Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[jetty-users] jetty 9.3.0 preemptive basic authentication with ssl

I have installed Jetty 9.3.0.v20150612 and a web app.  I access the web app with Apache http client (4.3.5, http 1.1) using SSL with pre-emptive basic authentication.  When I do not enable http2 in my jetty start.ini everything works.  When I enable http2 the client does not work and returns a 'Garbage in response: invalid preface' message.  When I use a browser based rest client (postman extension in Chrome) then the request does work (with jetty http2 enabled) and my jetty request log indicates http 2.0 is being used.

** apache client non-working (with http2) **
2015/06/22 10:34:51:018 MDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
2015/06/22 10:34:51:028 MDT [DEBUG] RequestAuthCache - Re-using cached 'basic' auth scheme for https://bentek.ca:443
2015/06/22 10:34:51:029 MDT [DEBUG] PoolingHttpClientConnectionManager - Connection request: [route: {s}->https://bentek.ca:443][total kept alive: 0; route allocated: 0 of 2; total allocated: 0 of 20]
2015/06/22 10:34:51:041 MDT [DEBUG] PoolingHttpClientConnectionManager - Connection leased: [id: 0][route: {s}->https://bentek.ca:443][total kept alive: 0; route allocated: 1 of 2; total allocated: 1 of 20]
2015/06/22 10:34:51:042 MDT [DEBUG] MainClientExec - Opening connection {s}->https://bentek.ca:443
2015/06/22 10:34:51:047 MDT [DEBUG] HttpClientConnectionOperator - Connecting to bentek.ca/45.40.133.81:443
2015/06/22 10:34:51:590 MDT [DEBUG] HttpClientConnectionOperator - Connection established 192.168.1.187:50816<->45.40.133.81:443
2015/06/22 10:34:51:590 MDT [DEBUG] MainClientExec - Executing request GET /devices?type=sat100 HTTP/1.1
2015/06/22 10:34:51:591 MDT [DEBUG] MainClientExec - Target auth state: CHALLENGED
2015/06/22 10:34:51:595 MDT [DEBUG] MainClientExec - Proxy auth state: UNCHALLENGED
2015/06/22 10:34:51:597 MDT [DEBUG] headers - http-outgoing-0 >> GET /devices?type=sat100 HTTP/1.1
2015/06/22 10:34:51:597 MDT [DEBUG] headers - http-outgoing-0 >> Accept: application/xml
2015/06/22 10:34:51:597 MDT [DEBUG] headers - http-outgoing-0 >> Host: bentek.ca:443
2015/06/22 10:34:51:597 MDT [DEBUG] headers - http-outgoing-0 >> Connection: Keep-Alive
2015/06/22 10:34:51:597 MDT [DEBUG] headers - http-outgoing-0 >> User-Agent: Apache-HttpClient/4.3.5 (java 1.5)
2015/06/22 10:34:51:598 MDT [DEBUG] headers - http-outgoing-0 >> Accept-Encoding: gzip,deflate
2015/06/22 10:34:51:598 MDT [DEBUG] headers - http-outgoing-0 >> Authorization: Basic YnllZTo3Nzcx
2015/06/22 10:34:51:708 MDT [DEBUG] DefaultHttpResponseParser - Garbage in response: invalid_preface
2015/06/22 10:34:51:709 MDT [DEBUG] DefaultManagedHttpClientConnection - http-outgoing-0: Close connection
2015/06/22 10:34:51:709 MDT [DEBUG] DefaultManagedHttpClientConnection - http-outgoing-0: Shutdown connection
2015/06/22 10:34:51:710 MDT [DEBUG] MainClientExec - Connection discarded
