Fail to log in to Rational Team Concert using HttpClient.
Hi,
I'm writing a Java http client connecting to RTC 2.0 which shows the exception below. Does someone know how to resolve this? Thanks a lot.
Here is my codes.
URL url = new URL(_serverURL);
client.getParams().setAuthenticationPreemptive(true);
Credentials defaultcreds = new UsernamePasswordCredentials(user, pwd);
client.getState().setCredentials(new AuthScope(url.getHost(),
url.getPort(), AuthScope.ANY_REALM), defaultcreds);
client.executeMethod(httpget);
Exception:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1611)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1035)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:124)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:828)
at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2116)
at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
at oracle.alm.rtc.changemanagement._test.CMServiceTest.login(CMServiceTest.java:51)
at oracle.alm.rtc.changemanagement._test.CMServiceTest.main(CMServiceTest.java:115)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191)
at sun.security.validator.Validator.validate(Validator.java:218)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1014)
... 18 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
... 24 more
I'm writing a Java http client connecting to RTC 2.0 which shows the exception below. Does someone know how to resolve this? Thanks a lot.
Here is my codes.
URL url = new URL(_serverURL);
client.getParams().setAuthenticationPreemptive(true);
Credentials defaultcreds = new UsernamePasswordCredentials(user, pwd);
client.getState().setCredentials(new AuthScope(url.getHost(),
url.getPort(), AuthScope.ANY_REALM), defaultcreds);
client.executeMethod(httpget);
Exception:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1611)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1035)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:124)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:828)
at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2116)
at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
at oracle.alm.rtc.changemanagement._test.CMServiceTest.login(CMServiceTest.java:51)
at oracle.alm.rtc.changemanagement._test.CMServiceTest.main(CMServiceTest.java:115)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191)
at sun.security.validator.Validator.validate(Validator.java:218)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1014)
... 18 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
... 24 more
7 answers
Hi,
it seems to me that you have problems with the certitificate. Is it a self-signet
certificate? If yes, this could be the reason (in my case it was it and I had to
modify the trust manager).
Which version of httpClient are you using?
Stef
Hi Stef,
Thanks for the reply. I use HttpClient 3.1 API to work with trial version of Jazz Team Server which has Rational Team Concert 2.0 installed.
Would you tell me what you change to trust manager? Thanks a lot.
Winson
Hi Stef,
Thanks for the reply. I have created a self-signed certificate and can pass invalid certificate issue. However, I can't log in to Team Concert using HttpURLConnection and receive error response page, not login page, below. Do you know what I do wrong? You may send me (wenhsinl@comcast.net) the sample codes. Thanks a lot.
HttpURLConnection conn = null;
URL url = new URL(serverUrl);
try
{
conn = (HttpURLConnection)url.openConnection();
conn.setRequestMethod("POST");
conn.setDoOutput(true);
conn.setDoInput(true);
conn.setRequestProperty("Accept", "application/x-oslc-cm-change-request+xml");
conn.setRequestProperty("Keep-Alive", "300");
conn.setRequestProperty("Connection", "keep-alive");
conn.setRequestProperty("Referer", "https://localhost:9443/jazz");
conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
OutputStreamWriter wr = new OutputStreamWriter(conn.getOutputStream());
wr.write("authenticated/identity?redirectPath=%2Fjazz%2F");
wr.flush();
wr.close();
readFromURL(conn);
conn.disconnect();
}
catch (IOException e)
{
e.printStackTrace();
}
Error Response page Header:
{null=,
X-com-ibm-team-repository-web-auth-msg=,
Date=,
Content-Length=,
Expires=,
Last-Modified=,
Set-Cookie=,
Content-Type=,
Server=,
Cache-Control=}<DOCTYPE>
Error Response pager:
<Licensed>
<html>
<head>
<meta>
<meta>
<title>Loading...</title>
<link>
<link></link>
<style>
#net-jazz-ajax-NoScriptMessage {
width: 100%;
color: #D0D0D0;
font-size: 2em;
text-align: center;
position: absolute;
top: 45%;
z-index: 999;
}
</style>
<if>
<style>
body {
width: expression(documentElement.clientWidth < 860 ? "860px": "" );
}
</style>
<endif>
</head>
<body>
<noscript><div>Javascript is either disabled or not available in your Browser</div></noscript>
<div>Loading...</div>
<div></div>
<script>
djConfig = {isDebug: false, usePlainJson: true, baseUrl: "/jazz/web/dojo/"};
net = {jazz: {ajax: {}}};
net.jazz.ajax._dataServerRoot = null;
net.jazz.ajax._contextRoot = "/jazz";
net.jazz.ajax._webuiPrefix = "/web/";
</script>
<script></script>
<script>
dojo.require("net.jazz.ajax.ui.PlatformUI");
</script>
<script>
/* <CDATA> */
</script>
<script>
/* <CDATA> */
</script>
</body>
</html>
Thanks for the reply. I have created a self-signed certificate and can pass invalid certificate issue. However, I can't log in to Team Concert using HttpURLConnection and receive error response page, not login page, below. Do you know what I do wrong? You may send me (wenhsinl@comcast.net) the sample codes. Thanks a lot.
