Working with JSSE using multi-purpose keystore

Hello,
I am currently working on an application which employs the JCA for providing signatures, authenticating users etc., but also working with JSSE.
More specifically: The application must be able to verify signatures on code packages created by known users and loaded at runtime; but for communication with other parts of the application, it shall use SSL connections.
Now I worked through the JSSE manuals and I was able to set up a simple SSL application with client and server, using all the getDefaults() I could get a hold on.
In the final application that I am working on, I will have a keystore with quite a lot of keys from users, public and possibly private ones, and also a key for the SSL communication. I have the strong feeling that I will not see many getDefault()s anymore.
My problem is that by looking at the API, I don't have any clue how to tell the JSSE which key to use for the SSL connection from the keystore holding possibly many keys of users.
Moreover, how do I pass the passphrase for unlocking the private key to the JSSE if it is not equal to the keystore password? (Which, by the way, seems to me to require passing via the command line - argh!)
Help would be greatly appreciated.
Michael

I've got it.
The secret is to create an own X509KeyManager. This key manager gets its keys from the keystore, so I have the chance to provide an alias which is intended to be used for SSL and to provide the key password.
public class SpecialX509KeyManager implements X509KeyManager {
public SpecialX509KeyManager(KeyStore keys, String sSSLAlias, String sPassword) {
// browse the keystore,
// get the key which has the given alias - and only this one -
// and use the password to decrypt it
// keep the key and its certificate chain
The keystore must be loaded before, using the keystore password:
KeyStore keys = KeyStore.getInstance("JKS");
keys.load(new FileInputStream("server.ks"), "keystorepw".toCharArray());
KeyManager[] akm = new KeyManager[1];
akm[0] = new SpecialX509KeyManager(keys, "ssl", "ssl012");
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(akm, null, null);
SSLServerSocketFactory sslSrvFact = sc.getServerSocketFactory();
That is, I have a keystore, using the password "keystorepw", containing keys with one using the alias "ssl" and the password "ssl012".
Michael

Similar Messages

I'm working with 5 angle multi clip and FCPX keeps crashing any ideas? 10.0.4

I'm working with 5 angle multi clip using proxy media and adjusting audio levels using pasta effects and FCPX keeps crashing any ideas? 10.0.4

Restore OS X using OS X Recovery
Startup your Mac while holding down the Command + keys. From there you will have access to the built in utiities to restore OS X.
Backup important files beforehand just in case.

