[jetty-users] jetty 9.3.0 preemptive basic authentication with ssl

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[jetty-users] jetty 9.3.0 preemptive basic authentication with ssl

From: Dale Meier <dale.meier@xxxxxxxxx>
Date: Mon, 22 Jun 2015 11:27:37 -0600
Delivered-to: jetty-users@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/jetty-users>
List-help: <mailto:jetty-users-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/options/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=unsubscribe>

I have installed Jetty 9.3.0.v20150612 and a web app. I access the web app with Apache http client (4.3.5, http 1.1) using SSL with pre-emptive basic authentication. When I do not enable http2 in my jetty start.ini everything works. When I enable http2 the client does not work and returns a 'Garbage in response: invalid preface' message. When I use a browser based rest client (postman extension in Chrome) then the request does work (with jetty http2 enabled) and my jetty request log indicates http 2.0 is being used.

** apache client non-working (with http2) **

2015/06/22 10:34:51:018 MDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match

2015/06/22 10:34:51:028 MDT [DEBUG] RequestAuthCache - Re-using cached 'basic' auth scheme for https://bentek.ca:443

2015/06/22 10:34:51:029 MDT [DEBUG] PoolingHttpClientConnectionManager - Connection request: [route: {s}->https://bentek.ca:443][total kept alive: 0; route allocated: 0 of 2; total allocated: 0 of 20]

2015/06/22 10:34:51:041 MDT [DEBUG] PoolingHttpClientConnectionManager - Connection leased: [id: 0][route: {s}->https://bentek.ca:443][total kept alive: 0; route allocated: 1 of 2; total allocated: 1 of 20]

2015/06/22 10:34:51:042 MDT [DEBUG] MainClientExec - Opening connection {s}->https://bentek.ca:443

2015/06/22 10:34:51:047 MDT [DEBUG] HttpClientConnectionOperator - Connecting to bentek.ca/45.40.133.81:443

2015/06/22 10:34:51:590 MDT [DEBUG] HttpClientConnectionOperator - Connection established 192.168.1.187:50816<->45.40.133.81:443

2015/06/22 10:34:51:590 MDT [DEBUG] MainClientExec - Executing request GET /devices?type=sat100 HTTP/1.1

2015/06/22 10:34:51:591 MDT [DEBUG] MainClientExec - Target auth state: CHALLENGED

2015/06/22 10:34:51:595 MDT [DEBUG] MainClientExec - Proxy auth state: UNCHALLENGED

2015/06/22 10:34:51:597 MDT [DEBUG] headers - http-outgoing-0 >> GET /devices?type=sat100 HTTP/1.1

2015/06/22 10:34:51:597 MDT [DEBUG] headers - http-outgoing-0 >> Accept: application/xml

2015/06/22 10:34:51:597 MDT [DEBUG] headers - http-outgoing-0 >> Host: bentek.ca:443

2015/06/22 10:34:51:597 MDT [DEBUG] headers - http-outgoing-0 >> Connection: Keep-Alive

2015/06/22 10:34:51:597 MDT [DEBUG] headers - http-outgoing-0 >> User-Agent: Apache-HttpClient/4.3.5 (java 1.5)

2015/06/22 10:34:51:598 MDT [DEBUG] headers - http-outgoing-0 >> Accept-Encoding: gzip,deflate

2015/06/22 10:34:51:598 MDT [DEBUG] headers - http-outgoing-0 >> Authorization: Basic YnllZTo3Nzcx

2015/06/22 10:34:51:708 MDT [DEBUG] DefaultHttpResponseParser - Garbage in response: invalid_preface

2015/06/22 10:34:51:709 MDT [DEBUG] DefaultManagedHttpClientConnection - http-outgoing-0: Close connection

2015/06/22 10:34:51:709 MDT [DEBUG] DefaultManagedHttpClientConnection - http-outgoing-0: Shutdown connection

2015/06/22 10:34:51:710 MDT [DEBUG] MainClientExec - Connection discarded

2015/06/22 10:34:51:710 MDT [DEBUG] DefaultManagedHttpClientConnection - http-outgoing-0: Close connection

