Authenticated HTTP proxy with Java

Question

How can I configure the username and password to authenticate a http proxy server using Java   I just found the following configuration parameters   http proxyHost  lt proxyAddress gt  http proxyPort  lt proxyPort gt  https proxyHost  lt proxyAddress gt  https proxyPort  lt proxyPort gt    But  my proxy server requires authentication  How can I configure my app to use the proxy server

User · Answer

Most of the answer is in existing replies, but for me not quite. This is what works for me with java.net.HttpURLConnection (I have tested all the cases with JDK 7 and JDK 8). Note that you do not have to use the Authenticator class.

Case 1 : Proxy without user authentication, access HTTP resources

-Dhttp.proxyHost=myproxy -Dhttp.proxyPort=myport

Case 2 : Proxy with user authentication, access HTTP resources

-Dhttp.proxyHost=myproxy -Dhttp.proxyPort=myport -Dhttps.proxyUser=myuser -Dhttps.proxyPassword=mypass

Case 3 : Proxy without user authentication, access HTTPS resources (SSL)

-Dhttps.proxyHost=myproxy -Dhttps.proxyPort=myport

Case 4 : Proxy with user authentication, access HTTPS resources (SSL)

-Dhttps.proxyHost=myproxy -Dhttps.proxyPort=myport -Dhttps.proxyUser=myuser -Dhttps.proxyPassword=mypass

Case 5 : Proxy without user authentication, access both HTTP and HTTPS resources (SSL)

-Dhttp.proxyHost=myproxy -Dhttp.proxyPort=myport -Dhttps.proxyHost=myproxy -Dhttps.proxyPort=myport

Case 6 : Proxy with user authentication, access both HTTP and HTTPS resources (SSL)

-Dhttp.proxyHost=myproxy -Dhttp.proxyPort=myport -Dhttp.proxyUser=myuser -Dhttp.proxyPassword=mypass -Dhttps.proxyHost=myproxy -Dhttps.proxyPort=myport -Dhttps.proxyUser=myuser -Dhttps.proxyPassword=mypass

You can set the properties in the with System.setProperty("key", "value) too.

To access HTTPS resource you may have to trust the resource by downloading the server certificate and saving it in a trust store and then using that trust store. ie

 System.setProperty("javax.net.ssl.trustStore", "c:/temp/cert-factory/my-cacerts");
 System.setProperty("javax.net.ssl.trustStorePassword", "changeit");

User · Answer

http   rolandtapken de blog 2012-04 java-process-httpproxyuser-and-httpproxypassword says      Other suggest to use a custom default Authenticator  But that s dangerous because this would send your password to anybody who asks    This is relevant if some http https requests don t go through the proxy  which is quite possible depending on configuration   In that case  you would send your credentials directly to some http server  not to your proxy   He suggests the following fix      Java ignores http proxyUser  Here come s the workaround  Authenticator setDefault new Authenticator          Override     protected PasswordAuthentication getPasswordAuthentication             if  getRequestorType      RequestorType PROXY                String prot   getRequestingProtocol   toLowerCase                String host   System getProperty prot     proxyHost                    String port   System getProperty prot     proxyPort    80                String user   System getProperty prot     proxyUser                    String password   System getProperty prot     proxyPassword                     if  getRequestingHost   equalsIgnoreCase host                     if  Integer parseInt port     getRequestingPort                             Seems to be OK                      return new PasswordAuthentication user  password toCharArray                                                         return null                I haven t tried it yet  but it looks good to me   I modified the original version slightly to use equalsIgnoreCase   instead of equals host toLowerCase    because of this  http   mattryall net blog 2009 02 the-infamous-turkish-locale-bug and I added  80  as the default value for port to avoid NumberFormatException in Integer parseInt port

User · Answer

EDIT  As pointed out by the OP  the using a java net Authenticator is required too  I m updating my answer accordingly for the sake of correctness     EDIT 2  As pointed out in another answer  in JDK 8 it s required to remove basic auth scheme from jdk http auth tunneling disabledSchemes property   For authentication  use java net Authenticator to set proxy s configuration and set the system properties http proxyUser and http proxyPassword    final String authUser    user   final String authPassword    password   Authenticator setDefault    new Authenticator          Override     public PasswordAuthentication getPasswordAuthentication           return new PasswordAuthentication authUser  authPassword toCharArray                   System setProperty  http proxyUser   authUser   System setProperty  http proxyPassword   authPassword    System setProperty  jdk http auth tunneling disabledSchemes

User · Answer

But  setting only that parameters  the authentication don t works   Are necessary to add to that code the following   final String authUser    myuser   final String authPassword    secret    System setProperty  http proxyHost    hostAddress    System setProperty  http proxyPort    portNumber    System setProperty  http proxyUser   authUser   System setProperty  http proxyPassword   authPassword    Authenticator setDefault    new Authenticator         public PasswordAuthentication getPasswordAuthentication           return new PasswordAuthentication authUser  authPassword toCharArray

User · Answer

For Java 1 8 and higher you must set      -Djdk http auth tunneling disabledSchemes    to make proxies with Basic Authorization working with https along with Authenticator as mentioned in accepted answer

User · Answer

Try this runner I wrote  It could be helpful   import java io InputStream  import java lang reflect Method  import java net Authenticator  import java net PasswordAuthentication  import java net URL  import java net URLConnection  import java util Scanner   public class ProxyAuthHelper        public static void main String   args  throws Exception           String tmp   System getProperty  http proxyUser   System getProperty  https proxyUser             if  tmp    null                System out println  Proxy username                  tmp   new Scanner System in  nextLine                      final String userName   tmp           tmp   System getProperty  http proxyPassword   System getProperty  https proxyPassword             if  tmp    null                System out println  Proxy password                  tmp   new Scanner System in  nextLine                      final char   password   tmp toCharArray             Authenticator setDefault new Authenticator                  Override             protected PasswordAuthentication getPasswordAuthentication                     System out println   n-------------- nProxy auth      userName                   return new PasswordAuthentication  userName  password                                        Class lt   gt  clazz   Class forName args 0            Method method   clazz getMethod  main   String   class           String   newArgs   new String args length - 1           System arraycopy args  1  newArgs  0  newArgs length           method invoke null  new Object   newArgs

User · Answer

You re almost there  you just have to append   -Dhttp proxyUser someUserName -Dhttp proxyPassword somePassword

[java] Authenticated HTTP proxy with Java

Examples related to java

Examples related to http

Examples related to proxy