Error when working with TableView using JCA

Hi sdns,
I am getting an iview rutnime error when working with Tableview using JCA. Here i am putting all my code, go thorugh it and tell me if any error is there.One more thing is Usermappping and all properties are set to system object.
Now you can throught he code which is followed by error also.
Java file.
public class DisplayComponent extends PageProcessorComponent {
 public DynPage getPage() {
 return new DisplayComponentDynPage();
 public static class DisplayComponentDynPage extends JSPDynPage {
 private JCATviewBean bean;
 public void doInitialization() {
 IPortalComponentProfile profile =
 ((IPortalComponentRequest) getRequest())
 .getComponentContext()
 .getProfile();
 Object o = profile.getValue("myBean");
 if (o == null || !(o instanceof JCATviewBean)) {
 bean = new JCATviewBean();
 profile.putValue("myBean", bean);
 } else {
 bean = (JCATviewBean) o;
 // fill your bean with data here...
 IPortalComponentRequest request =
 (IPortalComponentRequest) this.getRequest();
 doJca(request);
 public void doProcessAfterInput() throws PageException {
 public void doProcessBeforeOutput() throws PageException {
 this.setJspName("Report.jsp");
 private IConnection getConnection(
 IPortalComponentRequest request,
 String alias)
 throws Exception {
 IConnectorGatewayService cgService =
 (IConnectorGatewayService) PortalRuntime
 .getRuntimeResources()
 .getService(
 IConnectorService.KEY);
 ConnectionProperties prop =
 new ConnectionProperties(
 request.getLocale(),
 request.getUser());
 return cgService.getConnection(alias, prop);
 public void doJca(IPortalComponentRequest request) {
 IConnectionFactory connectionFactory = null;
 IConnection client = null;
 String rfm_name = "BAPI_COMPANYCODE_GETLIST";
 try {
 try {
 // pass the request & system alias
 // Change the alias to whatever the alias is for your R/3 system
 client = getConnection(request, "MyIDES");
 } catch (Exception e) {
 System.out.println(
 "Couldn't establish a connection with a target system.");
 return;
Start Interaction
 IInteraction interaction = client.createInteractionEx();
 IInteractionSpec interactionSpec =
 interaction.getInteractionSpec();
 interactionSpec.setPropertyValue("Name", rfm_name);
CCI api only has one datatype: Record
 RecordFactory recordFactory = interaction.getRecordFactory();
 MappedRecord importParams =
 recordFactory.createMappedRecord(
 "CONTAINER_OF_IMPORT_PARAMS");
 IFunctionsMetaData functionsMetaData =
 client.getFunctionsMetaData();
 IFunction function = functionsMetaData.getFunction(rfm_name);
 if (function == null) {
 System.out.println(
 "Couldn't find " + rfm_name + " in a target system.");
 return;
How to invoke Function modules
 System.out.println("Invoking... " + function.getName());
 MappedRecord exportParams =
 (MappedRecord) interaction.execute(
 interactionSpec,
 importParams);
How to get structure values
 IRecord exportStructure = (IRecord) exportParams.get("RETURN");
 String columnOne = exportStructure.getString("TYPE");
 String columnTwo = exportStructure.getString("CODE");
 String columnThree = exportStructure.getString("MESSAGE");
 System.out.println(" RETURN-TYPE = " + columnOne);
 System.out.println(" RETURN-CODE = " + columnTwo);
 System.out.println(" RETURN-MESSAGE =" + columnThree);
How to get table values
 IRecordSet exportTable =
 (IRecordSet) exportParams.get("COMPANYCODE_LIST");
 exportTable.beforeFirst();
 // Moves the cursor before the first row.
 while (exportTable.next()) {
 String column_1 = exportTable.getString("COMP_CODE");
 String column_2 = exportTable.getString("COMP_NAME");
 System.out.println(
 " COMPANYCODE_LIST-COMP_CODE = " + column_1);
 System.out.println(
 " COMPANYCODE_LIST-COMP_NAME = " + column_2);
 // create the tableview mode in the bean
 bean.createData(exportTable);
Closing the connection
 client.close();
 } catch (ConnectorException e) {
 // app.putValue("error", e);
 System.out.println("Caught an exception: \n" + e);
 } catch (Exception e) {
 System.out.println("Caught an exception: \n" + e);
Bena file
package com.sap.JCA.bean;
import java.util.Vector;
import com.sapportals.connector.execution.structures.IRecordSet;
import com.sapportals.htmlb.table.DefaultTableViewModel;
import com.sapportals.htmlb.table.TableViewModel;
public class JCATviewBean {
 public DefaultTableViewModel model;
 public TableViewModel getModel() {
 return this.model;
 public void setModel(DefaultTableViewModel model) {
 this.model = model;
 public void createData(IRecordSet table) {
// this is your column names
 Vector column = new Vector();
 column.addElement("Company Code");
 column.addElement("Company Name");
// all this logic is for the data part.
 Vector rVector = new Vector();
 try {
 table.beforeFirst();
 while (table.next()) {
 Vector data = new Vector();
 data.addElement(table.getString("COMP_CODE"));
 data.addElement(table.getString("COMP_NAME"));
 rVector.addElement(data);
 } catch (Exception e) {
 e.printStackTrace();
// this is where you create the model
 this.setModel(new DefaultTableViewModel(rVector, column));
JSP File:
<%@ taglib uri="tagLib" prefix="hbj" %>
<jsp:useBean id="myBean" scope="application" class="com.sap.JCA.bean.JCATviewBean" />
<hbj:content id="myContext" >
<hbj:page title="PageTitle">
 <hbj:form id="myFormId" >
 
 <hbj:textView id = "tv1" text = "TableView Example Using JCA "/>
<hbj:tableView
 id="myTableView1"
 model="myBean.model"
 design="ALTERNATING"
 headerVisible="true"
 footerVisible="true"
 fillUpEmptyRows="true"
 navigationMode="BYLINE"
 selectionMode="MULTISELECT"
 headerText="TableView example1"
 visibleFirstRow="1"
 visibleRowCount="30"
 width="500 px"
 />
 </hbj:form>
</hbj:page>
</hbj:content>
Error when Executing this component:
Portal Runtime Error
An exception occurred while processing a request for :
iView : N/A
Component Name : N/A
com/sapportals/portal/htmlb/page/PageProcessorComponent.
Exception id: 12:21_28/10/05_0173_94105150
See the details for the exception ID in the log file
If anybody find the error please reply to this post.
Regards,
sireesha.

