Apacha HttpClient configuration - apache-httpclient-4.x

I'm currently using RestTemplate backed by Apache http client 4.5.6 in my web server for making http requests. My HttpClient configuration is as follows:
PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager();
connectionManager.setMaxTotal(httpConfigurationProperties.getConnection().getMaxTotal());
connectionManager.setDefaultMaxPerRoute(httpConfigurationProperties.getConnection()
return HttpClients.custom()
.setDefaultRequestConfig(RequestConfig
.custom()
.setConnectionRequestTimeout((int) httpConfigurationProperties.getTimeout().getConnectionRequestTimeout().toMillis())
.setConnectTimeout((int) httpConfigurationProperties.getTimeout().getConnectTimeout().toMillis())
.setSocketTimeout((int) httpConfigurationProperties.getTimeout().getReadTimeout().toMillis())
.build())
.setRetryHandler(StandardHttpRequestRetryHandler.INSTANCE)
.setConnectionManager(connectionManager)
.build();
When I make a HTTP GET, once in a while i see this:
I/O exception (java.net.SocketException) caught when processing
request to {s}->: Connection reset
I have read in another post that this is caused by server(that I'm sending request to) closing the connection without informing client. And StandardHttpRequestRetryHandler was able to retry it. But HTTP POST methods are not retried because they are not idempotent operations. But is there a configuration that can avoid this connection reset in first place?
And I have tried using evictExpiredConnections and does not help. Will setting connectionManager.setValidateAfterInactivity(20000) help validating connection before using?
Before using apache http client I used SimpleClientHttpRequestFactory in RestTemplate and I never faced connection reset issues. Any help is appreciated

Related

How do I get POCO SecureSMTPClientSession class to work, using NetSSL_Win module?

I have built Poco 1.11 and am unable to get secure SMTP connections, or HTTPS connections in general, to work, with the NetSSL_Win module (i.e. using Windows Schannel rather than OpenSSL). There is a sample in the distribution at NetSSL_Win\samples\Mail\src :
SecureSMTPClientSession session(mailhost);
session.login();
session.startTLS(pContext);
if ( !username.empty() )
{
session.login(SMTPClientSession::AUTH_LOGIN, username, password);
}
session.sendMessage(message);
session.close();
When I run it, the second login() call, after the startTLS() call, throws this error:
SSL Exception: Failed to decode data: The specified data could not be decrypted
The server in this case was smtp.gmail.com, on port 587.
I get the same error message for any other HTTPS client code I try to run as well.
Is anyone successfully using Poco 1.11 for HTTPS connections, using Windows Schannel?

Connect to AWS IoT MessageBroker with SigV4 presignedURL using Eclipse Paho MQTT client

I am trying to create a Java Mqtt Client using Eclipse Paho which can connect to an AWS IoT MessageBroker using a SigV4 presigned URL generated using AwsIotWebSocketUrlSigner's getSignedUrl method. This connection will be using MQTT over Websockets and has a URL syntax starting with "wss://".
The connection code looks like this.
IMqttAsyncClient client = new MqttAsyncClient(*presignedUrl*,MqttAsyncClient.generateClientId(), new MemoryPersistence());
MqttConnectOptions options = new MqttConnectOptions();
options.setCleanSession(true);
IMqttToken token = client.connect(options);
token.waitForCompletion();
client.setCallback( *callBackObject* );
client.subscribe(topic, AWSIotQos.QOS1.getValue());
I keep getting below Exception. It's failing at the connect() above.
MqttException (0) - java.lang.NullPointerException
at org.eclipse.paho.client.mqttv3.internal.ExceptionHelper.createMqttException(ExceptionHelper.java:38)
at org.eclipse.paho.client.mqttv3.internal.ClientComms$ConnectBG.run(ClientComms.java:664)
at java.lang.Thread.run(Thread.java:749)
Caused by: java.lang.NullPointerException
at org.eclipse.paho.client.mqttv3.internal.websocket.WebSocketHandshake.receiveHandshakeResponse(WebSocketHandshake.java:133)
at org.eclipse.paho.client.mqttv3.internal.websocket.WebSocketHandshake.execute(WebSocketHandshake.java:74)
at org.eclipse.paho.client.mqttv3.internal.websocket.WebSocketSecureNetworkModule.start(WebSocketSecureNetworkModule.java:77)
at org.eclipse.paho.client.mqttv3.internal.ClientComms$ConnectBG.run(ClientComms.java:650)
In Eclipse Paho code Exception happens here while validating the WSS Handshake.
String connectionHeader = (String) headerMap.get(HTTP_HEADER_CONNECTION);
if (connectionHeader == null || connectionHeader.equalsIgnoreCase(HTTP_HEADER_CONNECTION_VALUE)) {
throw new IOException("WebSocket Response header: Incorrect connection header");
}
I am able to connect using a Javascript client and presignedUrl.
Any help/sample code will is much appreciated.
Found this while looking at how AWS Sdk does it as it uses Eclipse Paho underneath. https://github.com/aws/aws-iot-device-sdk-java/blob/647449e654096172ebfcc31d79a8c582f952219d/aws-iot-device-sdk-java/src/main/java/com/amazonaws/services/iot/client/core/AwsIotWebsocketConnection.java#L46
It was adding port no 443 to the clientEndpoint. Apparently the presignedUrl I had was not having it. So I changed the signingUrl to also have port no and it worked.