2015/06/22 10:34:51:710 MDT [DEBUG] DefaultManagedHttpClientConnection - http-outgoing-0: Close connection
2015/06/22 10:34:51:710 MDT [DEBUG] PoolingHttpClientConnectionManager - Connection released: [id: 0][route: {s}->https://bentek.ca:443][total kept alive: 0; route allocated: 0 of 2; total allocated: 0 of 20]

** apache client working (without http2) **
2015/06/22 10:55:01:538 MDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
2015/06/22 10:55:01:538 MDT [DEBUG] RequestAuthCache - Re-using cached 'basic' auth scheme for https://bentek.ca:443
2015/06/22 10:55:01:538 MDT [DEBUG] PoolingHttpClientConnectionManager - Connection request: [route: {s}->https://bentek.ca:443][total kept alive: 0; route allocated: 0 of 2; total allocated: 0 of 20]
2015/06/22 10:55:01:538 MDT [DEBUG] PoolingHttpClientConnectionManager - Connection leased: [id: 2][route: {s}->https://bentek.ca:443][total kept alive: 0; route allocated: 1 of 2; total allocated: 1 of 20]
2015/06/22 10:55:01:538 MDT [DEBUG] MainClientExec - Opening connection {s}->https://bentek.ca:443
2015/06/22 10:55:01:539 MDT [DEBUG] HttpClientConnectionOperator - Connecting to bentek.ca/45.40.133.81:443
2015/06/22 10:55:02:103 MDT [DEBUG] HttpClientConnectionOperator - Connection established 192.168.1.187:51449<->45.40.133.81:443
2015/06/22 10:55:02:104 MDT [DEBUG] MainClientExec - Executing request GET /devices?type=sat100 HTTP/1.1
2015/06/22 10:55:02:104 MDT [DEBUG] MainClientExec - Target auth state: CHALLENGED
2015/06/22 10:55:02:104 MDT [DEBUG] MainClientExec - Proxy auth state: UNCHALLENGED
2015/06/22 10:55:02:104 MDT [DEBUG] headers - http-outgoing-2 >> GET /devices?type=sat100 HTTP/1.1
2015/06/22 10:55:02:105 MDT [DEBUG] headers - http-outgoing-2 >> Accept: application/xml
2015/06/22 10:55:02:105 MDT [DEBUG] headers - http-outgoing-2 >> Host: bentek.ca:443
2015/06/22 10:55:02:105 MDT [DEBUG] headers - http-outgoing-2 >> Connection: Keep-Alive
2015/06/22 10:55:02:105 MDT [DEBUG] headers - http-outgoing-2 >> User-Agent: Apache-HttpClient/4.3.5 (java 1.5)
2015/06/22 10:55:02:105 MDT [DEBUG] headers - http-outgoing-2 >> Accept-Encoding: gzip,deflate
2015/06/22 10:55:02:105 MDT [DEBUG] headers - http-outgoing-2 >> Authorization: Basic YnllZTo3Nzcx
2015/06/22 10:55:02:234 MDT [DEBUG] headers - http-outgoing-2 << HTTP/1.1 302 Found
2015/06/22 10:55:02:235 MDT [DEBUG] headers - http-outgoing-2 << Location: https://bentek.ca/devices/?type=sat100
2015/06/22 10:55:02:235 MDT [DEBUG] headers - http-outgoing-2 << Content-Length: 0
2015/06/22 10:55:02:235 MDT [DEBUG] headers - http-outgoing-2 << Server: Jetty(9.3.0.v20150612)
2015/06/22 10:55:02:235 MDT [DEBUG] MainClientExec - Connection can be kept alive indefinitely
2015/06/22 10:55:02:235 MDT [DEBUG] HttpAuthenticator - Authentication succeeded
2015/06/22 10:55:02:235 MDT [DEBUG] DefaultRedirectStrategy - Redirect requested to location 'https://bentek.ca/devices/?type=sat100'
2015/06/22 10:55:02:236 MDT [DEBUG] RedirectExec - Resetting target auth state
