• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Tomcat behind proxy must access to 2 different webservices

 
Adrien Ruffie
Ranch Hand
Posts: 92
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello all I have a problem,

my application run on tomcat is behind a proxy, so I have set in catalina.properties or during tomcat launching these properties:

http.proxyHost
http.proxyPort
http.proxyUser
http.proxyPassword

My application use 2 different webservices, one need a password and other don't need the provided password. But when I provide
proxy password, the webservice which don't need password fail.

And if I don't provide password the webservice which need, fail in its turn ... with following error:

Proxy Authentication Required (407) - Unauthorized
at org.restlet.resource.ClientResource.handle(ClientResource.java:748)
at org.restlet.resource.ClientResource.post(ClientResource.java:1103)

Some people have an idea ?

Thank you.

Best regards Adryen
 
Tim Holloway
Saloon Keeper
Pie
Posts: 18226
53
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I don't quite understand, but it sounds like there are 4 servers involved here:

1. A proxy server linking to Tomcat
2. The tomcat server
3. webservices server #1
4. webservices server #2

It seems to sound like maybe webservices server #1 also is fronted by a proxy server, possibly the same one proxying for Tomcat, but possibly not, but in either event, requiring proxy credentials. Whether webservices server #2 is proxied doesn't matter, since there are no proxy-related credentials.

I don't think Tomcat itself has any specific parameters that have to be set to make it proxied. At least in my case there aren't, although I let Tomcat handle its own security, not my proxy server.

For the web services, what really counts is what security credentials are supplied when the web services are invoked. That is being done by the webapp, and part of the application program's logic should be to supply whatever security tokens are needed as part of their interfaces to the web services. Thus, it is the responsibility to ensure that suitable security tokens are provided on a per-server basis when invoking foreign (webservices) servers.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic