Posts
The usual corporate networks provide internet access via proxy servers and at times they require authentication as well. May applications do open the connections to servers which are external to the corporate intranet. So one has to do proxy authentication programmatically. Fortunately Java provides a transparent mechanism to do proxy authentications.
Create a simple class like below-
import java.net.Authenticator;and put these lines of code before your code opens an URLConnection-
class ProxyAuthenticator extends Authenticator {
private String user, password;
public ProxyAuthenticator(String user, String password) {
this.user = user;
this.password = password;
}
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication(user, password.toCharArray());
}
}
Authenticator.setDefault(new ProxyAuthenticator("user", "password"));
System.setProperty("http.proxyHost", "proxy host");
System.setProperty("http.proxyPort", "port");Now all calls will successfully pass through the proxy authentication.
28 Comments:
Hi
This works fine in case of stand alone program. But in case of a web application it is throwing
Proxy authentication requires error.
Is there any thing to change in the code, when run as a web application.
I am using weblogic 9.2 to run my application.
Can you please help me ijn this case.
Thanks in Advance
Praveen
Hi Praveen,
No Idea about WL 9.2, though it works fine on Tomcat.
Thanks,
Vinod
i tried this. but i m getting following exception
can u help me out ????
*************************************************************
11:44:16,688 INFO [STDOUT] 2008-10-30 11:44:16,688 ERROR [HttpMethodDirector-authenticate-235]-Credentials cannot be used for NTLM authentication: org.apache.commons.httpclient.UsernamePasswordCredentials
org.apache.commons.httpclient.auth.InvalidCredentialsException: Credentials cannot be used for NTLM authentication: org.apache.commons.httpclient.UsernamePasswordCredentials
11:44:16,719 INFO [STDOUT] 2008-10-30 11:44:16,719 ERROR [searchTrip_jsp-_jspService-658]-Transport error: 407 Error: Proxy Authentication Required ( The ISA Server requires authorization to fulfill the request. Access to the Web Proxy filter is denied. )
org.apache.axis2.AxisFault: Transport error: 407 Error: Proxy Authentication Required ( The ISA Server requires authorization to fulfill the request. Access to the Web Proxy filter is denied. )
***************************************************************
This example uses System properties. This is not ideal for web applications--as this system property will affect the complete JVM running the web application.
We ran into issues when we deployed two web-applications, one of which connected to a local HTTP server, and the other using proxy connected to a internet site. When we set the system properties, the one requiring local connection was also trying to go through the proxy.
Finally we used Apache HTTP Client:
http://hc.apache.org/httpcomponents-client/index.html
This has a neat proxy authentication implementation.
subWiz,
Thanks, for the update.
thanks Mr.vinod,i tried this and it worked properly.......
Would this work for ftp.proxy* as well?
I think it should, though I never tried it for ftp protocol hence no definitive answer ;-)
is there a way , where you can set proxyUser, and proxyPassword, without setting property in System class.
Because i have this issue on Weblogic, not able to set property in system class(i mean the system.setProperty has no effect)
I tried apach HttpClient as well, it doesnot support NTLM.
Tejas
Do you need to set any SecurityManager in order for
Authenticator.setDefault(new ProxyAuthenticator("user", "password"));
to work?
NO, it works without that.
yeah...it worked for me....
- Anurag Verma
Is there any way to setting proxy config to particular class? Or else, is there any way to setting proxy config to jax-ws? I don't want to touch global jvm config(
System.setProperty("http.proxyHost", "proxy host");).
Because I concern it will effect to all other classes which are connecting to network things(various host and ip which are actually local). I don't want to exclude em by "http.nonProxyHosts" also. Is there any way? Thanks in adv for help.
Yes it worked for me.
But the problem is that its caching the credentials which are provided for the first call and is not picking up the new credentials.
Please suggest how we can reset the JVM cache for java.net.Authenticator object reference.
Thanks
Thank you very much!