Thanks for your response Martin,
I have already seen the log file but im couldn't findout anything from that since it is so long here im putting some part of please see this.if u able to find it clarify me,
Here the log file:
1.5#001321FD6213005D0000907100001CB000040419258FBF4E#1130405957843#trexr3.com.sapmarkets.isa.services.schedulerservice.persistence.jdo.DataBaseJobStore#sap.com/crm.trexr3#trexr3.com.sapmarkets.isa.services.schedulerservice.persistence.jdo.DataBaseJobStore#J2EE_ADMIN#530##obtdev3_O09_94105150#Guest#8a2bbd20444711da932c001321fd6213#Thread[SchedulerThread,5,SAPEngine_Application_Thread[impl:3]_Group]##0#0#Info#1#/System/Scheduler/JobStore#Plain###With in the acquireLockForNextAvailableJob DataStore#
#1.5#001321FD6213005D0000907200001CB00004041925916735#1130405957953#trexr3.com.sapmarkets.isa.services.schedulerservice.SchedulerThread#sap.com/crm.trexr3#trexr3.com.sapmarkets.isa.services.schedulerservice.SchedulerThread#J2EE_ADMIN#530##obtdev3_O09_94105150#Guest#8a2bbd20444711da932c001321fd6213#Thread[SchedulerThread,5,SAPEngine_Application_Thread[impl:3]_Group]##0#0#Info#1#/System/Scheduler#Plain###Acquired the job null#
#1.5#001321FD6213005D0000907300001CB0000404192591688D#1130405957953#trexr3.com.sapmarkets.isa.services.schedulerservice.SchedulerThread#sap.com/crm.trexr3#trexr3.com.sapmarkets.isa.services.schedulerservice.SchedulerThread#J2EE_ADMIN#530##obtdev3_O09_94105150#Guest#8a2bbd20444711da932c001321fd6213#Thread[SchedulerThread,5,SAPEngine_Application_Thread[impl:3]_Group]##0#0#Info#1#/System/Scheduler#Plain###Did not find any job.So, Waiting for sometime for the next job#
#1.5#001321FD621300650000120E00001CB00004041925C953D7#1130405961625#com.sap.aii.af.sample.adapter.ra.SPIManagedConnectionFactory##com.sap.aii.af.sample.adapter.ra.SPIManagedConnectionFactory.XIManagedConnectionFactoryController.run()######04d7f690469311da8d52001321fd6213#Thread[Thread-114,5,SAPEngine_System_Thread[impl:5]_Group]##0#0#Debug#1#/Applications/ExchangeInfrastructure/AdapterFramework/ThirdPartyRoot/comsap/Server/Adapter Framework#Java###MCF with GUID is running. (,)#3#964bfca0444711dabb51001321fd6213#com.sap.engine.services.deploy.server.ApplicationLoader@1586c77#964bfca0444711dabb51001321fd6213#
#1.5#001321FD6213005D0000907400001CB000040419275B24FC#1130405987953#trexr3.com.sapmarkets.isa.services.schedulerservice.SchedulerThread#sap.com/crm.trexr3#trexr3.com.sapmarkets.isa.services.schedulerservice.SchedulerThread#J2EE_ADMIN#530##obtdev3_O09_94105150#Guest#8a2bbd20444711da932c001321fd6213#Thread[SchedulerThread,5,SAPEngine_Application_Thread[impl:3]_Group]##0#0#Info#1#/System/Scheduler#Plain###within the infinite of the Scheduler Thread#
#1.5#001321FD6213005D0000907500001CB000040419275B25D9#1130405987953#trexr3.com.sapmarkets.isa.services.schedulerservice.persistence.jdo.DataBaseJobStore#sap.com/crm.trexr3#trexr3.com.sapmarkets.isa.services.schedulerservice.persistence.jdo.DataBaseJobStore#J2EE_ADMIN#530##obtdev3_O09_94105150#Guest#8a2bbd20444711da932c001321fd6213#Thread[SchedulerThread,5,SAPEngine_Application_Thread[impl:3]_Group]##0#0#Info#1#/System/Scheduler/JobStore#Plain###With in the acquireLockForNextAvailableJob DataStore#
#1.5#001321FD6213005D0000907600001CB000040419275B2E27#1130405987953#trexr3.com.sapmarkets.isa.services.schedulerservice.SchedulerThread#sap.com/crm.trexr3#trexr3.com.sapmarkets.isa.services.schedulerservice.SchedulerThread#J2EE_ADMIN#530##obtdev3_O09_94105150#Guest#8a2bbd20444711da932c001321fd6213#Thread[SchedulerThread,5,SAPEngine_Application_Thread[impl:3]_Group]##0#0#Info#1#/System/Scheduler#Plain###Acquired the job null#
#1.5#001321FD6213005D0000907700001CB000040419275B2EFA#1130405987953#trexr3.com.sapmarkets.isa.services.schedulerservice.SchedulerThread#sap.com/crm.trexr3#trexr3.com.sapmarkets.isa.services.schedulerservice.SchedulerThread#J2EE_ADMIN#530##obtdev3_O09_94105150#Guest#8a2bbd20444711da932c001321fd6213#Thread[SchedulerThread,5,SAPEngine_Application_Thread[impl:3]_Group]##0#0#Info#1#/System/Scheduler#Plain###Did not find any job.So, Waiting for sometime for the next job#
