) and it works with SSL and proxy with basic authentication as well. When I try to connect using a proxy with NTLM authentication, then I get the errorCode
  0x803d0016, HTTP status "407 (0x197)", "Proxy Authentication Required".
  In WireShark I see only one HTTP request to connect to the proxy with NTLM Message Type: NTLMSSP_NEGOTIATE. The HTTP Response returns Status 407 and the connection ist closed. Comparing this to Internet Explorer - the Connection is not closed and
  a second request with NTLMSSP_AUTH is sent.
  Why doesn't it make the complete NTLM handshake? Why wasn't sent the NTLMSSP_AUTH directly?
  I oriented in the HttpCalculatorWithKerberosOverSslClientExample.
  Using WS_HTTP_HEADER_AUTH_SECURITY_BINDING,
  WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_SCHEME was set to WS_HTTP_HEADER_AUTH_SCHEME_NTLM, WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_TARGET to WS_HTTP_HEADER_AUTH_TARGET_PROXY. I tried WS_DEFAULT_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE but also WS_STRING_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE.
  Any idea?
  Thanks

• DAP and http proxy authentication

  I have a ASA firewall with http proxy authetication and now i configure DAP for Anyconnect with AD .I disable the "Default Dynamic Access Policy"  proxy authentication fail .Someone knows how to configure the DAP for http proxy authentication ?
  best regards

  Still nothing about it. I've also posted to another threads with similar problems:
  http://discussions.apple.com/message.jspa?messageID=8165122#8165122
  http://discussions.apple.com/message.jspa?messageID=8165120#8165120
  http://discussions.apple.com/message.jspa?messageID=8165118#8165118
  http://discussions.apple.com/message.jspa?messageID=8149758#8149758
  As I said before, while I've had OS 1.1.4, everything was normal. It began when I upgraded to 2.0.2 and after to 2.1. I also double checked if the TI here changed the policies, and they assured me they don't.
  Several other users with 2.x are also reporting the same trouble. As far as now, I've came across a post suggesting me to install a local http proxy on the phone, but I don't think it's gonna work.
  Let's keep this thread alive!

• After updating to iOS 6, I can no longer connect to my schools wireless network. It uses manual http proxy. Now however a blank pop up comes up and it will not connect you. Thanks

  After updating to iOS 6, I can no longer connect to my schools wireless network. It uses manual http proxy. Now however a blank pop up comes up and it will not connect you. Thanks

  Turn off your firewall and antivirus software.

• HTTPS and a Proxy server?

  Does the plugin-in still not work with HTTPS and a proxy server?
  From plug-in docs -
  "Java Plug-in supports http, ftp, gopher and SOCKS v4 protocols through the proxy server. Currently, Java Plug-in does not support https (SSL). "

  Hello
  I am making HTTPS calls from within my applet code and this works fine using the basic Java Plug-in support for HTTPS.
  This means my code basically does:
  URL url = new URL("https://myhost.com/servlet/Test");
  URLConnection conn = url.openConnection();
  etc..
  We are using Java 1.4.2. I've read in the "How HTTPS Works in Java Plug-in" for 1.3, that the plugin uses the browsers API for making HTTPS connections. Is this still the case for 1.4?
  My basic problem is that it all works fine if the browser is NOT configured to use a proxy server. If a proxy server is configured we get the following Exception in the client:
  java.io.IOException: Unable to tunnel through proxy. Proxy returns "HTTP/1.1 400 Bad Request ( The data is invalid. )"
  I have read that "Sun's Java Secure Socket Extension (JSSE) library allows you to access a secure Web server from behind a firewall via proxy tunnelling. However, JSSE expects the proxy's reply to the tunnelling request to begin with "HTTP 1.0"; otherwise, it throws an IOException" (http://www.javaworld.com/javatips/jw-javatip111_p.html)
  The article talks about using the JSSE library but it seems to be assuming the client is an application not an applet.
  How do I use JSSE from within an applet if all the proxy information I seem to need to set in the JSSE code is held by the browser?
  Will JSSE support proxies returning responses beginning HTTP 1.1 in the future?
  Any help on this would be greatly appreciated.
  Many thanks
  mark

• What HTTP Proxy settings to use and when?

