X

An Oracle blog about Web Services and Security in the Fusion Cloud

  • August 3, 2016

Handling Proxy Server Authentication Requests in Java

Terence Munday
Application Architect


Overview

Corporate networks often employ a proxy server to provide an additional layer of security when communicating with servers outside the company's firewall. The proxy server is typically configured to control and restrict access to web content. Internal clients connect to the proxy server and request external resources.  The proxy server establishes the connection with the external resource and forwards responses back to the client. 

Java provides a mechanism to support communication through proxy servers.  Simply set the following system properties at runtime and java will use them:

-Dhttp.proxyHost=<proxy host>
-Dhttp.proxyPort=<proxy port>

Some proxy servers are configured to require authentication.  If this is the case, you need to add code to your java client to support authentication or you will receive connection refused messages.  The following figure illustrates a very basic authentication flow between the client, proxy server and endpoint.

Fig 1: Basic proxy server authentication flow


In this example, the Java client is sending an HTTP request to an external web server.  By specifying the Java system properties identified above, the client connects to proxy server.  The proxy server sends a request back to the client for credentials.  The client provides the credentials and the proxy server authenticates the client.  If authentication is successful, the proxy server forwards the request to the external server.  The external server sends the response back to the proxy server which in turn sends the response to the client.

This blog describes how to implement the necessary code to properly handle authentication when a proxy server requests it.



Implementation

When a proxy server requires authentication, it responds to connection requests with a credential request.  In Java, this is handled by setting a default authenticator.  There are numerous authentication types that are supported by Java.  In this example, we will be using a simple username and password authenticator.

Add the following code to your client and initialize the proxy authenticator before creating any connections:

private void initializeProxyAuthenticator() {
    final String proxyUser = System.getProperty("http.proxyUser");
    final String proxyPassword = System.getProperty("http.proxyPassword");

    if (proxyUser != null && proxyPassword != null) {
        Authenticator.setDefault(
          new Authenticator() {
            public PasswordAuthentication getPasswordAuthentication() {
              return new PasswordAuthentication(
                proxyUser, proxyPassword.toCharArray()
              );
            }
          }
        );
    }
}

Finally, set the following Java system properties:

-Dhttp.proxyUser=<proxy user>
-Dhttp.proxyPassword=<proxy password>



That's it! 

Your Java client should now properly handle authentication requests from your proxy server.


Join the discussion

Comments ( 2 )
  • Proxysitelist Friday, December 2, 2016

    This article is a very nice.


  • guest Monday, March 27, 2017

    Nice to receive proxy server in JAVA script. Thanks for the blog.


Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.Captcha