2015/06/22 10:55:02:236 MDT [DEBUG] RedirectExec - Redirecting to 'https://bentek.ca/devices/?type=sat100' via {s}->https://bentek.ca:443
2015/06/22 10:55:02:236 MDT [DEBUG] PoolingHttpClientConnectionManager - Connection [id: 2][route: {s}->https://bentek.ca:443] can be kept alive indefinitely
2015/06/22 10:55:02:237 MDT [DEBUG] PoolingHttpClientConnectionManager - Connection released: [id: 2][route: {s}->https://bentek.ca:443][total kept alive: 1; route allocated: 1 of 2; total allocated: 1 of 20]
2015/06/22 10:55:02:237 MDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
2015/06/22 10:55:02:237 MDT [DEBUG] RequestAuthCache - Re-using cached 'basic' auth scheme for https://bentek.ca:443
2015/06/22 10:55:02:237 MDT [DEBUG] PoolingHttpClientConnectionManager - Connection request: [route: {s}->https://bentek.ca:443][total kept alive: 1; route allocated: 1 of 2; total allocated: 1 of 20]
2015/06/22 10:55:02:238 MDT [DEBUG] PoolingHttpClientConnectionManager - Connection leased: [id: 2][route: {s}->https://bentek.ca:443][total kept alive: 0; route allocated: 1 of 2; total allocated: 1 of 20]
2015/06/22 10:55:02:238 MDT [DEBUG] MainClientExec - Stale connection check
2015/06/22 10:55:02:239 MDT [DEBUG] MainClientExec - Executing request GET /devices/?type=sat100 HTTP/1.1
2015/06/22 10:55:02:239 MDT [DEBUG] MainClientExec - Target auth state: CHALLENGED
2015/06/22 10:55:02:239 MDT [DEBUG] MainClientExec - Proxy auth state: UNCHALLENGED
2015/06/22 10:55:02:239 MDT [DEBUG] headers - http-outgoing-2 >> GET /devices/?type=sat100 HTTP/1.1
2015/06/22 10:55:02:239 MDT [DEBUG] headers - http-outgoing-2 >> Accept: application/xml
2015/06/22 10:55:02:240 MDT [DEBUG] headers - http-outgoing-2 >> Host: bentek.ca
2015/06/22 10:55:02:240 MDT [DEBUG] headers - http-outgoing-2 >> Connection: Keep-Alive
2015/06/22 10:55:02:240 MDT [DEBUG] headers - http-outgoing-2 >> User-Agent: Apache-HttpClient/4.3.5 (java 1.5)
2015/06/22 10:55:02:240 MDT [DEBUG] headers - http-outgoing-2 >> Accept-Encoding: gzip,deflate
2015/06/22 10:55:02:240 MDT [DEBUG] headers - http-outgoing-2 >> Authorization: Basic YnllZTo3Nzcx
2015/06/22 10:55:04:142 MDT [DEBUG] headers - http-outgoing-2 << HTTP/1.1 200 OK
2015/06/22 10:55:04:143 MDT [DEBUG] headers - http-outgoing-2 << Content-Type: application/xml
2015/06/22 10:55:04:143 MDT [DEBUG] headers - http-outgoing-2 << Content-Length: 4697
2015/06/22 10:55:04:143 MDT [DEBUG] headers - http-outgoing-2 << Server: Jetty(9.3.0.v20150612)
2015/06/22 10:55:04:143 MDT [DEBUG] MainClientExec - Connection can be kept alive indefinitely
2015/06/22 10:55:04:144 MDT [DEBUG] HttpAuthenticator - Authentication succeeded
2015/06/22 10:55:04:144 MDT [DEBUG] PoolingHttpClientConnectionManager - Connection [id: 2][route: {s}->https://bentek.ca:443] can be kept alive indefinitely
2015/06/22 10:55:04:145 MDT [DEBUG] PoolingHttpClientConnectionManager - Connection released: [id: 2][route: {s}->https://bentek.ca:443][total kept alive: 1; route allocated: 1 of 2; total allocated: 1 of 20]


Back to the top