  On the Wi-Fi Networks menu there are three options for HTTP Proxy - Off, Manual, Auto
  Which one should I use and when/why would I use the others?
  thx, gordo

  99% of the time, you should have the proxy settings turned off. Unless you are trying to connect to a corporate network, or some other network that requires a proxy server. In that case you would need to talk to the network administrators to obtain the settings you would need. If your just connecting to your wireless network at home, your almost for sure not going to need to enter anything for the proxy server settings.

• OSB call to remote Web Service via https proxy and https CONNECT problem

  Hi
  I have a service that calls a web service on another server as a web service. This call is via https and the certificate validation raises no errors.
  I now want this call to go via a squid httpd proxy on port 3128 on some machine. So I would like to use HTTP CONNECT (RFC 2817) proxying,. But when I set up this as a proxy, I am getting "Certificate chain" error messages. The certifcate chains is no different now from when I called without the http proxy, so what am I doing wrong? Does OSB support HTTP CONNECT?
  -Johan

  The exeption we are getting is BEA-380000
  General runtime error: [Security:090477]Certificate chain received from XXX - 123.123.123.123 --> test.salesforce.com was not trusted causing SSL handshake failure.
  This is of course not relevant if the callout were using CONNECT. In the CONNECT scenario, OSB would not care about XXX's certificate.

• Websecurity and End-user-notification with HTTPS proxy

  Hi all
  I would like to setup HTTPS-proxy functionality in a deployment. Most of the rules are "pass-through" and only a few would then be configured for drop or decryption.
  But if i set the connection to drop it is not possible to display an End-user-notification for the endusers. Is there any chance to display an End-user notification to the enduser while dropping or denying https access to a particular group ?
  If yes, is the End-user notification then displayed in normal http connection or in a https connection ?
  Did i use for that a trusted certificate to correctly display the end-user notification without to pop-up a certificate failure (because self-signed certificate is in place at the moment) ?
  It would be great, if you have some answers for some of those questions.

  Andrew,
    See if the below may be modified to do what you want.
  barbee.
  Cisco Ironport Advanced Services
       * This function checks for the category and redirects the user.
       *  -- 2010 june 16. barbee.
      function checkForRedirect() {
          var category = document.getElementById("category");
          if ( category.value == "Search Engines" ) {
              window.location = 'http://www.ironport.com';
  OTHER STUFF

• VPN and unwanted HTTP proxy

  I have a VPN tunnel working to my customer's site. However, it forces an HTTP proxy setting which routes all my http traffic through their proxy server. A side effect of this is that I can't access internal machines because the proxy server is only set up to access machines outside their network. This kind of defeats the point of the VPN.
  So, my goal is no http or https proxy. DNS should resolve based on search domains. This all works for non http/https requests. My mac can resolve all the domain names properly and can send traffic to the machines just fine. Ssh, vnc and other non-web access works great, both hosts over the VPN tunnel or just out my WAN interface.
  It's just the web proxy that is causing grief.
  Thanks for any help.

  Another piece of information. I screwed up and had a bogus entry in the /etc/hosts file for the machine I was testing web access to. Now I can access internal machines at my customer's site. However it looks like the web proxy is still in effect. If I set the Bypass proxy settings for these Hosts & Domains to * I see the change take effect with the scutil --proxy command. However my traffic still goes through their proxy server.