#1.5#001321FD6213005D0000907800001CB0000404192924ED59#1130406017953#trexr3.com.sapmarkets.isa.services.schedulerservice.SchedulerThread#sap.com/crm.trexr3#trexr3.com.sapmarkets.isa.services.schedulerservice.SchedulerThread#J2EE_ADMIN#530##obtdev3_O09_94105150#Guest#8a2bbd20444711da932c001321fd6213#Thread[SchedulerThread,5,SAPEngine_Application_Thread[impl:3]_Group]##0#0#Info#1#/System/Scheduler#Plain###within the infinite of the Scheduler Thread#
#1.5#001321FD6213005D0000907900001CB0000404192924EE36#1130406017953#trexr3.com.sapmarkets.isa.services.schedulerservice.persistence.jdo.DataBaseJobStore#sap.com/crm.trexr3#trexr3.com.sapmarkets.isa.services.schedulerservice.persistence.jdo.DataBaseJobStore#J2EE_ADMIN#530##obtdev3_O09_94105150#Guest#8a2bbd20444711da932c001321fd6213#Thread[SchedulerThread,5,SAPEngine_Application_Thread[impl:3]_Group]##0#0#Info#1#/System/Scheduler/JobStore#Plain###With in the acquireLockForNextAvailableJob DataStore#
#1.5#001321FD6213005D0000907A00001CB0000404192924F652#1130406017953#trexr3.com.sapmarkets.isa.services.schedulerservice.SchedulerThread#sap.com/crm.trexr3#trexr3.com.sapmarkets.isa.services.schedulerservice.SchedulerThread#J2EE_ADMIN#530##obtdev3_O09_94105150#Guest#8a2bbd20444711da932c001321fd6213#Thread[SchedulerThread,5,SAPEngine_Application_Thread[impl:3]_Group]##0#0#Info#1#/System/Scheduler#Plain###Acquired the job null#
#1.5#001321FD6213005D0000907B00001CB0000404192924F710#1130406017953#trexr3.com.sapmarkets.isa.services.schedulerservice.SchedulerThread#sap.com/crm.trexr3#trexr3.com.sapmarkets.isa.services.schedulerservice.SchedulerThread#J2EE_ADMIN#530##obtdev3_O09_94105150#Guest#8a2bbd20444711da932c001321fd6213#Thread[SchedulerThread,5,SAPEngine_Application_Thread[impl:3]_Group]##0#0#Info#1#/System/Scheduler#Plain###Did not find any job.So, Waiting for sometime for the next job#
#1.5#001321FD621300650000120F00001CB000040419295CCD8B#1130406021625#com.sap.aii.af.sample.adapter.ra.SPIManagedConnectionFactory##com.sap.aii.af.sample.adapter.ra.SPIManagedConnectionFactory.XIManagedConnectionFactoryController.run()######04d7f690469311da8d52001321fd6213#Thread[Thread-114,5,SAPEngine_System_Thread[impl:5]_Group]##0#0#Debug#1#/Applications/ExchangeInfrastructure/AdapterFramework/ThirdPartyRoot/comsap/Server/Adapter Framework#Java###MCF with GUID is running. (,)#3#964bfca0444711dabb51001321fd6213#com.sap.engine.services.deploy.server.ApplicationLoader@1586c77#964bfca0444711dabb51001321fd6213#
#1.5#001321FD6213005D0000907C00001CB0000404192AEEB1E2#1130406047953#trexr3.com.sapmarkets.isa.services.schedulerservice.SchedulerThread#sap.com/crm.trexr3#trexr3.com.sapmarkets.isa.services.schedulerservice.SchedulerThread#J2EE_ADMIN#530##obtdev3_O09_94105150#Guest#8a2bbd20444711da932c001321fd6213#Thread[SchedulerThread,5,SAPEngine_Application_Thread[impl:3]_Group]##0#0#Info#1#/System/Scheduler#Plain###within the infinite of the Scheduler Thread#
#1.5#001321FD6213005D0000907D00001CB0000404192AEEB2C0#1130406047953#trexr3.com.sapmarkets.isa.services.schedulerservice.persistence.jdo.DataBaseJobStore#sap.com/crm.trexr3#trexr3.com.sapmarkets.isa.services.schedulerservice.persistence.jdo.DataBaseJobStore#J2EE_ADMIN#530##obtdev3_O09_94105150#Guest#8a2bbd20444711da932c001321fd6213#Thread[SchedulerThread,5,SAPEngine_Application_Thread[impl:3]_Group]##0#0#Info#1#/System/Scheduler/JobStore#Plain###With in the acquireLockForNextAvailableJob DataStore#
#1.5#001321FD6213005D0000907E00001CB0000404192AEEBAD8#1130406047968#trexr3.com.sapmarkets.isa.services.schedulerservice.SchedulerThread#sap.com/crm.trexr3#trexr3.com.sapmarkets.isa.services.schedulerservice.SchedulerThread#J2EE_ADMIN#530##obtdev3_O09_94105150#Guest#8a2bbd20444711da932c001321fd6213#Thread[SchedulerThread,5,SAPEngine_Application_Thread[impl:3]_Group]##0#0#Info#1#/System/Scheduler#Plain###Acquired the job null#
#1.5#001321FD6213005D0000907F00001CB0000404192AEEBB9E#1130406047968#trexr3.com.sapmarkets.isa.services.schedulerservice.SchedulerThread#sap.com/crm.trexr3#trexr3.com.sapmarkets.isa.services.schedulerservice.SchedulerThread#J2EE_ADMIN#530##obtdev3_O09_94105150#Guest#8a2bbd20444711da932c001321fd6213#Thread[SchedulerThread,5,SAPEngine_Application_Thread[impl:3]_Group]##0#0#Info#1#/System/Scheduler#Plain###Did not find any job.So, Waiting for sometime for the next job#

