Hello,
I'm trying to setup a shibb 2.0 idp behind a firewall. We have a http proxy that should be used for any http(s) requests on the Internet.
My question is about the MetadataProvider and especialy the FileBackedHTTPMetadataProvider one. As my metadataURL is located on the internet, how to configure the MetadataProvider to use our http proxy ?
I tried to configure my java tomcat like that:
JAVA_OPTS=-Dhttp.proxyHost=
proxyout.inist.fr -Dhttp.proxyPort=8080
But it seams to be ignored by the MetadataProvider. I got a such exception in the logs:
08:51:20.698 - WARN [org.opensaml.saml2.metadata.provider.FileBackedHTTPMetadataProvider:101] - Unable to read metadata from remote server, attempting to read it from local backup
java.net.NoRouteToHostException: No route to host
at java.net.PlainSocketImpl.socketConnect(Native Method) [na:1.5.0_16]
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333) [na:1.5.0_16]
at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195) [na:1.5.0_16]
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182) [na:1.5.0_16]
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366) [na:1.5.0_16]
at java.net.Socket.connect(Socket.java:520) [na:1.5.0_16]
at java.net.Socket.connect(Socket.java:470) [na:1.5.0_16]
at java.net.Socket.<init>(Socket.java:367) [na:1.5.0_16]
at java.net.Socket.<init>(Socket.java:240) [na:1.5.0_16]
at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80) [commons-httpclient-3.1.jar:na]
at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122) [commons-httpclient-3.1.jar:na]
at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) [commons-httpclient-3.1.jar:na]
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387) [commons-httpclient-3.1.jar:na]
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) [commons-httpclient-3.1.jar:na]
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) [commons-httpclient-3.1.jar:na]
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) [commons-httpclient-3.1.jar:na]
at org.opensaml.saml2.metadata.provider.HTTPMetadataProvider.fetchMetadata(HTTPMetadataProvider.java:277) [opensaml-2.2.2.jar:na]
at org.opensaml.saml2.metadata.provider.FileBackedHTTPMetadataProvider.fetchMetadata(FileBackedHTTPMetadataProvider.java:99) [opensaml-2.2.2.jar:na]
...
Any help is very welcomed.
regards,
Stéphane Gully