• Doubts about HTTPS requests and Java proxy

  Hello,
  I need help about SSL connections and Java.
  I'm developing a HTTP/S proxy with Java. To test my proxy, I use Firefox. I configure the proxy option in the browser. The proxy works good with HTTP requests, but with HTTPS requests doesn't work and I don't know why.
  I explain the steps that I do for a HTTPS request:
  * The browser sends a CONNECT message to the proxy.
  I check that the proxy receives the CONNECT request correctly.
  * The proxy establish a secure connection with the content server.
  I use an SSLSocket to connect with my content server, and the SSL handshake is succesful.
  * The proxy sends a 200 HTTP response to the client:
  I send
  HTTP/1.0 200 Connection established[CRLF]
  [CRLF]
  to the application client (Firefox)
  * The proxy sends/receive data to/from Firefox/content server
  I have a Socket between Firefox and my proxy, and a SSLSocket between my proxy and my content server. I use two threads to communicate the client and the server.
  Java code:
  //Thead server-->proxy-->application(Firefox)
  ThreadComm tpa = new ThreadComm(bis_serverSSL, bos_app);
  //Thread application(Firefox)-->proxy-->server
  ThreadComm tap = new ThreadComm(bis_app, bos_serverSSL);
  The "tpa" thread reads from the SSLSocket between the proxy and the server and sends data to the Socket between the proxy and Firefox.
  The "tap" thread reads from the Socket between the proxy and Firefox and sends data to the SSLSocket between the proxy and the server.
  This is the class ThreadComm:
  public class ThreadComm extends Thread{
      private BufferedInputStream bis = null;
      private BufferedOutputStream bos = null;
      public ThreadComm(BufferedInputStream bis, BufferedOutputStream bos) {
          this.bis = bis;
          this.bos = bos;
      @Override
      public void run() {
          int b = -1;
          FileOutputStream fos = null;
            do {
                 try {
                      b = bis.read();
                      System.out.print((char) b);
                      fos.write(b);
                      bos.write(b);
                      bos.flush();
                 } catch (Exception ex) {
                      Logger.getLogger(ThreadAplicacionProxy.class.getName()).log(Level.SEVERE, null, ex);
                      //b=-1;
            } while (b != -1);
      }But this doesn't work and I don't know why.      
  I have an Apache server with the mod_ssl enabled as content server, I can send requests (with Firefox) to the port 80(HTTP request) and 443(HTTPS request) without use my proxy and it works. If I use my proxy, HTTP request works but with HTTPS request doesn't work, I look the log of Apache and I see:
  [Tue Apr 27 17:32:03 2010] [info] Initial (No.1) HTTPS request received for child 62 (server localhost:443)
  [Tue Apr 27 17:32:03 2010] [error] [client 127.0.0.1] Invalid method in request \x80\x7f\x01\x03\x01
  [Tue Apr 27 17:32:03 2010] [debug] ssl_engine_kernel.c(1770): OpenSSL: Write: SSL negotiation finished successfully
  [Tue Apr 27 17:32:03 2010] [info] [client 127.0.0.1] Connection closed to child 62 with standard shutdown (server localhost:443)
  Why it say? Invalid method in request \x80\x7f\x01\x03\x01 , my proxy sends the data that the Firefox sends.
  I think than I have follow the explanations of [1] but doesn't work, I have problems in implementation in Java but I don't know where.
  I appreciate any suggestions.
  Thanks for your time.
  [1] http://www.web-cache.com/Writings/Internet-Drafts/draft-luotonen-web-proxy-tunneling-01.txt