SSO doesn't work with Xcelsius using QAAWS, outside Infoview

Hi,
We have some xcelsius dashboards using QAAWS to retrieve data from database
I would like to know whether SSO works with xcelsius dashboards using QAAWS outside infoview.Currently we get login screen to enter username/password.we are using Windows AD as the authentication type in the environment.

You got it right. Within the InfoView, your Xcelsius-swf gets the CELogonToken as a parameter field to authenticate against the data for example. If you access another Xcelsius-Dashboard from within a swf you can even pass the LogonToken on.
Using dashboard and QaaWS outside of InfoView, the user will have to enter username and password before the data is fetched. At least that is the way it works here.
Regards,
Peter

How to work with BI using Visual Composer....?

Hi
I want to work with BI report and BEx analyzer etc using Visual Composer.
I am using Visual Composer 7.1. I have configured BI system connection using the following link
http://help.sap.com/saphelp_nwce10/helpdata/en/7e/6dbcea3700452195e3bddaa47c5906/frameset.htm.
In the above document i didnt understand the following para....
Creating BI Users in the Portal
Ensure that the BI back-end users also exist in the J2EE Engine. You can use the BI back end as the user store for the J2EE Engine or you can create the users manually. If you create the users manually, you should ensure that they have the same names as in the BI back-end; this avoids the need to configure user assignment.
How to check BI back end user also exist in J2EE engine ?
How to use BI kit in Visual composer. From where can i download BI kit for Visual Composer.
What is the difference between developing application in VC using the above method and using BI kit.
Please help me....
Regards
Sowmya....

Hi,
Without the BI kit you cannot do a lot of things in VC 7.1.
This kit is not available with 7.1.
The part that you did not understand meant that if you opening VC using a certain id in portal for eg "user" then the same id should be present in your backend system in this case BW system.
Without this it wont be able to connect to the system.
Hope this helps
Regards
Nikhil.
Reward points if you find the answer helpful

Flash player not working with Facebook using IE 11

I got a new computer windows 8.1 but flash player wont work with facebook; it keeps telling me to install flashplayer. It is installed. I verified that it is enable in add-ons and also Active x is turned off. still wont play videos from facebook. version 15 of flash player. using internet explorer version 11

You'll probably need to add Facebook to compatibility mode:
Fix site display problems with Compatibility View - Windows Help

Working with Guides using ActionScript in Photoshop

I am facing some troubles when working with Guides in Photoshop (AS/Flash extension)
Let's create guides showinglayer bounds:
                var bounds:Array = activeDocument.activeLayer.bounds;
                var guide_a:Guide = activeDocument.guides.add(Direction.VERTICAL, bounds[0]);
                var guide_b:Guide = activeDocument.guides.add(Direction.HORIZONTAL, bounds[1]);
                var guide_c:Guide = activeDocument.guides.add(Direction.VERTICAL, bounds[2]);
                var guide_d:Guide = activeDocument.guides.add(Direction.HORIZONTAL, bounds[3]);
This works fine. Layer bounds are marked correctly.
If I try to remove individual guides, I am facing an issue:
                guide_a.remove();
                guide_b.remove();
                guide_c.remove();
                guide_d.remove();
PS starts throwing strange errors:
Error: General Photoshop error occurred. This functionality may not be available in this version of Photoshop.
- The object "guide 8 of document 35" is not currently available.
It is not clear, what document 35 really means (it is not name of actual document .. internal name?). Also interesting that remove() is not availabel in JavaScript API's.
Also if I try to bind on "coordinate" property of Bound, no changes seems to be propagated.
Any idea?
Thanks,
--Petr

Yes it definitely looks like there is a problem with the reference returned by add(). Looks like you can work around it though by getting the guide by reference immediately after adding it using the known index.
For your question about events. The easiest way to see if there is some event you can listen for is to use the ScriptListener in Photoshop. With that, you can quickly see whether or not an event fires when you expect (there may not be one available to scripting). Once you know the event fires, you can add the handler, using this as a reference: http://cssdk.host.adobe.com/sdk/1.0/docs/WebHelp/app_notes/photoshop.htm.
I don't see a clear way to check the visibility of guides. Although there may be some magic you can do using descriptors. Maybe we'll get some help from a real Photoshop scripting expert
Zak

Can the Cisco 7942 phones work with Broadsoft using SIP

We have a few 7960 phones working with Broadsoft but we are having issues getting the 7942 phones to work. Is anyone using the 7942 with Broadsoft?

