Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Security >> Java Secure Socket Extension (JSSE)

Trying to Access Website using SSL running JAVA from inside ORACLE DB

Hi,

I am trying to access website using SSL and running JAVA code from inside Oracle 10g DB server using SSL and Java. I have loaded my java code into Oracle data base. My problem is when I am running same code from outside the DB it is running perfectly fine but when the same code is loaded into DB and trying to run from DB under these environment I am using for running my code:-

*******************************

JDK 1.4.2_06

JSSE 1.4

Database :- Oracke 10G

*******************************

I am getting following Exception:-

CALL testssl_http_mar20_New();

java.io.IOException:Unable to tunnel through 123.456.789.123:80. Proxy returns "HTTP/1.1 407 Proxy Authentication Required ( The ISA Server requires authorization to fulfill the request. Access to the Web Proxy service is denied.)

at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a(DashoA12275

)

at

com.sun.net.ssl.internal.www.protocol.https.HttpsClient.doConnect(DashoA12275)

at

com.sun.net.ssl.internal.www.protocol.https.NetworkClient.openServer(DashoA12275

)

at com.sun.net.ssl.internal.www.protocol.https.HttpClient.l(DashoA12275)

at com.sun.net.ssl.internal.www.protocol.https.HttpClient.<init>(DashoA1

2275)

at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.<init>(DashoA

12275)

at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a(DashoA12275

)

at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a(DashoA12275

)

at

com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect(DashoA122

75)

at

com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getInputStream(Da

shoA12275)

at java.net.URL.openStream(URL.java:924)

at SecureURLhttp_Mar20_New.SecureURLhttp_Mar20_New(

source code is below :-

import java.io.*;

import java.net.*;

import java.security.*;

import java.util.*;

publicclass SecureURLhttp

{

publicstaticvoid main(String[] args)throws Exception

{

SecureURLhttp r =new SecureURLhttp();

r.SecureURLhttp();

}

publicstaticvoid SecureURLhttp()throws IOException

{

System.setProperty("java.protocol.handler.pkgs","oracle.aurora.rdbms.url|com.sun.net.ssl.internal.www.protocol");

System.setProperty("https.proxySet","true");

Authenticator.setDefault(new MyAuthenticator());

System.setProperty("https.proxyHost","123.456.789.123");

System.setProperty("https.proxyPort","80");

// URL verisign = new URL("https://login.oracle.com/");

URL verisign =new URL("https://www.verisign.com");

BufferedReader in =new BufferedReader(new InputStreamReader(verisign.openStream()));

String inputLine;

while ((inputLine = in.readLine()) !=null)

System.out.println(inputLine);

in.close();

/* Code Newly Add for checking the system property*/

java.util.Properties props = System.getProperties();

java.util.Enumeration propNames = props.propertyNames();

while (propNames.hasMoreElements ())

{

Object o= propNames.nextElement();

String name = (String ) o;

String val = props.getProperty(name);

System.out.println ( name +" = " + val );

}

}

privatestaticclass MyAuthenticatorextends Authenticator{

protected PasswordAuthentication getPasswordAuthentication(){

returnnew PasswordAuthentication("<USERNAME>",new String("<USER_PASSWORD>").toCharArray());

}

}

}

Please help me out:

Thanks a lot in advance.

[5417 byte] By [fun_with_Javaa] at [2007-11-26 22:15:55]
«« JTable columns question
»» problem with SIP proxy
# 1
Hi,I am sorry to say but is there nobody who can help me oput regarding this. Please try to help me regarding this.Expecting your all co-operationRegards,Fun_with_Java
fun_with_Javaa at 2007-7-10 11:08:41 > top of Java-index,Security,Java Secure Socket Extension (JSSE)...
# 2
It should work, although this line: System.setProperty("https.proxySet","true");does nothing. Does your Authenticator get called? and are you sure it's returning a valid username and password?
ejpa at 2007-7-10 11:08:41 > top of Java-index,Security,Java Secure Socket Extension (JSSE)...
# 3
does this help : http://www.oracle.com/technology/tech/java/oc4j/1013/how_to/how-to-ds-proxy/doc/how-to-ds-proxy.html
NephYliMa at 2007-7-10 11:08:41 > top of Java-index,Security,Java Secure Socket Extension (JSSE)...
# 4

First of let me say Thanks to NephYliM & ejp for their response.

Well currently we are using ISA server for authenticating proxy . As we have analyzed its log and find that even when we are sending user name and password in java

return new PasswordAuthentication("<USERNAME>",new String("<USER_PASSWORD>").toCharArray());

then also ISA server is getting username as anonymous. Even though v have tried as suggested by NepYIiM but unfortunately doesn't got any success in that .please help me out regarding this

fun_with_Javaa at 2007-7-10 11:08:41 > top of Java-index,Security,Java Secure Socket Extension (JSSE)...
# 5

0- the fact the ISA server logs an 'anonymous' seems logical, since it answers by HTTP 407. I will say it's even a "good log" :) but I had preferred a good old "security exception" but it's not the case..

1- The code for checking the properties (your debugging) should be placed BEFORE trying to connect to the url if you want to see what's happening

2- The 'normal' way to set the proxy is to set the following properties

System.setProperty("http.proxySet","true"); // and NOT https.proxyset as ejp said

System.setProperty("http.proxyHost","123.456.789.123");

System.setProperty("http.proxyPort","80");

3- what's the behavior if you change 123.456.789.123 by the real name (hostname) of the server ?

4- You can try setting up the proxy in the java control panel instead of in your code (easy to do under Windows, you look for the networking settings, and you find the proxy settings for http/https there. Otherwise look for all files called net.properties and edit them).

5- to help debbuging, we can rely on several methods of Authenticator :

protected PasswordAuthentication getPasswordAuthentication() {

System.err.println(".\tgetRequestingHost: " + getRequestingHost());

System.err.println("..\tgetRequestingSite: " + getRequestingSite());

System.err.println("...\tgetRequestingPort: " + getRequestingPort());

System.err.println("....\tgetRequestingProtocol: " + getRequestingProtocol());

System.err.println(".....\tgetRequestingPrompt: " + getRequestingPrompt());

System.err.println("......\tgetRequestingScheme: " + getRequestingScheme());

return new PasswordAuthentication("<USERNAME>",new String("<USER_PASSWORD>").toCharArray());

}

Try all this and let us see the output messages.

Please remember to give some 'duke stars' if it helped resolving the problem ;)

NephYliM

NephYliMa at 2007-7-10 11:08:41 > top of Java-index,Security,Java Secure Socket Extension (JSSE)...
# 6

> 2- The 'normal' way to set the proxy is to set the

> following properties

> System.setProperty("http.proxySet","true"); // and

> NOT https.proxyset as ejp said

Setting either of these does nothing and never has. http.proxySet belongs to the defunt HotJava bean. https.proxySet has never existed at all. Using either of them to control the JDK is just urban myth.

> System.setProperty("http.proxyHost","123.456.789.123");

> System.setProperty("http.proxyPort","80");

You should set the https versions of these properties if you are using HTTPS.

ejpa at 2007-7-10 11:08:41 > top of Java-index,Security,Java Secure Socket Extension (JSSE)...
Security
Java Secure Socket Extension (JSSE)

Security New Topic

Security Hot Topic

Security

All Classified