  ejp, I have checked the socket between the proxy and server and ... You are right! , I was using the port 80 instead of the 443 (incredible mistake!, I'm sorry). I was convinced that I was using the port 443... Well, is a little step, but I still have not won the war :)
  If I see the log files of Apache, We can see that something goes wrong.
  localhost-access.log
  >
  127.0.0.1 - - [04/May/2010:17:44:48 +0200] "\x 80\x 7f\x01\x03\x01" 501 219
  >
  localhost-error.log
  >
  [Tue May 04 17:44:48 2010] [info] Initial (No.1) HTTPS request received for child 63 (server localhost:443)
  [Tue May 04 17:44:48 2010] [error] [client 127.0.0.1] Invalid method in request \x80\x7f\x01\x03\x01
  [Tue May 04 17:44:48 2010] [debug] ssl_engine_kernel.c(1770): OpenSSL: Write: SSL negotiation finished successfully
  [Tue May 04 17:44:48 2010] [info] [client 127.0.0.1] Connection closed to child 63 with standard shutdown (server localhost:443)
  >
  I think that this happens because Apache receives the data without decrypt, this is the reason because in the log we can see the "Invalid method in request \x80\x7f\x01\x03\x01". This supposition is true?
  ejp, you say that the "Termination is quite tricky." I have changed my code following yours suggestions (using the join and the shutdownOutput) but the threads don't die.
  I explain you what I do:
  (in time 1)
  I launch the thread (threadFirefoxToApache) that reads data from Firefox and sends to Apache.
  I launch the thread (threadApacheToFirefox) that reads data from Apache and sends to Firefox.
  (in time 2)
  threadFirefoxToApache sends the firts data to the server.
  threadApacheToFirefox is waiting that the server says something.
  (in time 3)
  threadFirefoxToApache is waiting that Firefox says something.
  threadApacheToFirefox sends data to Firefox.
  (in time 4)
  threadFirefoxToApache is waiting that Firefox says something.
  threadApacheToFirefox is waiting that Firefox says something.
  and they are waiting... and never finish.
  In time 2, these first data are encrypted. The server receives these data and It doesn't understand. In time 3, the server sends a HTTP response "501 Method Not Implemented", here there is a problem because this data must be encrypt. According to the documentation that I read, the proxy cannot "understand" this data but I can "understand" this data. What's happen?
  Firefox encrypt the data and send to the proxy. This It's correct.
  The proxy encrypt the data another time, because I use the SSLSocket to send the data to the server. Then the server receives the data encrypted two times, when decrypt the data gets the data encrypted one time. And this is the reason why the server doesn't understand the data that sends Firefox. It's correct? May be.
  Then If I want that the server receives the data encrypted one time I need to use the socketToServer, It's correct?
  I will supposed that yes. If I use the socketToServer, the proxy doesn't understand nothing, because the data received from the socketToServer are encrypted (I only see simbols), but the Apache log says that there is a problem with the version? (If I use the socketToServer the threads die)
  >
  [Tue May 04 19:55:42 2010] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: SSLv3 read finished A
  [Tue May 04 19:55:42 2010] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: SSLv3 write change cipher spec A
  [Tue May 04 19:55:42 2010] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: SSLv3 write finished A
  [Tue May 04 19:55:42 2010] [debug] ssl_engine_kernel.c(1760): OpenSSL: Loop: SSLv3 flush data
  [Tue May 04 19:55:42 2010] [debug] ssl_engine_kernel.c(1756): OpenSSL: Handshake: done
  [Tue May 04 19:55:42 2010] [info] Connection: Client IP: 127.0.0.1, Protocol: TLSv1, Cipher: RC4-MD5 (128/128 bits)
  [Tue May 04 19:55:42 2010] [debug] ssl_engine_io.c(1817): OpenSSL: read 5/5 bytes from BIO#29bd910 [mem: 29ea0a8] (BIO dump follows)
  [Tue May 04 19:55:42 2010] [debug] ssl_engine_io.c(1750): -------------------------------------------------------------------------
  [Tue May 04 19:55:42 2010] [debug] ssl_engine_io.c(1789): | 0000: 80 7f 01 03 .... |
  [Tue May 04 19:55:42 2010] [debug] ssl_engine_io.c(1793): | 0005 - <SPACES/NULS>
  [Tue May 04 19:55:42 2010] [debug] ssl_engine_io.c(1795): ------------------------------------------------------------------------
  [Tue May 04 19:55:42 2010] [debug] ssl_engine_kernel.c(1770): OpenSSL: Write: SSL negotiation finished successfully
  [Tue May 04 19:55:42 2010] [info] [client 127.0.0.1] SSL library error 1 reading data
  [Tue May 04 19:55:42 2010] [info] SSL Library Error: 336130315 error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
  [Tue May 04 19:55:42 2010] [debug] ssl_engine_kernel.c(1770): OpenSSL: Write: SSL negotiation finished successfully
  [Tue May 04 19:55:42 2010] [info] [client 127.0.0.1] Connection closed to child 63 with standard shutdown (server localhost:443)
  >
  What option is the correct? I need use the SSLSocketToServer or socketToServer to send/read the data to/from the server?. Use the SSLSocket has sense because the data travel in a secure socket, but use the Socket also has sense because the data are encrypted and they are protected by this encription. It's complicated...

