Spring OAuth2 URL Works for Postman but not Java HTTPClient

I have build an OAuth2 Authorization Server based on Spring Boot 3.x and latest Spring Authorization Server (Version 1.1.x). The security filters is very primitive and all OAuth2 endpoints work well under Postman. Anyway when I try to migrate the Restful URLs from Postman to Apache Java HTTP Client (4.5.x), then all endpoints stuck at the response as below

“HttpResponseProxy{HTTP/1.1 200 Connection Established [Proxy-Agent: Ztunnel/1.0] ResponseEntityProxy{[Chunked: false]}}”

I debug the code and found out the Servlet input stream is closed and no data returned from the OAuth server. The proxy-agent is from Zscaler, a security proxy, and I cannot remove it. I do not feed any info of the proxy settings to Postman. I wonder how Postman can skip over the proxy and how I can made the same config applying to Apache HTTP Client.

Why would you want to bypass a security feature like this?

I would recommend setting up the proxy with the correct rules to allow the traffic to pass through.

It will probably be something to do with http vs https, and the relevant certificates.

If its Java, then you will have to import the certificates manually.

You don’t mention where you run Postman from, but if its a windows workstation, then the certificates process will be similar (if not automatic).

Postman also has a feature\option to ignore the https certificates which while ok for testing, isn’t something that should be done if the whole point is to test the API for further development.

Thanks for your response. The problem is resolved. The Zscaler by default listens port 9000 which coincidentally pickup by my OAuth server. Once switch another port, then everything work well.

Our corp IT setup the rule to have Zscaler ignore Postman and that is why only Postman work but not other clients. Zscaler should just return an error clearly saying traffic is affected instead of returning status 200.

1 Like

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.