All geek questions in one place

Cannot tunnel through proxies. Proxy returns "HTTP / 1.1 407" via https

I came across the curious behavior of java6 / 8. I am trying to tunnel through a proxy server that requires basic user authentication. Doing this with a standard java authenticator. If I try to access the https URL as the first URL, an exception is thrown:

java.io.IOException: cannot tunnel through a proxy. Proxy returns "HTTP / 1.1 407 Proxy Authentication Required"

But if I get the http url first and then the https url, https access works fine.

Given this code:

import java.io.BufferedReader; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.net.Authenticator; import java.net.HttpURLConnection; import java.net.InetSocketAddress; import java.net.PasswordAuthentication; import java.net.Proxy; import java.net.URL; public class ProxyPass { public ProxyPass( String proxyHost, int proxyPort, final String userid, final String password, String url ) { try { /* Create a HttpURLConnection Object and set the properties */ URL u = new URL( url ); Proxy proxy = new Proxy( Proxy.Type.HTTP, new InetSocketAddress( proxyHost, proxyPort ) ); HttpURLConnection uc = (HttpURLConnection) u.openConnection( proxy ); Authenticator.setDefault( new Authenticator() { @Override protected PasswordAuthentication getPasswordAuthentication() { if (getRequestorType().equals( RequestorType.PROXY )) { return new PasswordAuthentication( userid, password.toCharArray() ); } return super.getPasswordAuthentication(); } } ); uc.connect(); /* Print the content of the url to the console. */ showContent( uc ); } catch (IOException e) { e.printStackTrace(); } } private void showContent( HttpURLConnection uc ) throws IOException { InputStream i = uc.getInputStream(); char c; InputStreamReader isr = new InputStreamReader( i ); BufferedReader br = new BufferedReader( isr ); String line; while ((line = br.readLine()) != null) { System.out.println( line ); } } public static void main( String[] args ) { String proxyhost = "proxyHost"; int proxyport = proxyPort; final String proxylogin = proxyUser; final String proxypass = proxyPass; String url = "http://www.google.de"; String surl = "https://www.google.de"; // new ProxyPass( proxyhost, proxyport, proxylogin, proxypass, url ); // uncomment this line to see that the https request works! // System.out.println( url + " ...ok" ); // uncomment this line to see that the https request works! new ProxyPass( proxyhost, proxyport, proxylogin, proxypass, surl ); System.out.println( surl + " ...ok" ); }

Any suggestions, ideas?

+6
source share
2 answers

You need to edit the jdk.http.auth.tunneling.disabledSchemes and jdk.http.auth.proxying.disabledSchemes variables so that it is empty:

 jdk.http.auth.tunneling.disabledSchemes= jdk.http.auth.proxying.disabledSchemes=

In my case, I found in this file

jdk1.8.0_111 / JRE / Library / net.properties

+8
source

Change in Java 8 Update 111:

Now proxies requiring basic authentication when configuring the tunnel for HTTPS will no longer be executed by default. If necessary, this authentication scheme can be activated by removing Basic from jdk.http.auth.tunneling.disabledSchemes, or setting the system property with the same name to "" (empty) on the command line.

http://www.oracle.com/technetwork/java/javase/8u111-relnotes-3124969.html

You can try running Java with

 java -Djdk.http.auth.tunneling.disabledSchemes=""

or perhaps better (security): update the authentication scheme of your proxy server, for example. for access authentication digest.

+23
source

Source: https://habr.com/ru/post/1013824/

More articles:


All Articles