Announcement Announcement Module
Collapse
No announcement yet.
Proxy problem Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Proxy problem

    Hi,

    I have started to look into the example and try to figure out how the SAML extension works.

    I have managed to build and deploy the example into WebLogic 12c, but I am not able to figure out how to make the httpMetaDataProvider access the idp-meta.xml hosted on idp.ssocircle.com through our firewall. It does not seem like it obeys the -Dhttp.proxyHost= setting.

    Is there any way to configure it to go through our proxy server?

    -ttjarl

  • #2
    Hi,

    You can find answer in this thread.

    Vladi

    Comment


    • #3
      Hi Vladi,

      Thanks for a quick reply. I have followed the instructions and made a wrapper on the HttpClient that allows me to inject proxy host and proxy port.

      The example now directs me to ssocircle where I can log on, but I am not able to make the relay back to the example web app work.

      There is nothing logged, but I find the following written to stdout:

      - I/O exception (java.net.ConnectException) caught when processing request: Connection timed out: Connect

      Do you have any suggestions on where I should start looking?

      Best regards,
      ttjarl

      Comment


      • #4
        Hi,

        Just follow the same thread, it covers this problem as well - most likely your artifact resolution needs the same proxy settings.

        Brs, Vladi

        Comment


        • #5
          Hi Vladi,

          Thanks again for your prompt reply.

          I did inject the same httpclient into the artifactresolver, but that is not sufficient to make it work.

          I believe that the httpclient ignores the proxyhost-settings when it tries to open an https connection.

          Best regards,
          ttjarl

          Comment


          • #6
            Hi,

            There are then three options:

            - You can either disable the HTTP-Artifact profile and use HTTP-POST instead, you can do so by removing AssertionConsumerService for HTTP-Artifact from your SP metadata and uploading it again to the IDP.
            - You can subclass the ArtifactResolutionProfileImpl, change the securityContext.xml to use your new subclass and override method "protected HostConfiguration getHostConfiguration()". You can call super first and then set proxy settings in the created HostConfiguration object.
            - I'll try to find a moment during weekend to see if there are some other possibilities and will think about how to make this easier.

            Best regards,
            Vladi

            Comment


            • #7
              Hi Vladi,

              You were right.

              I made my own subclass of ArtifactResolutionProfileImpl and with override of getHostConfiguration where I copied the Proxy parameters into the returned HostConfiguration.

              The example app is now working as it should.

              Maybe you should consider adding support for handling Proxy in the getHostConfiguration method of ArtifactResolutionProfileImpl ?

              Best regards,
              ttjarl

              Comment


              • #8
                Glad you got it working! Yes, I'll see what could be changed to make this possible without subclassing.

                Vladi

                Comment

                Working...
                X