Skip to main content

This content has been archived and is no longer being updated. Links may not function; however, this content may be relevant to outdated versions of the product.

Support Article

OAuth2 REST Connector not working when set up with proxy

SA-41337

Summary



Setting up Proxy for the REST Connector is not working when using OAuth2. It appears to not be using the configured proxy information provided in the JVM settings when obtaining OAuth2 tokens.
HFix-33175 (which fixed some proxy behavior for REST Connectors) does not resolve issue, as the OAuth2 implementation is separate from the REST Connector implementation and they are using two separate Client objects. The OAuth2 implementation never attempts to configure its Client object to use a proxy.


Error Messages


2017-07-17 13:16:33,218 CDT [fault (self-tuning)'] [TABTHREAD1] [ ] [ Your_App:01.01.01] (ivity.Rule_Connect_REST.Action) ERROR Your_Pega_Host|Your_IP 5239917 - REST Connector connectivity test failed: Caught Exception while creating OAuth2 client
com.pega.pegarules.pub.services.OutboundMappingException: Caught Exception while creating OAuth2 client
at com.pega.pegarules.integration.engine.internal.client.rest.PegaOAuth20HttpAuthScheme.fetchAccessToken(PegaOAuth20HttpAuthScheme.java:108)
at com.pega.pegarules.integration.engine.internal.client.rest.PegaOAuth20HttpAuthScheme.setCredentials(PegaOAuth20HttpAuthScheme.java:121)
at com.pega.pegarules.integration.engine.internal.client.rest.PegaOAuth20HttpAuthScheme.setupRequest(PegaOAuth20HttpAuthScheme.java:146)
at com.pega.pegarules.integration.engine.internal.client.rest.ComponentsRESTClient.applyAuthScheme(ComponentsRESTClient.java:334)
at com.pega.pegarules.integration.engine.internal.client.rest.ComponentsRESTClient.applyAuthDetails(ComponentsRESTClient.java:351)
at com.pega.pegarules.integration.engine.internal.client.rest.ComponentsRESTClient.createApacheRequest(ComponentsRESTClient.java:520)
at com.pega.pegarules.integration.engine.internal.client.rest.ComponentsRESTClient.invokeRESTClient(ComponentsRESTClient.java:168)
at com.pega.pegarules.integration.engine.internal.connect.rest.RESTConnector.invokeREST(RESTConnector.java:1131)
...
Caused by: com.pega.pegarules.pub.PRRuntimeException: Unable to obtain access token for client details in authentication profile configured for connector. Please check the logs for more details.
at com.pega.pegarules.integration.engine.internal.client.oauth2.OAuth2ClientImpl.getAccessTokenPage(OAuth2ClientImpl.java:277)
...
Caused by: java.lang.RuntimeException: org.apache.http.conn.HttpHostConnectException: Connect to your_rest_endpoint:your_https_port [your_rest_endpoint/your_rest_endpoint_ip] failed: Connection timed out (Connection timed out)
at com.pega.pegarules.integration.engine.internal.client.rest.ComponentsRESTClient.invokeRESTClient(ComponentsRESTClient.java:181)
...
Caused by: org.apache.http.conn.HttpHostConnectException: Connect to your_rest_endpoint:your_https_port [your_rest_endpoint/your_rest_endpoint_ip] failed: Connection timed out (Connection timed out)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:158)
...
Caused by: java.net.ConnectException: Connection timed out (Connection timed out)
at java.net.PlainSocketImpl.socketConnect(Native Method)


Steps to Reproduce



1. Add the below JVM settings in setDomainEnv.cmd
-Dhttp.proxyHost=<your_proxy_hostname>
-Dhttp.proxyPort=<your_proxy_port>
-Dhttps.proxyHost=<your_proxy_hostname>
-Dhttps.proxyPort=<your_proxy_port>

2. Install HFix-33175

3. Restart the server.

4. Create a REST Connector that does not use authentication and call it. The request will pass and the proxy server will contain an entry for this call.

5. Create a REST Connector that requires uses OAuth2 authentication, make sure there are no tokens currently associated with the user/profile, and call the Connector. The request for the token will NOT go through the proxy server, and the connection will fail.


Root Cause



A defect in Pegasystems’ code or rules. In the case where use of the HTTP proxy is required in order to complete a connection to the OAuth2 provider, no successful interactions with the OAuth2 Provider can be made, thus the Pega application fails to obtain the required artifacts for connecting to the remote resource that the REST Connector is made to connect to.

Resolution



Apply Hfix-35998. Restart the JVM for the code changes to take effect.
Suggest Edit

Published August 26, 2017 - Updated October 8, 2020

Did you find this content helpful? Yes No

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us