Closed lwittenb closed 3 years ago
Can you send the stack trace for 9.0.2
?
One suggestion that I can give out right now is to check if you have the right certificates
Here is the full stack trace:
2021-02-16 12:17:33,337 [main] ERROR [DialogManager] (DialogManager.java:210) Error while fetching access token from token service:
2021-02-16 12:17:33,339 [main] INFO [DialogManager] (DialogManager.java:211) java.lang.RuntimeException: Error while fetching access token from token service:
at com.ibm.cloud.sdk.core.security.TokenRequestBasedAuthenticator.getToken(TokenRequestBasedAuthenticator.java:256)
at com.ibm.cloud.sdk.core.security.TokenRequestBasedAuthenticator.authenticate(TokenRequestBasedAuthenticator.java:194)
at com.ibm.cloud.sdk.core.service.BaseService.setAuthentication(BaseService.java:280)
at com.ibm.cloud.sdk.core.service.BaseService.createCall(BaseService.java:218)
at com.ibm.cloud.sdk.core.service.BaseService.createServiceCall(BaseService.java:256)
at com.ibm.watson.assistant.v2.Assistant.createSession(Assistant.java:171)
at mypackage.watson.business.DialogManager.main(DialogManager.java:183)
Caused by: java.net.ConnectException: Failed to connect to iam.cloud.ibm.com/95.100.59.118:443
at okhttp3.internal.connection.RealConnection.connectSocket(RealConnection.java:265)
at okhttp3.internal.connection.RealConnection.connect(RealConnection.java:183)
at okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.java:224)
at okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.java:108)
at okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.java:88)
at okhttp3.internal.connection.Transmitter.newExchange(Transmitter.java:169)
at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:41)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:94)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:88)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:229)
at okhttp3.RealCall.execute(RealCall.java:81)
at com.ibm.cloud.sdk.core.security.TokenRequestBasedAuthenticator$2.run(TokenRequestBasedAuthenticator.java:312)
at java.lang.Thread.run(Unknown Source)
Caused by: java.net.ConnectException: Connection timed out: connect
at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source)
at java.net.AbstractPlainSocketImpl.connect(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at okhttp3.internal.platform.Platform.connectSocket(Platform.java:130)
at okhttp3.internal.connection.RealConnection.connectSocket(RealConnection.java:263)
... 20 more
DialogManager is my class and line 183 is the following:
if (null != assistant)
{
ServiceCall<SessionResponse> serviceCall = assistant.createSession(options);
What certificates are you referring to? I don't have any... :(
Ok, so having again a look at the stacktrace, what is this additional endpoint?
Caused by: java.net.ConnectException: Failed to connect to iam.cloud.ibm.com/95.100.59.118:443
I am being told that the only URL pattern in the proxy whitelist is:
https://*.watson.cloud.ibm.com/*
Because of the service endpoint we're using: https://api.eu-de.assistant.watson.cloud.ibm.com
So far it was enough with the java-sdk... but something changed since v7.0.0 with the IamAuthenticator, right? I did not find any mention of this in the documentation though... only endpoints mentioned are the api ones.
@lwittenb Okay so here's what could be happening, in the older version of the SDK the proxy would affect the authenticator when you called the functionconfigureClient
. So, the proxy would be used to grab your credentials by going to the iam.cloud.ibm.com
site. Now, in newer versions of the SDK, you have to add a proxy for the authenticator too. In other words, configureClient
doesn't set a proxy for the authenticator anymore.
So here you have two choices:
Can you try doing this
Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(proxyHost, proxyPort));
IamAuthenticator authenticator = new IamAuthenticator(apiKey);
authenticator.setProxy(proxy);
Assistant assistant = new Assistant("2019-04-30", authenticator);
HttpConfigOptions httpOptions = new HttpConfigOptions.Builder()
.proxy(proxy)
.loggingLevel(HttpConfigOptions.LoggingLevel.BASIC)
.build();
assistant.configureClient(httpOptions);
Aaaah perfect, setting the proxy for the authenticator solved my issue. I had no idea it was also necessary for that, as I did not find any related note either in the readme.md or in the apidocs.
Thanks a lot anyway. Cheers
Hello,
I have opened a question on stackoverflow, but with no feedback and further investigation, I think there's something wrong. Initial question: https://stackoverflow.com/questions/66174163/ibm-watson-assistant-https-proxy-not-working
Context Java application (jdk 1.8.0_65 and 11.0.6+10), using IBM Watson Assistant API at https://api.eu-de.assistant.watson.cloud.ibm.com, within corporate network through HTTPS proxy.
Issue Previously, I was using:
All was fine with the following code (also ok with v6.14.2), which means the session was created and I was getting an ID:
Now, moving to:
On the same environment, the updated code does not work anymore (also with v9.0.2), and keeps raising an exception with the following message only: "Error while fetching access token from token service:"
I could rollback to java-sdk instead of ibm-watson, but most Constructor and functions are marked as deprecated. If I manually inject the proxy in the system properties, like this:
It also works and the session is created.
So I suspect something's wrong with the management of the HttpConfigOptions in ibm-watson, that was ok in java-sdk. Could you please advice?
Thank you Regards