Forum Discussion

CXin's avatar
CXin
Frequent Contributor
12 years ago

Always get 401 Unauthorized response when using proxy

Hi,

Our API need proxy to access.
I can call GET resources successfully via browse by using proxy.
Simple of authorization:
Authorization: Digest username="box", realm="commonapi", nonce="1363761489129:c4d34d351f91a53af2b3373d10716dfa", uri="/api/ads", response="ff17f9260fb7b69007f31e6278b1a0bc", opaque="5116378867CAA018FA05542A2B74DC1E", qop=auth, nc=00000001, cnonce="a10f845ebfb470d3"

But When I call same resource via same proxy in soapui 4.5.1.1, always get 401 response.
Authorization send out from soapui 4.5.1.1 pro:
Authorization: Digest username="box", realm="commonapi", nonce="1363761635342:10456db10b08dac04e50047ca91a5912", uri="http://195.78.84.28:8080/api/ads", response="4dce11c1d8f0f8efc7c8fb27439a1c6d", qop=auth, nc=00000001, cnonce="d15498bca869a5a5ac447050468425e3", opaque="5116378867CAA018FA05542A2B74DC1E"

Also, "Authenticate Preemptively" is uncheck.

I also tried other two authorisation type in AUT tab, still doesn't work.

Please advice me!!!
  • SmartBear_Suppo's avatar
    SmartBear_Suppo
    SmartBear Alumni (Retired)
    Hi!

    Are you getting any other errors in the soapUI or error log tabs in the bottom of the main SoapUI window?

    --
    Regards

    Erik
    SmartBear Sweden
  • CXin's avatar
    CXin
    Frequent Contributor
    SoapUI Log:
    Thu Mar 21 15:36:35 CST 2013:DEBUG:Stale connection check
    Thu Mar 21 15:36:35 CST 2013:DEBUG:Attempt 1 to execute request
    Thu Mar 21 15:36:35 CST 2013:DEBUG:Sending request: GET http://195.78.84.28:8080/api/ads HTTP/1.1
    Thu Mar 21 15:36:35 CST 2013:DEBUG:Receiving response: HTTP/1.1 401 Unauthorized
    Thu Mar 21 15:36:35 CST 2013:DEBUG:Connection can be kept alive indefinitely
    Thu Mar 21 15:36:35 CST 2013:DEBUG:Target requested authentication
    Thu Mar 21 15:36:35 CST 2013:DEBUG:Authorization challenge processed
    Thu Mar 21 15:36:35 CST 2013:DEBUG:Authentication scope: DIGEST 'commonapi'@195.78.84.28:8080
    Thu Mar 21 15:36:35 CST 2013:INFO:195.78.84.28:8080 requires authentication with the realm 'commonapi'
    Thu Mar 21 15:36:35 CST 2013:DEBUG:Found credentials
    Thu Mar 21 15:36:35 CST 2013:DEBUG:Attempt 2 to execute request
    Thu Mar 21 15:36:35 CST 2013:DEBUG:Sending request: GET http://195.78.84.28:8080/api/ads HTTP/1.1
    Thu Mar 21 15:36:36 CST 2013:DEBUG:Receiving response: HTTP/1.1 401 Unauthorized
    Thu Mar 21 15:36:36 CST 2013:DEBUG:Connection can be kept alive indefinitely
    Thu Mar 21 15:36:36 CST 2013:DEBUG:Target requested authentication
    Thu Mar 21 15:36:36 CST 2013:DEBUG:Authorization challenge processed
    Thu Mar 21 15:36:36 CST 2013:DEBUG:Authentication scope: DIGEST 'commonapi'@195.78.84.28:8080
    Thu Mar 21 15:36:36 CST 2013:DEBUG:Authentication failed
    Thu Mar 21 15:36:36 CST 2013:INFO:Got response for [kijijiCA-api.ads:Copy of REST Test Request] in 732ms (954 bytes)
    Thu Mar 21 15:37:07 CST 2013:DEBUG:Connection closed