• Http Proxy and Java Web Start 1.4.2_08

  Hi All,
  I'm confused as to how Java Web Start is supposed to work with an HTTP proxy. I'm testing an application in an environment which has an http proxy.
  Our application starts successfully with Web Start but the application is failing to connect to URLs. I have dumped the properties right when the app starts and proxyHost, proxyPort, http.proxyHost, http.ProxyPort are all set correctly. But every attempt to connect to URLs timeout.
  Note that running under 1.5, I get the value of the
  javaplugin.proxy.config.list property and use it to set the properties http.proxyHost and http.proxyPort. Then I am able to connect successfully to the same URLs which failed in 1.4.2_08 ( also fails
  with 1.4.2_03).
  Can someone please help me understand what's wrong here?
  Many thanks,
  Jason

  Actually, what I observed, in 1.4.2_08, is that the https.proxy* properties are being set. The http.proxy* properties are not set.
  in 1.5.0_04 none of the properties are set except for
  javaplugin.proxy.config.list, which I use to set http.proxyHost and http.proxyPort.

• Https front end and http backend

  Hi there....I am having a small issue....I have a web app that is https based....I have installed the cert on the CSS, and DNS for this app points to the VIP....the client is wanting to have an https front end, and then load balance in http to the backend servers....the issue I am running into is that this only works if I have an active port 80 rule on that same VIP....if I suspend the port 80 rule and only leave the port 443 rule active on that VIP, it doesn't work....please see appropriate config portions below....Thanks in advance!
  Sandeep
  ANy suggestions? I have been trying this for a couple of days now...it works fine if the backend sessions are also https, but the client has changed their requirement....
  ssl-proxy-list SSL1
  ssl-server 1
  ssl-server 1 rsakey app1-test
  ssl-server 1 rsacert app1-test
  ssl-server 1 vip address 10.19.55.10
  ssl-server 1 cipher rsa-with-rc4-128-md5 10.19.55.10 81
  backend-server 1
  backend-server 1 port 81
  backend-server 1 server-ip 10.19.55.132
  backend-server 1 ip address 10.19.55.132
  backend-server 2
  backend-server 2 port 81
  backend-server 2 server-ip 10.19.55.133
  backend-server 2 ip address 10.19.55.133
  backend-server 3
  backend-server 3 port 83
  backend-server 3 server-ip 10.19.55.132
  backend-server 3 ip address 10.19.55.132
  backend-server 4
  backend-server 4 port 83
  backend-server 4 server-ip 10.19.55.133
  backend-server 4 ip address 10.19.55.133
  backend-server 5
  backend-server 5 port 85
  backend-server 5 server-ip 10.19.55.132
  backend-server 5 ip address 10.19.55.132
  backend-server 6
  backend-server 6 port 85
  backend-server 6 server-ip 10.19.55.133
  backend-server 6 ip address 10.19.55.133
  active
  service webserver002:81
  ip address 10.19.55.132
  port 81
  keepalive port 2199
  keepalive type tcp
  protocol tcp
  active
  service webserver003:81
  ip address 10.19.55.133
  port 81
  keepalive port 2199
  keepalive type tcp
  protocol tcp
  add ssl-proxy-list SSL1
  active
  service webserver002:83
  ip address 10.19.55.132
  port 83
  add ssl-proxy-list SSL1
  keepalive port 2399
  keepalive type tcp
  protocol tcp
  active
  service webserver003:83
  ip address 10.19.55.133
  port 83
  keepalive port 2399
  keepalive type tcp
  protocol tcp
  add ssl-proxy-list SSL1
  active
  service webserver002:85
  ip address 10.19.55.132
  port 85
  add ssl-proxy-list SSL1
  keepalive port 2599
  keepalive type tcp
  protocol tcp
  active
  service webserver003:85
  ip address 10.19.55.133
  port 85
  keepalive port 2599
  keepalive type tcp
  protocol tcp
  add ssl-proxy-list SSL1
  active
  service SSL_Front
  slot 2
  type ssl-accel
  keepalive type none
  add ssl-proxy-list SSL1
  active
  owner app1-test
  content app-test_back
  vip address 10.19.55.10
  add service webserver002:81
  add service webserver003:81
  add service webserver002:83
  add service webserver003:83
  add service webserver002:85
  add service webserver003:85
  balance aca
  protocol tcp
  port 81
  active
  content app1-test_front
  vip address 10.19.55.10
  application ssl
  add service SSL_Front
  protocol tcp
  port 443
  advanced-balance ssl
  balance aca
  active

