RCurl Post не работает с аутентификацией Kerberos и SSL - PullRequest
Новая
       10

RCurl Post не работает с аутентификацией Kerberos и SSL

0 голосов
/ 09 июня 2018

POST-запрос с телом json.Обратный ответ также в json.

Без аутентификации kerberos, он работает.Но его сбой, когда я включаю Kerberos с SSL.Журналы сервера не показывают проблемы, рукопожатие успешно, и сервер показывает 200 кодов ответа.По какой-то причине R-клиент выдает ошибку.

Один и тот же запрос / ответ работает от клиента Postman во всех настройках.

У меня нет идей.Подскажите, пожалуйста, в чем здесь проблема и что можно сделать, чтобы ее исправить?Кажется, что проблема возникает в строке «игнорирование тела ответа, а затем выдает другой запрос» в случае неудачного ответа.

Вот трассировка:

Успешный запрос без аутентификации - 

    > 
    > datajson <- postForm(url, .opts = list(userpwd=":", httpauth = 4, ssl.verifypeer = FALSE, ssl.verifyhost = FALSE, postfields=jsonReq, httpheader=headers, verbose=TRUE))
    *   Trying xxx...
    * Connected to xxx (#0)
    * successfully set certificate verify locations:
    *   CAfile: xxx
      CApath: none
    * SSL connection using TLSv1.0 / ECDHE-RSA-AES128-SHA
    * Server certificate:
    *    subject: C=Unknown; ST=Unknown; L=Unknown; O=Unknown; OU=Unknown; CN=Unknown
    *    start date: 2018-05-18 17:30:19 GMT
    *    expire date: 2028-05-15 17:30:19 GMT
    *    issuer: C=Unknown; ST=Unknown; L=Unknown; O=Unknown; OU=Unknown; CN=Unknown
    *    SSL certificate verify result: self signed certificate (18), continuing anyway.
    > POST xxx
    Host: xxx
    Accept: application/json
    Content-Type: application/json
    charset: UTF-8
    Content-Length: 684

    * upload completely sent off: 684 out of 684 bytes
    < HTTP/1.1 200 
    < X-Content-Type-Options: nosniff
    < X-XSS-Protection: 1; mode=block
    < Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    < Pragma: no-cache
    < Expires: 0
    < Strict-Transport-Security: max-age=31536000 ; includeSubDomains
    < X-Frame-Options: DENY
    < X-Application-Context: application:auth-disabled
    < Set-Cookie: JSESSIONID=473690CD82915767E0999B1C350E2DD4; Path=/; Secure; HttpOnly
    < Content-Type: application/json;charset=UTF-8
    < Transfer-Encoding: chunked
    < Vary: Accept-Encoding
    < Date: Sat, 09 Jun 2018 17:08:08 GMT
    < 
    * Connection #0 to host ... left intact

Неудачный запрос с включенной аутентификацией Kerberos. 

    > datajson <- postForm(url, .opts = list(userpwd=":", httpauth = 4, ssl.verifypeer = FALSE, ssl.verifyhost = FALSE, postfields=jsonReq, httpheader=headers, verbose=TRUE))
    *   Trying xxx...
    * Connected to xxx (xxx) port xxx (#0)
    * successfully set certificate verify locations:
    *   CAfile: xxx
      CApath: none
    * SSL connection using TLSv1.0 / ECDHE-RSA-AES128-SHA
    * Server certificate:
    *    subject: C=US; ST=New York; CN=xxx
    *    start date: 2018-04-02 18:05:49 GMT
    *    expire date: 2023-04-01 18:05:49 GMT
    *    SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
    > POST /xxx HTTP/1.1
    Host: xxx
    Accept: application/json
    Content-Type: application/json
    charset: UTF-8
    Content-Length: 684

    * upload completely sent off: 684 out of 684 bytes
    < HTTP/1.1 401 
    < X-Content-Type-Options: nosniff
    < X-XSS-Protection: 1; mode=block
    < Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    < Pragma: no-cache
    < Expires: 0
    < X-Frame-Options: DENY
    < WWW-Authenticate: Negotiate
    < Transfer-Encoding: chunked
    < Date: Sat, 09 Jun 2018 17:09:22 GMT
    < 
    * Ignoring the response-body
    * Connection #0 to host xxxx left intact
    * Issue another request to this URL: 'xxx'
    * Found bundle for host xxx: 0xa3cc750
    * Re-using existing connection! (#0) with host xxx
    * Connected to xxx
    * Server auth using Negotiate with user ''
    > POST xxx HTTP/1.1
    Authorization: Negotiate YIIRaAYGKwYBBQUCoIIRXDCCEVigMDAuBgkqhkiC9xIBAgIGCSqGSIb3EgECAgYKKwYBBAGCNwICHgYKKwYBBAGCNwICCqKCESIEghEeYIIRGgYJKoZIhvcSAQICAQBughEJMIIRBaADAgEFoQMCAQ6iBwMFACAAAACjgg86YYIPNjCCDzKgAwIBBaEMGwpBRC5NTFAuQ09NoikwJ6ADAgECoSAwHhsESFRUUBsWZHhzcmZwcmlza3MwMDQubWxwLmNvbaOCDvAwgg7soAMCARehAwIBAqKCDt4Egg7aUNOEB5xYYks+W0Vn0RiHygONC3jsatuz95SxSNwR/HOSBANDCV+zeqmp1pjAiNPGpCcOoUG7w3feUTmqNI3oABccto2ragCk4naslWvdMkL2EZvX+P8U2cvPaG9vJ1o01pfe2ehxRLB9JREEfx7xxOF7avUMcHppXp+8QhGmhYYemeVfEJE/RGPDsCUE3vf82Wo1x0o9/5KBfd4MeZ+h4JWEKcnVMT9JkfAb/z8loZ9mKgdjlhFjChvqmhUR
    ...
    Host: xxx
    Accept: application/json
    Content-Type: application/json
    charset: UTF-8
    Content-Length: 684

    * upload completely sent off: 684 out of 684 bytes
    < HTTP/1.1 200 
    < X-Content-Type-Options: nosniff
    < X-XSS-Protection: 1; mode=block
    < Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    < Pragma: no-cache
    < Expires: 0
    < X-Frame-Options: DENY
    < Set-Cookie: JSESSIONID=70B42C7EDD0BE3140A93E34410773FCC; Path=/; Secure; HttpOnly
    < X-Application-Context: xxx
    < Content-Type: application/json;charset=UTF-8
    < Transfer-Encoding: chunked
    < Vary: Accept-Encoding
    < Date: Sat, 09 Jun 2018 17:09:24 GMT
    < 
    * Connection #0 to host xxx left intact
    Error: 
    >
...