You can try and use the following guidelines but they natively are not supposed to support third party call control systems.
http://www.asterisk-peru.com/node/2227
http://www.888voip.com/configuring-cisco-7975-ip-phones-for-sip/

Proxy authentication doesn't work with JSSE

Hello,
Seems like there is no common way to authenticate with proxy for HTTP and HTTPS.
Connecting to http://... - works fine, but https://... returns error message:
Unable to tunnel through 111.111.111.111:8080. Proxy returns "HTTP/1.0 407 Proxy Authentication Required"
(IP address is intentionally changed in the message above)
I'm using JSSE with VAJ JDK 1.2 and here is a Java code snippet that works well with HTTP connections:
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.setProperty("java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol");
System.setProperty("https.proxyHost", proxyHost);
System.setProperty("https.proxyPort", proxyPort);
System.setProperty("http.proxyHost", proxyHost);
System.setProperty("http.proxyPort", proxyPort);
try {
URL url = new URL("https://www.sun.com");
URLConnection connection = url.openConnection();
String authString = proxyUserID + ":" + proxyPasswd;
String encodedAuthString =
"Basic " + new sun.misc.BASE64Encoder().encode(authString.getBytes());
connection.setUseCaches(false);
connection.setRequestProperty("Proxy-authorization", encodedAuthString);
Listening to the network traffic helped me to understand that there is a difference between the way HTTP and HTTPS is handled. For some reason HTTPS ignores all the headers that I specify using setRequestProperty().
Here is example of request and responses sent by HTTPS handler:
Request:
CONNECT 198.175.98.32:443 HTTP/1.0
User-Agent: JSSE
Proxy response:
HTTP/1.0 407 Proxy Authentication Required
Date: Wed, 07 Nov 2001 22:04:11 GMT
Content-Length: 233
Content-Type: text/html
Server: NetCache (NetApp/5.1R2D4)
Proxy-Authenticate: basic realm="NETCACHE2"
Please note that there is no Proxy-authorization header in the request above.
Compare it with HTTPS request sent by Netscape browser:
Request to proxy:
CONNECT www.sun.com:443 HTTP/1.0
Proxy-authorization: Basic am0vbDphrGxHa22lLg==
User-Agent: Mozilla/4.76 [en] (Windows NT 5.0; U)
Response:
HTTP/1.0 200 Connection established
Proxy-Agent: NetCache NetApp/5.1R2D4
So, the question is:
What is the best way to pass "Proxy-authorization" header to proxy server??
Thanks in advance for your time.

Hi Guys,
Just like, i assume, all of you, i've had my battles with javas' handling of https comms from behind a firewall. I'm actually amazed at how something that is a simple combination of protocol and security should become so messy.
Luckily , i managed to get all my requirements met, but the sad thing is after all that hard work, i'm not much closer to understanding why the standard java sdk (im using 1.4) forces us to endure such painful tasks.
Really, Java is quite a mature language now, and one of its touted benefits is its applicability to web and internet technologies... so why the messy proxy code when dealing with ssl?
Anyway, i didn't really come here to b**tch, but rather to point you all to a handy library from apache - httpClient - http://jakarta.apache.org/commons/httpclient.
After implementing ssl proxy tunnelling and all the fun that goes with it, i found this tool, and subsequently deleted all that ugly code, and let http client deal with all that for me.
Its seriously simple, heres a snippet:
httpClient = new HttpClient();
httpClient.setTimeout(responseTimeoutMillies);
Protocol myHttps = new Protocol("https", new SSLContextBasedSocketFactory(sslContext), targetServerPort);
httpClient.getHostConfiguration().setHost(targetServerHost, targetServerPort, myHttps);
if (useProxy)
     httpClient.getHostConfiguration().setProxy(proxyHost, proxyPort);
        httpClient.getState().setProxyCredentials("my-proxy-realm", proxyHost, new UsernamePasswordCredentials(proxyUser, proxyPassword));
}This initialises the client, and after this, making http requests is simple:
String response = null;
PostMethod postMethod = new PostMethod("/secure/blah.jsp"); // A HTTP Post
postMethod.setRequestBody("Hello there"); // this is the data in the http post body
int responseCode = httpClient.executeMethod(postMethod);
if(responseCode == 200)
    response = postMethod.getResponseBody();...
As you can see, its alot less painful. It certainly makes me feel better, knowing i don't have to support/maintain the ugly proxy tunnelling code. Give it a shot on your next project.
Hope it helps.
Regards
Marcus Eaton