  Thanks for the quick reply....there is another port 80 rule setup for that vip....I was using that to test with the app until I got the front end https rules working....
  my port 80 rules just says listen to 10.19.55.10 on port 80 and load balance btwn the webervers on port 8x in the back end...
  I am trying to do https front end and http backend....
  no where in my SSL config have I configured port 80....but when I suspend that rule it all fails....
  I am wondering if the backend server sessions are happening properly?
  I don't fully get what you mean by "You need to have the rule in port 443 to match traffic coming from the client and the clear text rule (port 81) to match traffic already decrypted coming from the SSL module"
  Haven'tI done that?
  Thanks again!
  Sandeep

• Javax.xml.ws.soap.SOAPFaultException: InvalidSecurity : error in processing the WS-Security security header error while invoking FinancialUtilService using HTTP proxy client

  I am trying to invoke FinancialUtilService using HTTP proxy client. I am getting below error while i am trying to invoke this service. Using FusionServiceTester i am able to invoke service and upload file to UCM. Using oracle.ucm.fa_client_11.1.1.jar also i am able to upload file to UCM without any issue. But using HTTP proxy client i am facing below error. Can anyone please help me. PFA code i am using to invoke this service.
  javax.xml.ws.soap.SOAPFaultException: InvalidSecurity : error in processing the WS-Security security header
    at com.sun.xml.ws.fault.SOAP11Fault.getProtocolException(SOAP11Fault.java:197)
    at com.sun.xml.ws.fault.SOAPFaultBuilder.createException(SOAPFaultBuilder.java:122)
    at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:125)
    at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:95)
    at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:135)
    at $Proxy43.uploadFileToUcm(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at weblogic.wsee.jaxws.spi.ClientInstance$ClientInstanceInvocationHandler.invoke(ClientInstance.java:363)
    at $Proxy44.uploadFileToUcm(Unknown Source)
    at com.oracle.xmlns.apps.financials.commonmodules.shared.financialutilservice.FinancialUtilServiceSoapHttpPortClient.invokeUpload(FinancialUtilServiceSoapHttpPortClient.java:299)
    at com.oracle.xmlns.apps.financials.commonmodules.shared.financialutilservice.FinancialUtilServiceSoapHttpPortClient.main(FinancialUtilServiceSoapHttpPortClient.java:273)
  Process exited with exit code 0.
  Message was edited by: Oliver Steinmeier
  Removed attachment

