Forum Discussion

CXin's avatar
CXin
Frequent Contributor
12 years ago

Always get 401 Unauthorized response when using proxy

Hi,

Our API need proxy to access.
I can call GET resources successfully via browse by using proxy.
Simple of authorization:
Authorization: Digest username="box", realm="commonapi", nonce="1363761489129:c4d34d351f91a53af2b3373d10716dfa", uri="/api/ads", response="ff17f9260fb7b69007f31e6278b1a0bc", opaque="5116378867CAA018FA05542A2B74DC1E", qop=auth, nc=00000001, cnonce="a10f845ebfb470d3"

But When I call same resource via same proxy in soapui 4.5.1.1, always get 401 response.
Authorization send out from soapui 4.5.1.1 pro:
Authorization: Digest username="box", realm="commonapi", nonce="1363761635342:10456db10b08dac04e50047ca91a5912", uri="http://195.78.84.28:8080/api/ads", response="4dce11c1d8f0f8efc7c8fb27439a1c6d", qop=auth, nc=00000001, cnonce="d15498bca869a5a5ac447050468425e3", opaque="5116378867CAA018FA05542A2B74DC1E"

Also, "Authenticate Preemptively" is uncheck.

I also tried other two authorisation type in AUT tab, still doesn't work.

Please advice me!!!

6 Replies

Sort By
  • SmartBear_Suppo's avatar
    SmartBear_Suppo
    SmartBear Alumni (Retired)
    12 years ago
    Hi!

    Are you getting any other errors in the soapUI or error log tabs in the bottom of the main SoapUI window?

    --
    Regards

    Erik
    SmartBear Sweden
  • CXin's avatar
    CXin
    Frequent Contributor
    12 years ago
    SoapUI Log:
    Thu Mar 21 15:36:35 CST 2013:DEBUG:Stale connection check
    Thu Mar 21 15:36:35 CST 2013:DEBUG:Attempt 1 to execute request
    Thu Mar 21 15:36:35 CST 2013:DEBUG:Sending request: GET http://195.78.84.28:8080/api/ads HTTP/1.1
    Thu Mar 21 15:36:35 CST 2013:DEBUG:Receiving response: HTTP/1.1 401 Unauthorized
    Thu Mar 21 15:36:35 CST 2013:DEBUG:Connection can be kept alive indefinitely
    Thu Mar 21 15:36:35 CST 2013:DEBUG:Target requested authentication
    Thu Mar 21 15:36:35 CST 2013:DEBUG:Authorization challenge processed
    Thu Mar 21 15:36:35 CST 2013:DEBUG:Authentication scope: DIGEST 'commonapi'@195.78.84.28:8080
    Thu Mar 21 15:36:35 CST 2013:INFO:195.78.84.28:8080 requires authentication with the realm 'commonapi'
    Thu Mar 21 15:36:35 CST 2013:DEBUG:Found credentials
    Thu Mar 21 15:36:35 CST 2013:DEBUG:Attempt 2 to execute request
    Thu Mar 21 15:36:35 CST 2013:DEBUG:Sending request: GET http://195.78.84.28:8080/api/ads HTTP/1.1
    Thu Mar 21 15:36:36 CST 2013:DEBUG:Receiving response: HTTP/1.1 401 Unauthorized
    Thu Mar 21 15:36:36 CST 2013:DEBUG:Connection can be kept alive indefinitely
    Thu Mar 21 15:36:36 CST 2013:DEBUG:Target requested authentication
    Thu Mar 21 15:36:36 CST 2013:DEBUG:Authorization challenge processed
    Thu Mar 21 15:36:36 CST 2013:DEBUG:Authentication scope: DIGEST 'commonapi'@195.78.84.28:8080
    Thu Mar 21 15:36:36 CST 2013:DEBUG:Authentication failed
    Thu Mar 21 15:36:36 CST 2013:INFO:Got response for [kijijiCA-api.ads:Copy of REST Test Request] in 732ms (954 bytes)
    Thu Mar 21 15:37:07 CST 2013:DEBUG:Connection closed