Proxy authorization doesn't work with JSSE 1.02

Hello,
Seems like there is no common way to authenticate with proxy for HTTP and HTTPS.
Connecting to http://... - works fine, but https://... returns error message:
Unable to tunnel through 111.111.111.111:8080. Proxy returns "HTTP/1.0 407 Proxy Authentication Required"
(IP address is intentionally changed in the message above)
I'm using JSSE with VAJ JDK 1.2 and here is a Java code snippet that works well with HTTP connections:
     Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
     System.setProperty("java.protocol.handler.pkgs",
          "com.sun.net.ssl.internal.www.protocol");
     System.setProperty("https.proxyHost", proxyHost);
     System.setProperty("https.proxyPort", proxyPort);
     System.setProperty("http.proxyHost", proxyHost);
     System.setProperty("http.proxyPort", proxyPort);
     try {
          URL url = new URL("https://www.sun.com");
          URLConnection connection = url.openConnection();
          String authString = proxyUserID + ":" + proxyPasswd;
          String encodedAuthString =
               "Basic " + new sun.misc.BASE64Encoder().encode(authString.getBytes());
          connection.setUseCaches(false);
          connection.setRequestProperty("Proxy-authorization", encodedAuthString);
Listening to the network traffic helped me to understand that there is a difference between the way HTTP and HTTPS is handled. For some reason HTTPS ignores all the headers that I specify using setRequestProperty().
Here is example of request and responses sent by HTTPS handler:
Request:
CONNECT 198.175.98.32:443 HTTP/1.0
User-Agent: JSSE
Proxy response:
HTTP/1.0 407 Proxy Authentication Required
Date: Wed, 07 Nov 2001 22:04:11 GMT
Content-Length: 233
Content-Type: text/html
Server: NetCache (NetApp/5.1R2D4)
Proxy-Authenticate: basic realm="NETCACHE2"
Please note that there is no Proxy-authorization header in the request above.
Compare it with HTTPS request sent by Netscape browser:
Request to proxy:
CONNECT www.sun.com:443 HTTP/1.0
Proxy-authorization: Basic am0vbDphrGxHa22lLg==
User-Agent: Mozilla/4.76 [en] (Windows NT 5.0; U)
Response:
HTTP/1.0 200 Connection established
Proxy-Agent: NetCache NetApp/5.1R2D4
So, the question is:
What is the best way to pass "Proxy-authorization" header to proxy server??
Thanks in advance for your time.

Hi, I am also facing same problem
Software : Weblogic jdk1.3.1
If anyone know the solution ,Please help me
Thanks,
Suneel

Can't get networkmanager working with openvpn (using static key)

I'm trying to configure networkmanager to open up my VPN connection - using the static/preshared key method - but no dice. (Although I'm able to connect just fine using openvpn from the command line) Anyone been able to get this to work and/or have some suggestions?
I've installed the packages networkmanager, networkmanager-openvpn, and nm-applet. I run nm-applet, and configure the connection, but when I try to launch the connection, it fails. Log file reads as follows:
Oct 28 16:43:56 daroselin NetworkManager: <info> Starting VPN service 'org.freedesktop.NetworkManager.openvpn'...
Oct 28 16:43:56 daroselin NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 19131
Oct 28 16:43:56 daroselin NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.openvpn' just appeared, activating connections
Oct 28 16:43:56 daroselin NetworkManager: <info> VPN plugin state changed: 1
Oct 28 16:43:56 daroselin NetworkManager: <info> VPN plugin state changed: 3
Oct 28 16:43:56 daroselin nm-openvpn[19133]: OpenVPN 2.1_rc20 x86_64-unknown-linux-gnu [SSL] [LZO2] [EPOLL] built on Oct 18 2009
Oct 28 16:43:56 daroselin nm-openvpn[19133]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Oct 28 16:43:56 daroselin nm-openvpn[19133]: LZO compression initialized
Oct 28 16:43:56 daroselin kernel: tun0: Disabled Privacy Extensions
Oct 28 16:43:56 daroselin nm-openvpn[19133]: TUN/TAP device tun0 opened
Oct 28 16:43:56 daroselin nm-openvpn[19133]: /sbin/ifconfig tun0 10.1.0.2 pointopoint 10.1.0.1 mtu 1500
Oct 28 16:43:56 daroselin NetworkManager: <info> VPN connection 'DARSYS VPN' (Connect) reply received.
Oct 28 16:43:56 daroselin NetworkManager: <info> VPN plugin failed: 2
Oct 28 16:43:56 daroselin nm-openvpn[19133]: /usr/libexec/nm-openvpn-service-openvpn-helper tun0 1500 1545 10.1.0.2 10.1.0.1 init
Oct 28 16:43:56 daroselin nm-openvpn[19133]: Exiting
Oct 28 16:43:56 daroselin NetworkManager: <info> VPN plugin failed: 1
Oct 28 16:43:56 daroselin NetworkManager: <info> VPN plugin state changed: 6
Oct 28 16:43:56 daroselin NetworkManager: <info> VPN plugin state change reason: 0
Oct 28 16:43:56 daroselin NetworkManager: <WARN> connection_state_changed(): Could not process the request because no VPN connection was active.
Oct 28 16:43:56 daroselin NetworkManager: <info> Policy set 'Auto eth0' (eth0) as default for routing and DNS.
Suspiciously, it never seems to try to open a connection to the gateway. (Note that the gateway's IP address never appears in the log entries.)
I've configured the connection in nm-applet as follows:
Gateway: <internet IP address of the gateway/server I'm trying to VPN into>
Type: Static Key
Static Key: <the static key file>
Key direction: none
Remote IP address: 10.1.0.1
Local IP address: 10.1.0.2
When I launch openvpn from the command line, the conf file reads as follows:
[darose@daroselin ca]$ cat /etc/openvpn/static-client.conf
# Sample OpenVPN configuration file for
# office using a pre-shared static key.
# '#' or ';' may be used to delimit comments.
# Use a dynamic tun device.
# For Linux 2.2 or non-Linux OSes,
# you may want to use an explicit
# unit number such as "tun1".
# OpenVPN also supports virtual
# ethernet "tap" devices.
dev tun
remote <internet IP address of the gateway/server I'm trying to VPN into>
# 10.1.0.1 is our local VPN endpoint (office).
# 10.1.0.2 is our remote VPN endpoint (home).
ifconfig 10.1.0.2 10.1.0.1
# Our up script will establish routes
# once the VPN is alive.
; up ./office.up
#up ./client.up
route 10.0.0.0 255.255.255.0 10.1.0.1
# Our pre-shared static key
secret static.key
# OpenVPN 2.0 uses UDP port 1194 by default
# (official port assignment by iana.org 11/04).
# OpenVPN 1.x uses UDP port 5000 by default.
# Each OpenVPN tunnel must use
# a different port number.
# lport or rport can be used
# to denote different ports
# for local and remote.
; port 1194
# Downgrade UID and GID to
# "nobody" after initialization
# for extra security.
#user nobody
#group nobody
# If you built OpenVPN with
# LZO compression, uncomment
# out the following line.
comp-lzo
# Send a UDP ping to remote once
# every 15 seconds to keep
# stateful firewall connection
# alive. Uncomment this
# out if you are using a stateful
# firewall.
; ping 15
# Uncomment this section for a more reliable detection when a system
# loses its connection. For example, dial-ups or laptops that
# travel to other locations.
; ping 15
ping 10
; ping-restart 45
ping-restart 120
;keepalive 10 60
ping-timer-rem
persist-tun
persist-key
# Verbosity level.
# 0 -- quiet except for fatal errors.
# 1 -- mostly quiet, but display non-fatal network errors.
# 3 -- medium output, good for normal operation.
# 9 -- verbose, good for troubleshooting
verb 3
#verb 9
Anyone have any idea what the problem might be here?