2015/06/22 10:34:51:710 MDT [DEBUG] PoolingHttpClientConnectionManager - Connection released: [id: 0][route: {s}->https://bentek.ca:443][total kept alive: 0; route allocated: 0 of 2; total allocated: 0 of 20]

** apache client working (without http2) **

2015/06/22 10:55:01:538 MDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match

2015/06/22 10:55:01:538 MDT [DEBUG] RequestAuthCache - Re-using cached 'basic' auth scheme for https://bentek.ca:443

2015/06/22 10:55:01:538 MDT [DEBUG] PoolingHttpClientConnectionManager - Connection request: [route: {s}->https://bentek.ca:443][total kept alive: 0; route allocated: 0 of 2; total allocated: 0 of 20]

2015/06/22 10:55:01:538 MDT [DEBUG] PoolingHttpClientConnectionManager - Connection leased: [id: 2][route: {s}->https://bentek.ca:443][total kept alive: 0; route allocated: 1 of 2; total allocated: 1 of 20]

2015/06/22 10:55:01:538 MDT [DEBUG] MainClientExec - Opening connection {s}->https://bentek.ca:443

2015/06/22 10:55:01:539 MDT [DEBUG] HttpClientConnectionOperator - Connecting to bentek.ca/45.40.133.81:443

2015/06/22 10:55:02:103 MDT [DEBUG] HttpClientConnectionOperator - Connection established 192.168.1.187:51449<->45.40.133.81:443

2015/06/22 10:55:02:104 MDT [DEBUG] MainClientExec - Executing request GET /devices?type=sat100 HTTP/1.1

2015/06/22 10:55:02:104 MDT [DEBUG] MainClientExec - Target auth state: CHALLENGED

2015/06/22 10:55:02:104 MDT [DEBUG] MainClientExec - Proxy auth state: UNCHALLENGED

2015/06/22 10:55:02:104 MDT [DEBUG] headers - http-outgoing-2 >> GET /devices?type=sat100 HTTP/1.1

2015/06/22 10:55:02:105 MDT [DEBUG] headers - http-outgoing-2 >> Accept: application/xml

2015/06/22 10:55:02:105 MDT [DEBUG] headers - http-outgoing-2 >> Host: bentek.ca:443

2015/06/22 10:55:02:105 MDT [DEBUG] headers - http-outgoing-2 >> Connection: Keep-Alive

2015/06/22 10:55:02:105 MDT [DEBUG] headers - http-outgoing-2 >> User-Agent: Apache-HttpClient/4.3.5 (java 1.5)

2015/06/22 10:55:02:105 MDT [DEBUG] headers - http-outgoing-2 >> Accept-Encoding: gzip,deflate

2015/06/22 10:55:02:105 MDT [DEBUG] headers - http-outgoing-2 >> Authorization: Basic YnllZTo3Nzcx

2015/06/22 10:55:02:234 MDT [DEBUG] headers - http-outgoing-2 << HTTP/1.1 302 Found

2015/06/22 10:55:02:235 MDT [DEBUG] headers - http-outgoing-2 << Location: https://bentek.ca/devices/?type=sat100

2015/06/22 10:55:02:235 MDT [DEBUG] headers - http-outgoing-2 << Content-Length: 0

2015/06/22 10:55:02:235 MDT [DEBUG] headers - http-outgoing-2 << Server: Jetty(9.3.0.v20150612)

2015/06/22 10:55:02:235 MDT [DEBUG] MainClientExec - Connection can be kept alive indefinitely

2015/06/22 10:55:02:235 MDT [DEBUG] HttpAuthenticator - Authentication succeeded

2015/06/22 10:55:02:235 MDT [DEBUG] DefaultRedirectStrategy - Redirect requested to location 'https://bentek.ca/devices/?type=sat100'

2015/06/22 10:55:02:236 MDT [DEBUG] RedirectExec - Resetting target auth state

2015/06/22 10:55:02:236 MDT [DEBUG] RedirectExec - Redirecting to 'https://bentek.ca/devices/?type=sat100' via {s}->https://bentek.ca:443