    Http Log:
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "GET http://195.78.84.28:8080/api/ads HTTP/1.1[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "Accept-Encoding: gzip,deflate[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.60 Safari/537.1[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "Host: 195.78.84.28:8080[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "Proxy-Connection: Keep-Alive[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "HTTP/1.1 401 Unauthorized[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Server: Apache-Coyote/1.1[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Pragma: No-cache[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Expires: Thu, 01 Jan 1970 00:00:00 UTC[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "WWW-Authenticate: Digest realm="commonapi", qop="auth", nonce="1363851601518:bbded1aa41eed98ca4ea38fb747743af", opaque="A450CE69CD955F844B31906140A81D6B"[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Content-Type: text/html;charset=utf-8[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Date: Thu, 21 Mar 2013 07:40:01 GMT[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Cache-Control: no-cache, proxy-revalidate[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Content-Length: 954[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Proxy-Connection: Keep-Alive[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Connection: Keep-Alive[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Proxy-support: Session-based-authentication[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "<html><head><title>Apache Tomcat/6.0.35 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 401 - </h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u></u></p><p><b>description</b> <u>This request requires HTTP authentication ().</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/6.0.35</h3></body></html>"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "GET http://195.78.84.28:8080/api/ads HTTP/1.1[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "Accept-Encoding: gzip,deflate[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.60 Safari/537.1[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "Host: 195.78.84.28:8080[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "Proxy-Connection: Keep-Alive[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "Authorization: Digest username="box", realm="commonapi", nonce="1363851601518:bbded1aa41eed98ca4ea38fb747743af", uri="http://195.78.84.28:8080/api/ads", response="189e02bbf868c9c3412ad00c2c568832", qop=auth, nc=00000001, cnonce="79a8cb868a5b6dd796a1f4376a4f42d6", opaque="A450CE69CD955F844B31906140A81D6B"[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "HTTP/1.1 401 Unauthorized[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Server: Apache-Coyote/1.1[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Pragma: No-cache[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Expires: Thu, 01 Jan 1970 00:00:00 UTC[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "WWW-Authenticate: Digest realm="commonapi", qop="auth", nonce="1363851601879:1cb00e6a2363ed59d304fdde7e2d9f02", opaque="A450CE69CD955F844B31906140A81D6B"[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Content-Type: text/html;charset=utf-8[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Date: Thu, 21 Mar 2013 07:40:01 GMT[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Cache-Control: no-cache, proxy-revalidate[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Content-Length: 954[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Proxy-Connection: Keep-Alive[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Connection: Keep-Alive[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Proxy-support: Session-based-authentication[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "<html><head><title>Apache Tomcat/6.0.35 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 401 - </h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u></u></p><p><b>description</b> <u>This request requires HTTP authentication ().</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/6.0.35</h3></body></html>"


    And I don't see any error in error log.

    Sample Request:
    GET http://195.78.84.28:8080/api/ads HTTP/1.1
    Accept-Encoding: gzip,deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.60 Safari/537.1
    Host: 195.78.84.28:8080
    Proxy-Connection: Keep-Alive
    Authorization: Digest username="box", realm="commonapi", nonce="1363851622323:02af748f643b9ca4c64b21e1761f4e47", uri="http://195.78.84.28:8080/api/ads", response="c4b235efd2f94396d13d14b5be306cc3", qop=auth, nc=00000001, cnonce="c7ed489f458b86710ff7746da752fa42", opaque="A450CE69CD955F844B31906140A81D6B"

    Sample Response:

    <html>
    <head>
    <meta content="HTML Tidy for Java (vers. 27 九月 2004), see www.w3.org" name="generator"/>
    <title>Apache Tomcat/6.0.35 - Error report</title>
    <style type="text/css">&lt;!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style>
    </head>
    <body>
    <h1>HTTP Status 401 -</h1>
    <hr noshade="noshade" size="1"/>
    <p>
    <b>type</b>
    Status report
    </p>
    <p>
    <b>message</b>
    </p>
    <p>
    <b>description</b>
    <u>This request requires HTTP authentication ().</u>
    </p>
    <hr noshade="noshade" size="1"/>
    <h3>Apache Tomcat/6.0.35</h3>
    </body>
    </html>


    Please check.
  • CXin's avatar
    CXin
    Frequent Contributor
    Any people from soaupi team could help with this?
  • SmartBear_Suppo's avatar
    SmartBear_Suppo
    SmartBear Alumni (Retired)
    Hi,

    Sorry for the delay in response. What kind of authorization is your service using? Judging from the logs, try checking the "Authenticate Pre-emtively" box and see if it changes the behavior.

    Regards,

    Arian
    SmartBear Sweden
    • abhiin's avatar
      abhiin
      New Member

      I am also facing same issue, even though I execute with Pre-emptyvily.

      but no luck, its same.