It worked!
Thank you alot. Your solution worked perfectly well. It is accepted by the proxy without any hitches.
1. import java.net.Authenticator;
2.
3. class ProxyAuthenticator extends Authenticator {
4.
5. private String user, password;
6.
7. public ProxyAuthenticator(String user, String password) {
8. this.user = user;
9. this.password = password;
10. }
11.
12. protected PasswordAuthentication getPasswordAuthentication() {
13. return new PasswordAuthentication(user, password.toCharArray());
14. }
15. }
I have implemented above.
I want to verify that the provided username and password are correct for that proxy,
When password authorization is not needed means getPasswordAuthentication() will not call at this time.
I need this to ensure the username and password are correct when they needed means when getPasswordAuthentication() will call.
Hi,
Thanks a lot for the post.
Regards
Aditya
i am trying to acces SSRS 2008 web services using JAX-WS , tomcat 6, jdk1.6 form sun, on windows vista machine. but getPasswordAuthentication() is never called & client proxy pick up the loged in user credentials from the machine itself.. please help
Thanks a lot sir, Your solution worked gr8.
But i m struck at a point where i need to give the domain name as well ! where to set the same ?
Any help would be gr8.
Hi, Authenticator is invoked in unix platform but when comes to windows platform authenticator is not invoked instead system credentials are getting passed.
This document says
On Microsoft Windows platforms, NTLM authentication attempts to acquire the user credentials from the system without prompting the user's authenticator object. If these credentials are not accepted by the server then the user's authenticator will be called."
http://docs.oracle.com/javase/6/docs/technotes/guides/net/http-auth.html
I have set the proxy host and port in the client but still issue persists.
Can any one suggest me how to override this windows behaviour.
was spending half a day to realize that you MUST provide an authenticator if you get a 407 error
here's my code working now
private void setProxy()
{
class ProxyAuthenticator extends Authenticator
{
private String user, password;
public ProxyAuthenticator(String user, String password)
{
this.user = user;
this.password = password;
}
protected PasswordAuthentication getPasswordAuthentication()
{
return new PasswordAuthentication(user, password.toCharArray());
}
}
// if there are no credentials you MUST use empty user / password
Authenticator.setDefault(new ProxyAuthenticator("", ""));
System.setProperty("java.net.useSystemProxies", "true");
System.setProperty("http.nonProxyHosts", "*.localdomain.com|localhost");
// or use explicit proxy url and port
//System.setProperty("http.proxyHost", "proxyurl");
//System.setProperty("http.proxyPort", "port");
System.setProperty( "http.proxyUser", "" );
System.setProperty( "http.proxyPassword", "" );
}
In addition to my post earlier this day:
! don't include the proxy URL in the wildcard for "nonProxyHosts" !
Worked perfectly. Thanks!!
I received an error that PasswordAuthenticator cannot be resolved to a type.
Vinod - I was interested in a script which will authenticate once for me the proxy so that I don't need to enter them manually everytime I connect via IE. This has been a headache and a routine job that I keep doing all the time. Please suggest an alternative.
Vinod thanks a lot for the example . I tried the sample but it says Exception in thread "main" java.net.ProtocolException: Server redirected too many times (20) , I am unable to find out what is the issue . Kindly guide me
Regards
Arvind
What if the site you are connecting to also requires a username/password to allow you. Setting a Default Authenticator(Authenticator.setDefault) will fail I guess when the external site will look for authenticated user.
Used this code earlier and was getting the error (407) Proxy Authentication Required.
I believe that was because the authentication was requested by different hosts. and when you set a default authenticator with one user/pass for one host, then the authentication will fail for other requesting host. I made the following change yesterday to SimpleAuthenticator class and now it works like a charm.
Can't paste complete class here ,so documented here: http://blog.ashwani.co.in/blog/2013-07-29/access-sharepoint-webservices-from-java-behind-proxy/
Post a Comment