  Hi Jani,
  Thanks for your reply.
  I am new to webservices and we are trying to do a POC on invoking FinancialUtilService using HTTP proxy client. I am following steps mentioned in attached pdf section "Invoking FinancialUtil Service using Web Service Proxy Client". I have imported certificate using below command. 
       keytool -import -trustcacerts -file D:\Retek\Certificate.cer -alias client -keystore D:\Retek\default-keystore.jks -storepass welcome1
  Invoking
      SecurityPolicyFeature[] securityFeature =
      new SecurityPolicyFeature[] { new
      SecurityPolicyFeature("oracle/wss11_saml_token_with_message_protection_client_policy")};
      financialUtilService_Service = new FinancialUtilService_Service();
      FinancialUtilService financialUtilService= financialUtilService_Service.getFinancialUtilServiceSoapHttpPort(securityFeature);
      // Get the request context to set the outgoing addressing properties
      WSBindingProvider wsbp = (WSBindingProvider)financialUtilService;
      WSEndpointReference replyTo =
        new WSEndpointReference("https://efops-rel91-patchtest-external-fin.us.oracle.com/finFunShared/FinancialUtilService", WS_ADDR_VER);
      String uuid = "uuid:" + UUID.randomUUID();
      wsbp.setOutboundHeaders( new StringHeader(WS_ADDR_VER.messageIDTag, uuid), replyTo.createHeader(WS_ADDR_VER.replyToTag));
      wsbp.getRequestContext().put(WSBindingProvider.USERNAME_PROPERTY, "fin_user1");
      wsbp.getRequestContext().put(WSBindingProvider.PASSWORD_PROPERTY,  "Welcome1");
      wsbp.getRequestContext().put(ClientConstants.WSSEC_RECIPIENT_KEY_ALIAS,"service");
      wsbp.getRequestContext().put(ClientConstants.WSSEC_KEYSTORE_LOCATION, "D:/Retek/default-keystore.jks");
      wsbp.getRequestContext().put(ClientConstants.WSSEC_KEYSTORE_PASSWORD, "welcome1" );
      wsbp.getRequestContext().put(ClientConstants.WSSEC_KEYSTORE_TYPE, "JKS" );
      wsbp.getRequestContext().put(ClientConstants.WSSEC_SIG_KEY_ALIAS, "client" );
      wsbp.getRequestContext().put(ClientConstants.WSSEC_SIG_KEY_PASSWORD, "password" );
      wsbp.getRequestContext().put(ClientConstants.WSSEC_ENC_KEY_ALIAS, "client" );
      wsbp.getRequestContext().put(ClientConstants.WSSEC_ENC_KEY_PASSWORD, "password" );
  SEVERE: WSM-00057 The certificate, client, is not retrieved.
  SEVERE: WSM-00137 The encryption certificate, client, is not retrieved due to exception oracle.wsm.security.SecurityException: WSM-00057 : The certificate, client, is not retrieved..
  SEVERE: WSM-00161 Client encryption public certificate is not configured for Async web service client
  SEVERE: WSM-00005 Error in sending the request.
  SEVERE: WSM-07607 Failure in execution of assertion {http://schemas.oracle.com/ws/2006/01/securitypolicy}wss11-saml-with-certificates executor class oracle.wsm.security.policy.scenario.executor.Wss11SamlWithCertsScenarioExecutor.
  SEVERE: WSM-07602 Failure in WS-Policy Execution due to exception.
  SEVERE: WSM-07501 Failure in Oracle WSM Agent processRequest, category=security, function=agent.function.client, application=null, composite=null, modelObj=FinancialUtilService, policy=oracle/wss11_saml_token_with_message_protection_client_policy, policyVersion=null, assertionName={http://schemas.oracle.com/ws/2006/01/securitypolicy}wss11-saml-with-certificates.
  oracle.wsm.common.sdk.WSMException: WSM-00161 : Client encryption public certificate is not configured for Async web service client
    at oracle.wsm.security.policy.scenario.executor.Wss11SamlWithCertsScenarioExecutor.sendRequest(Wss11SamlWithCertsScenarioExecutor.java:173)
    at oracle.wsm.security.policy.scenario.executor.SecurityScenarioExecutor.execute(SecurityScenarioExecutor.java:545)
    at oracle.wsm.policyengine.impl.runtime.AssertionExecutor.execute(AssertionExecutor.java:41)
    at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeSimpleAssertion(WSPolicyRuntimeExecutor.java:608)
    at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeAndAssertion(WSPolicyRuntimeExecutor.java:335)
    at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.execute(WSPolicyRuntimeExecutor.java:282)
    at oracle.wsm.policyengine.impl.PolicyExecutionEngine.execute(PolicyExecutionEngine.java:102)
    at oracle.wsm.agent.WSMAgent.processCommon(WSMAgent.java:915)
    at oracle.wsm.agent.WSMAgent.processRequest(WSMAgent.java:436)
    at oracle.wsm.agent.handler.WSMEngineInvoker.handleRequest(WSMEngineInvoker.java:393)
    at oracle.wsm.agent.handler.wls.WSMAgentHook.handleRequest(WSMAgentHook.java:239)
    at weblogic.wsee.jaxws.framework.jaxrpc.TubeFactory$JAXRPCTube.processRequest(TubeFactory.java:220)
    at weblogic.wsee.jaxws.tubeline.FlowControlTube.processRequest(FlowControlTube.java:98)
    at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:604)
    at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:563)