HttpURLConnection conn = null;
URL url = new URL(serverUrl);
try
{
conn = (HttpURLConnection)url.openConnection();
conn.setRequestMethod("POST");
conn.setDoOutput(true);
conn.setDoInput(true);
conn.setRequestProperty("Accept", "application/x-oslc-cm-change-request+xml");
conn.setRequestProperty("Keep-Alive", "300");
conn.setRequestProperty("Connection", "keep-alive");
conn.setRequestProperty("Referer", "https://localhost:9443/jazz");
conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
OutputStreamWriter wr = new OutputStreamWriter(conn.getOutputStream());
wr.write("authenticated/identity?redirectPath=%2Fjazz%2F");
wr.flush();
wr.close();
readFromURL(conn);
conn.disconnect();
}
catch (IOException e)
{
e.printStackTrace();
}
Error Response page Header:
{null=,
X-com-ibm-team-repository-web-auth-msg=,
Date=,
Content-Length=,
Expires=,
Last-Modified=,
Set-Cookie=,
Content-Type=,
Server=,
Cache-Control=}<DOCTYPE>
Error Response pager:
<Licensed>
<html>
<head>
<meta>
<meta>
<title>Loading...</title>
<link>
<link></link>
<style>
#net-jazz-ajax-NoScriptMessage {
width: 100%;
color: #D0D0D0;
font-size: 2em;
text-align: center;
position: absolute;
top: 45%;
z-index: 999;
}
</style>
<if>
<style>
body {
width: expression(documentElement.clientWidth < 860 ? "860px": "" );
}
</style>
<endif>
</head>
<body>
<noscript><div>Javascript is either disabled or not available in your Browser</div></noscript>
<div>Loading...</div>
<div></div>
<script>
djConfig = {isDebug: false, usePlainJson: true, baseUrl: "/jazz/web/dojo/"};
net = {jazz: {ajax: {}}};
net.jazz.ajax._dataServerRoot = null;
net.jazz.ajax._contextRoot = "/jazz";
net.jazz.ajax._webuiPrefix = "/web/";
</script>
<script></script>
<script>
dojo.require("net.jazz.ajax.ui.PlatformUI");
</script>
<script>
/* <CDATA> */
</script>
<script>
/* <CDATA> */
</script>
</body>
</html>
Hi,
source is on the way...the structure is as:
* Open the eclipse project RTCREST02
* Start your Jazz server
* Start the JUnit Test testRTCFacace (change the code line rtcconnect.login("localhost", 9443, "ADMIN","ADMIN"); if necessary)
BTW, what I tried to create was a Facade to get easily information about projects, workitems, queries etc. But there is still place do to some coding (the last 5 %). Maybe we can share work...
cu
Stef
source is on the way...the structure is as:
* Open the eclipse project RTCREST02
* Start your Jazz server
* Start the JUnit Test testRTCFacace (change the code line rtcconnect.login("localhost", 9443, "ADMIN","ADMIN"); if necessary)
BTW, what I tried to create was a Facade to get easily information about projects, workitems, queries etc. But there is still place do to some coding (the last 5 %). Maybe we can share work...
cu
Stef