    Http Log:
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "GET http://195.78.84.28:8080/api/ads HTTP/1.1[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "Accept-Encoding: gzip,deflate[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.60 Safari/537.1[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "Host: 195.78.84.28:8080[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "Proxy-Connection: Keep-Alive[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "HTTP/1.1 401 Unauthorized[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Server: Apache-Coyote/1.1[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Pragma: No-cache[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Expires: Thu, 01 Jan 1970 00:00:00 UTC[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "WWW-Authenticate: Digest realm="commonapi", qop="auth", nonce="1363851601518:bbded1aa41eed98ca4ea38fb747743af", opaque="A450CE69CD955F844B31906140A81D6B"[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Content-Type: text/html;charset=utf-8[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Date: Thu, 21 Mar 2013 07:40:01 GMT[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Cache-Control: no-cache, proxy-revalidate[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Content-Length: 954[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Proxy-Connection: Keep-Alive[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Connection: Keep-Alive[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Proxy-support: Session-based-authentication[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "<html><head><title>Apache Tomcat/6.0.35 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 401 - </h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u></u></p><p><b>description</b> <u>This request requires HTTP authentication ().</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/6.0.35</h3></body></html>"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "GET http://195.78.84.28:8080/api/ads HTTP/1.1[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "Accept-Encoding: gzip,deflate[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.60 Safari/537.1[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "Host: 195.78.84.28:8080[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "Proxy-Connection: Keep-Alive[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "Authorization: Digest username="box", realm="commonapi", nonce="1363851601518:bbded1aa41eed98ca4ea38fb747743af", uri="http://195.78.84.28:8080/api/ads", response="189e02bbf868c9c3412ad00c2c568832", qop=auth, nc=00000001, cnonce="79a8cb868a5b6dd796a1f4376a4f42d6", opaque="A450CE69CD955F844B31906140A81D6B"[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:>> "[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "HTTP/1.1 401 Unauthorized[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Server: Apache-Coyote/1.1[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Pragma: No-cache[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Expires: Thu, 01 Jan 1970 00:00:00 UTC[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "WWW-Authenticate: Digest realm="commonapi", qop="auth", nonce="1363851601879:1cb00e6a2363ed59d304fdde7e2d9f02", opaque="A450CE69CD955F844B31906140A81D6B"[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Content-Type: text/html;charset=utf-8[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Date: Thu, 21 Mar 2013 07:40:01 GMT[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Cache-Control: no-cache, proxy-revalidate[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Content-Length: 954[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Proxy-Connection: Keep-Alive[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Connection: Keep-Alive[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "Proxy-support: Session-based-authentication[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "[\r][\n]"
    Thu Mar 21 15:40:01 CST 2013:DEBUG:<< "<html><head><title>Apache Tomcat/6.0.35 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 401 - </h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u></u></p><p><b>description</b> <u>This request requires HTTP authentication ().</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/6.0.35</h3></body></html>"


    And I don't see any error in error log.

    Sample Request:
    GET http://195.78.84.28:8080/api/ads HTTP/1.1
    Accept-Encoding: gzip,deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.60 Safari/537.1
    Host: 195.78.84.28:8080
    Proxy-Connection: Keep-Alive
    Authorization: Digest username="box", realm="commonapi", nonce="1363851622323:02af748f643b9ca4c64b21e1761f4e47", uri="http://195.78.84.28:8080/api/ads", response="c4b235efd2f94396d13d14b5be306cc3", qop=auth, nc=00000001, cnonce="c7ed489f458b86710ff7746da752fa42", opaque="A450CE69CD955F844B31906140A81D6B"

    Sample Response:

    <html>
    <head>
    <meta content="HTML Tidy for Java (vers. 27 九月 2004), see www.w3.org" name="generator"/>
    <title>Apache Tomcat/6.0.35 - Error report</title>
    <style type="text/css">&lt;!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style>
    </head>
    <body>
    <h1>HTTP Status 401 -</h1>
    <hr noshade="noshade" size="1"/>
    <p>
    <b>type</b>
    Status report
    </p>
    <p>
    <b>message</b>
    </p>
    <p>
    <b>description</b>
    <u>This request requires HTTP authentication ().</u>
    </p>
    <hr noshade="noshade" size="1"/>
    <h3>Apache Tomcat/6.0.35</h3>
    </body>
    </html>


    Please check.
  • CXin's avatar
    CXin
    Frequent Contributor
    12 years ago
    Any people from soaupi team could help with this?
  • SmartBear_Suppo's avatar
    SmartBear_Suppo
    SmartBear Alumni (Retired)
    12 years ago
    Hi,

    Sorry for the delay in response. What kind of authorization is your service using? Judging from the logs, try checking the "Authenticate Pre-emtively" box and see if it changes the behavior.

    Regards,

    Arian
    SmartBear Sweden
    • abhiin's avatar
      abhiin
      New Member
      7 years ago

      I am also facing same issue, even though I execute with Pre-emptyvily.

      but no luck, its same.