Announcement

Collapse
No announcement yet.
X
  • Filter
  • Time
Clear All
new posts

    HttpProxy Error

    We've enabled the HTTP Proxy servlet and are trying to call a webservice from our client. We're getting a 403 error in the SmartGWT console:

    Code:
    [
        {
            response:{
                data:"Transport error - HTTP code: 403 for URL: https://entapps.assaabloyusa.com/trackpoint-staging/ExternalServices/TrackPointExternalServices.asmx?WSDL (via proxy: https://protech-dev.aa-bts.com/Protech/sc/HttpProxy)", 
                status:-90
            }
        }
    ]
    I'm also not seeing any error content from the server side logs. This works when running locally in the IDE, but then doesn't in our environment. All of the other SmartGWT servlets work so I know there's not some server configuration that's incorrect. Here's the web.xml snippet:

    Code:
        <servlet>
            <servlet-name>httpproxy</servlet-name>
            <servlet-class>com.isomorphic.servlet.HttpProxyServlet</servlet-class>
        </servlet>
        <servlet-mapping>
            <servlet-name>httpproxy</servlet-name>
            <url-pattern>/Protech/sc/HttpProxy</url-pattern>
        </servlet-mapping>
    Is there any other config that would be necessary for this to work?

    #2
    The proxy is working just fine, but your service is returning HTTP 403 Forbidden. This likely means there is some kind of credential that is needed that you are not passing.

    Comment


      #3
      Ok, thanks. That at least helps us track down where the issue is at. I'm just curious why the URL works in a browser but not when executed from the proxy servlet:

      https://entapps.assaabloyusa.com/tra...ices.asmx?WSDL

      Comment


        #4
        As we said, because there is some kind of credential you are not passing.

        When you access the URL from your browser, you have cookies and perhaps other things that the browser is passing to your service. The HttpProxy is running on a Java server and does not have access to your browser's cookies. What it sends is only what you tell it to send.

        Comment


          #5
          We figured out that this is coming specifically from our server. We use Spring Security to secure our application. All of the other requests to the "sc/*" urls work just fine. Is a different handling in security necessary for the Http Proxy?

          Comment


            #6
            We’ve already answered your question, so to take a step back, different security systems may keep a session intact via cookies, via URL tokens, or via other mechanisms. You need to figure out whatever mechanism your Spring Security system is using, and pass the necessary data through the proxy.

            There is no possible way for our HttpProxy - or any proxy - to magically handle this for you. You need to do it.

            Comment


              #7
              aderosso maybe spring 5 requires the CSRF token. Actually I don't know how to add it with the HttpProxy.

              Comment


                #8
                If it's a URL parameter, put it in the URL. If it's a cookie, put in the httpHeaders, since cookies are httpHeaders.

                Comment

                Working...
                X