If anyone's curious, I opened an upstream bug about this:
https://bugzilla.gnome.org/show_bug.cgi?id=606998

I can't get my iPhone to work with projector using keynote.

I've tried using my iPad with the same projector and same presentation. It works. But, my notes (massive amount of notes, not conducive to keynotes presenter notes) need to be on my iPad, so I would love to setup my iPad as the remote, and the iPhone as the presentation host via a VGA into the projector. So far no luck. Any suggestions?

I don't think there's any way to do that - to control one iOS device with another.

IOS 8 Safari not working with sites using Windows Authentication (again)

A testbed of iPhones and iPads were updated to iOS 8 today. When trying to access intranet sites in our company that use Windows (IIS) Authentication, it challenges for the login and password 2 or 3 times, then nothing - just hangs. These sites work fine on iOS 7 devices - and worked on the same devices that were upgraded.
Windows Authentication was broken in iOS 7.0 also and not fixed until a later update. Why does this keep getting broken?

This was a thread that discussed this when it was broken in iOS 7.0...
https://discussions.apple.com/thread/5327078?start=0&tstart=0
I just tested with Chrome on the iPhone upgraded to iOS 8 and it works fine. It is Safari that is broken again.
Of course, Apple won't give us a way to make Chrome the default browser when links are clicked in emails, so it's not exactly a solution.

Working with Multithred and Multi UUT

Hello ,
I have a problem in my software , I working on a Device that checks Serveral UUT's In an Oven .
I am useing a Lock to control on each UUT which checked in his own time .
My problem is the at start its starts with random nubmber while i want to start from socket number 0 .
I know theres an option to control the current socket number , can some one direct me where is it ?
and if only Init it to 0 when the program starts will do the job ?
Thank U .
Kobi Kalif
Software Engineer
Solved!
Go to Solution.

You are right thats what i'm using , the code ( in macro view ) looks like that :
Create Lock (Label 1)
Lock (Label 1)
code working on all UUT's
Release Lock (Label 1)
The problem is there are 30 UUT's and when the code starts it starts from a random socket instead of 0 , 1, 2 ,3 ,4 ....... 30
I want to keep the order of the sockets so it will always run in that order ( 0 , 1 .... 30 )
Maybe there is a Variable that control the current socket ? or something like that ?
Kobi Kalif
Software Engineer

Can I work with HTML using my Mac?

I have a Mac Pro. I'm trying to work on my school website and everything is working, but I am having trouble with the text portion. When I click on "edit content" (to write a message) a new window pops up, but it's completely blank. There is no place to type and there is nothing to select, so I just "x" out of it. The website is Microsoft and it uses HTML text. Is there anyway I can fix this problem, so that I can type and edit content? I've tried everything I know to do and run every update. Any ideas/suggestions are very much appreciated. THANK YOU SO MUCH!!!

CATIA is only available in windows, so you'll have to install windows though bootcamp

Working with JSSE using multi-purpose keystore

Similar Messages

Maybe you are looking for