2015/06/22 10:55:02:236 MDT [DEBUG] PoolingHttpClientConnectionManager - Connection [id: 2][route: {s}->https://bentek.ca:443] can be kept alive indefinitely

2015/06/22 10:55:02:237 MDT [DEBUG] PoolingHttpClientConnectionManager - Connection released: [id: 2][route: {s}->https://bentek.ca:443][total kept alive: 1; route allocated: 1 of 2; total allocated: 1 of 20]

2015/06/22 10:55:02:237 MDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match

2015/06/22 10:55:02:237 MDT [DEBUG] RequestAuthCache - Re-using cached 'basic' auth scheme for https://bentek.ca:443

2015/06/22 10:55:02:237 MDT [DEBUG] PoolingHttpClientConnectionManager - Connection request: [route: {s}->https://bentek.ca:443][total kept alive: 1; route allocated: 1 of 2; total allocated: 1 of 20]

2015/06/22 10:55:02:238 MDT [DEBUG] PoolingHttpClientConnectionManager - Connection leased: [id: 2][route: {s}->https://bentek.ca:443][total kept alive: 0; route allocated: 1 of 2; total allocated: 1 of 20]

2015/06/22 10:55:02:238 MDT [DEBUG] MainClientExec - Stale connection check

2015/06/22 10:55:02:239 MDT [DEBUG] MainClientExec - Executing request GET /devices/?type=sat100 HTTP/1.1

2015/06/22 10:55:02:239 MDT [DEBUG] MainClientExec - Target auth state: CHALLENGED

2015/06/22 10:55:02:239 MDT [DEBUG] MainClientExec - Proxy auth state: UNCHALLENGED

2015/06/22 10:55:02:239 MDT [DEBUG] headers - http-outgoing-2 >> GET /devices/?type=sat100 HTTP/1.1

2015/06/22 10:55:02:239 MDT [DEBUG] headers - http-outgoing-2 >> Accept: application/xml

2015/06/22 10:55:02:240 MDT [DEBUG] headers - http-outgoing-2 >> Host: bentek.ca

2015/06/22 10:55:02:240 MDT [DEBUG] headers - http-outgoing-2 >> Connection: Keep-Alive

2015/06/22 10:55:02:240 MDT [DEBUG] headers - http-outgoing-2 >> User-Agent: Apache-HttpClient/4.3.5 (java 1.5)

2015/06/22 10:55:02:240 MDT [DEBUG] headers - http-outgoing-2 >> Accept-Encoding: gzip,deflate

2015/06/22 10:55:02:240 MDT [DEBUG] headers - http-outgoing-2 >> Authorization: Basic YnllZTo3Nzcx

2015/06/22 10:55:04:142 MDT [DEBUG] headers - http-outgoing-2 << HTTP/1.1 200 OK

2015/06/22 10:55:04:143 MDT [DEBUG] headers - http-outgoing-2 << Content-Type: application/xml

2015/06/22 10:55:04:143 MDT [DEBUG] headers - http-outgoing-2 << Content-Length: 4697

2015/06/22 10:55:04:143 MDT [DEBUG] headers - http-outgoing-2 << Server: Jetty(9.3.0.v20150612)

2015/06/22 10:55:04:143 MDT [DEBUG] MainClientExec - Connection can be kept alive indefinitely

2015/06/22 10:55:04:144 MDT [DEBUG] HttpAuthenticator - Authentication succeeded

2015/06/22 10:55:04:144 MDT [DEBUG] PoolingHttpClientConnectionManager - Connection [id: 2][route: {s}->https://bentek.ca:443] can be kept alive indefinitely

2015/06/22 10:55:04:145 MDT [DEBUG] PoolingHttpClientConnectionManager - Connection released: [id: 2][route: {s}->https://bentek.ca:443][total kept alive: 1; route allocated: 1 of 2; total allocated: 1 of 20]

Prev by Date: [jetty-users] Static gzip content in DefaultServlet, firefox problems
Next by Date: [jetty-users] Performance issue with embedded Jetty
Previous by thread: [jetty-users] Static gzip content in DefaultServlet, firefox problems
Next by thread: [jetty-users] Performance issue with embedded Jetty
Index(es):
- Date
- Thread

Breadcrumbs