    at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:548)
    at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:445)
    at com.sun.xml.ws.client.Stub.process(Stub.java:259)
    at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:152)
    at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:115)
    at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:95)
    at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:135)
    at $Proxy43.uploadFileToUcm(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at weblogic.wsee.jaxws.spi.ClientInstance$ClientInstanceInvocationHandler.invoke(ClientInstance.java:363)
    at $Proxy44.uploadFileToUcm(Unknown Source)
    at com.oracle.xmlns.apps.financials.commonmodules.shared.financialutilservice.FinancialUtilServiceSoapHttpPortClient.invokeUpload(FinancialUtilServiceSoapHttpPortClient.java:111)
    at com.oracle.xmlns.apps.financials.commonmodules.shared.financialutilservice.FinancialUtilServiceSoapHttpPortClient.main(FinancialUtilServiceSoapHttpPortClient.java:86)
  Caused by: oracle.wsm.security.SecurityException: WSM-00161 : Client encryption public certificate is not configured for Async web service client
    at oracle.wsm.security.policy.scenario.processor.Wss11X509TokenProcessor.insertClientEncCertToWSAddressingHeader(Wss11X509TokenProcessor.java:979)
    at oracle.wsm.security.policy.scenario.processor.Wss11X509TokenProcessor.build(Wss11X509TokenProcessor.java:206)
    at oracle.wsm.security.policy.scenario.executor.Wss11SamlWithCertsScenarioExecutor.sendRequest(Wss11SamlWithCertsScenarioExecutor.java:164)
    ... 30 more
  Caused by: oracle.wsm.security.SecurityException: WSM-00057 : The certificate, client, is not retrieved.
    at oracle.wsm.security.jps.WsmKeyStore.getJavaCertificate(WsmKeyStore.java:534)
    at oracle.wsm.security.jps.WsmKeyStore.getCryptCert(WsmKeyStore.java:570)
    at oracle.wsm.security.policy.scenario.processor.Wss11X509TokenProcessor.insertClientEncCertToWSAddressingHeader(Wss11X509TokenProcessor.java:977)
    ... 32 more
  SEVERE: WSMAgentHook: An Exception is thrown: WSM-00161 : Client encryption public certificate is not configured for Async web service client
  File upload failed
  javax.xml.ws.WebServiceException: javax.xml.rpc.JAXRPCException: oracle.wsm.common.sdk.WSMException: WSM-00161 : Client encryption public certificate is not configured for Async web service client
    at weblogic.wsee.jaxws.framework.jaxrpc.TubeFactory$JAXRPCTube.processRequest(TubeFactory.java:231)
    at weblogic.wsee.jaxws.tubeline.FlowControlTube.processRequest(FlowControlTube.java:98)
    at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:604)
    at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:563)
    at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:548)
    at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:445)
    at com.sun.xml.ws.client.Stub.process(Stub.java:259)
    at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:152)
    at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:115)
    at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:95)
    at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:135)
    at $Proxy43.uploadFileToUcm(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at weblogic.wsee.jaxws.spi.ClientInstance$ClientInstanceInvocationHandler.invoke(ClientInstance.java:363)
    at $Proxy44.uploadFileToUcm(Unknown Source)
    at com.oracle.xmlns.apps.financials.commonmodules.shared.financialutilservice.FinancialUtilServiceSoapHttpPortClient.invokeUpload(FinancialUtilServiceSoapHttpPortClient.java:111)
    at com.oracle.xmlns.apps.financials.commonmodules.shared.financialutilservice.FinancialUtilServiceSoapHttpPortClient.main(FinancialUtilServiceSoapHttpPortClient.java:86)
  Caused by: javax.xml.rpc.JAXRPCException: oracle.wsm.common.sdk.WSMException: WSM-00161 : Client encryption public certificate is not configured for Async web service client
    at oracle.wsm.agent.handler.wls.WSMAgentHook.handleException(WSMAgentHook.java:395)
    at oracle.wsm.agent.handler.wls.WSMAgentHook.handleRequest(WSMAgentHook.java:248)
    at weblogic.wsee.jaxws.framework.jaxrpc.TubeFactory$JAXRPCTube.processRequest(TubeFactory.java:220)
    ... 19 more

• Give me description about JAVA Proxy Runtime and JAVA Proxy Server

  Give me description about JAVA Proxy Runtime and JAVA Proxy Server with some examples.

  Hi,
  Java proxy runtime :
  Using the Java proxy runtime you can receive messages or send messages to the Integration Server.
  This will help you
  http://help.sap.com/saphelp_nw04/helpdata/en/64/7e5e3c754e476ee10000000a11405a/frameset.htm
  Java proxy server :
  The connection to the Integration Server by using the Java proxy runtime.
  This will help you
  http://help.sap.com/saphelp_nw04/helpdata/en/87/5305adc23540b8ac7bce08dbe96bd5/frameset.htm
  Regards
  Agasthuri Doss