Connected to Host through ZAP possible although no acceptance of connection within timeout of 20000 ms

[Panagiotis Omiliadis]

Hi,

I configured my browser (Mozilla Firefox) to access the internet through ZAP.

Although the host (internal network site) does not accept the connection I can access it.

Here is the message I get on my browser when I press the button "Open Network Login Page" button:

ZAP Error [org.apache.commons.httpclient.ConnectTimeoutException]: The host did not accept the connection within timeout of 20000 ms


Stack Trace:
java.net.SocketTimeoutException: connect timed out
	at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method)
	at java.net.DualStackPlainSocketImpl.socketConnect(Unknown Source)
	at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source)
	at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source)
	at java.net.AbstractPlainSocketImpl.connect(Unknown Source)
	at java.net.PlainSocketImpl.connect(Unknown Source)
	at java.net.SocksSocketImpl.connect(Unknown Source)
	at java.net.Socket.connect(Unknown Source)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at org.apache.commons.httpclient.protocol.ReflectionSocketFactory.createSocket(ReflectionSocketFactory.java:140)
 [wrapped] org.apache.commons.httpclient.ConnectTimeoutException: The host did not accept the connection within timeout of 20000 ms
	at org.apache.commons.httpclient.protocol.ReflectionSocketFactory.createSocket(ReflectionSocketFactory.java:155)
	at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:125)
	at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:728)
	at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361)
	at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:449)
	at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:201)
	at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
	at org.parosproxy.paros.network.HttpSender.executeMethod(HttpSender.java:398)
	at org.parosproxy.paros.network.HttpSender.runMethod(HttpSender.java:633)
	at org.parosproxy.paros.network.HttpSender.send(HttpSender.java:589)
	at org.parosproxy.paros.network.HttpSender.sendAuthenticated(HttpSender.java:565)
	at org.parosproxy.paros.network.HttpSender.sendAuthenticated(HttpSender.java:553)
	at org.parosproxy.paros.network.HttpSender.sendAndReceive(HttpSender.java:458)
	at org.parosproxy.paros.network.HttpSender.sendAndReceive(HttpSender.java:428)
	at org.parosproxy.paros.core.proxy.ProxyThread.processHttp(ProxyThread.java:564)
	at org.parosproxy.paros.core.proxy.ProxyThread.run(ProxyThread.java:321)
	at java.lang.Thread.run(Unknown Source)

In the Zap.log file I could not find any entry related to this.

[Peter Hauschulz]

You might see more info in the zap.log file if you change the log4j.properties to DEBUG. 

What happens if you login to the network before proxying through ZAP?

[Simon Bennetts]

I dont think DEBUG will help - ZAP has just failed to connect to the site after trying for 20 seconds.

Either the site is unavailable or is taking longer than 20 secs to respond.

[Ailton Caetano]

I have seen web applications taking more than 30 seconds to give a proper answer. Go to Options -> Connection and raise the timeout (180? 600 seconds?). I that does not settle things, check if you have some kind of connectivity issue to it.

Regards,

Ailton Caetano

--
You received this message because you are subscribed to the Google Groups "OWASP ZAP User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to zaproxy-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/zaproxy-users/a8f3f59c-e2a7-4b9a-a72b-158bf16b8bc2%40googlegroups.com.