502 (BAD GATEWAY) and 504 (GATEWAY TIMEOUT) in Wirecloud

Time ago we set up a PEP proxy to secure the API our widgets are using. All have being working correctly until today, that we are receiving a 502 Bad Gateway error code for every call going through the proxy.
We have checked the requests are reaching our server and it is responsing correctly to them. The parameters added by the proxy (x-nick-name, x-display-name...) are defined correctly too.
We have also checked the requests outside wirecloud and all go well: we get the token properly and use it in the subsequent calls without problem.
We do not know where this error comes from, any ideas?
EDIT 06/11/2015
After Alvaro's new setting we are receiving the following error in the response body:
{
"description": "Connection Error",
"details": "('Connection aborted.', error(104, 'Connection reset by peer'))"
}
EDIT 09/11/15
Today, the code received in the request's response is different: 504 GATEWAY TIMEOUT
{
"description": "Connection Error",
"details": "('Connection aborted.', error(104, 'Connection reset by peer'))"
}
EDIT 16/11/15
Answering to Mr. Alonso's question:
1.- If we request directly to the server, the response is correctly displayed in the application.
2.- Here you can see the logs from the PEP Proxy with the new line added. As you can see the request is redirected correctly but the info is not displayed in the app.
Seems that the problem is in the PEP proxy side.
I've checked using other tools like curl (I obtained the connection details from the server log). Making the same request using curl gives the same result than using WireCloud: connection reset by peer. Also, if I make the request without the X-Auth-Token header, your service responds with an 401 error code. This is important, because it means that there is not a communication problem between the Mashup portal and your server. I don't know why, but the PEP proxy seems to be crashing when making the authenticated request from the Mashup portal (the same command works executing it from my machine).
I suggest you to restart the PEP proxy. If the problem persist, please attach any available info about the crash from the PEP proxy logs.
You can check three things to give us more information:
Try to remove the PEP and send the request directly to your service.
Introduce a new log in PEP to print the headers of the response: line 41 of lib/HTTPClient.js, log.debug("Headers: ", headers);
Try to send a request to the root path (directly to the tomacat or apache)
If not perhaps we can talk in private to check more information

SignalR on HTTPS

I am trying to use SignalR client side libraries on HTTPS server. It works fine on normal server but on HTTPS server, it is throwing an exception.
try
{
...
hubConnection = new HubConnection(signalUrl);
proxy = hubConnection.CreateHubProxy("SignalRConnect");
hubConnection.Start().Wait(); // throws an exception at this line
...
}
catch (Exception ex) {
I am getting exception - "The remote certificate is invalid according to the validation procedure."
}
Does anybody has an idea how to configure client side SignalR?
Thank you in advanced.
Medha
If your server requires custom client certificates then you can use SignalR 1.1 beta to add an x509certificate to the connection before the request is made.
Issue is resolved. I removed the code of creating proxy from the controller and add code on client side and get context of the hub from controller code.
var hubContext = GlobalHost.ConnectionManager.GetHubContext();
and use hubContext for client notification.

nginx modifying the jsonp response message

We are creating a web api application. In one of our API's if there are any validation errors, we are returning the error message in JSONP format. In the API Request URL user adds a query string parameter ?jsoncallback=xxxxxxxxxx like this.
On validation failure we are throwing a 400 bad request JSONP with response message in the below format:
xxxxxxxxxx({"error","error message"})
It is working good in all the environments, where there is no nginx. In our staging environment we have nginx configured.
Here it is modifying the output as below:
badrequest{"error","error message"})
Because of this our front end application is unable to read the response message.
Could you please let me know, what configuration setting of nginx could cause this problem?
Thanks in Advance
Venkat.
Actually the problem is not due to nginx.
It is due to IIS 7.5 in our staging server which is causing the problem.
Below configuration change in web.config has fixed it.
<httpErrors errorMode="Detailed" />