How can I configure HTTPClient to authenticate against a SOCKS proxy?

Question

I need to set up proxy authentication against a SOCKS proxy. I found out this post giving instructions that appear to work with common HTTP proxies.

        httpclient.getHostConfiguration().setProxy("proxyserver.example.com", 8080);

        HttpState state = new HttpState();
        state.setProxyCredentials(new AuthScope("proxyserver.example.com", 8080), 
           new UsernamePasswordCredentials("username", "password"));
        httpclient.setState(state);

Would that work with SOCKS proxies as well or do I have to do something different?

Answer 1

Java supports Socks proxy configuration via preferences:

• socksProxyHost for the host name of the SOCKS proxy server
• socksProxyPort for the port number, the default value being 1080

e.g.

java -DsocksProxyHost=socks.mydomain.com

(edit) For your example, if the socks proxy was configured in the way outlined before:

httpclient.getHostConfiguration().setProxy("proxyserver.example.com", 8080);
Credentials cred = new UsernamePasswordCredentials("username","password");
httpclient.getState().setProxyCredentials(AuthScope.ANY, cred); 

You can also use this variant (without httpclient):

SocketAddress addr = new
InetSocketAddress("webcache.mydomain.com", 8080);
Proxy proxy = new Proxy(Proxy.Type.SOCKS, addr); // Type.HTTP for HTTP

So completing the previous example, we can now add:

URL url = new URL("http://java.sun.com/");
URConnection conn = url.openConnection(proxy);

HTH

Answer 2

The Features page of Apache HTTPClient says:

Transparent connections through SOCKS proxies (version 4 & 5) using native Java socket support.

With "transparent", I guess they mean that it works without you needing to do anything special. Do you have a SOCKS proxy available somewhere? Can't you just try it out to see if it works?

Answer 3

SOCKS is not supported by HttpClient 3 natively. You can try the SOCKS support in JDK as suggested by others. The side effect is that your whole JVM will go through the same SOCKS proxy.

Java 5 supports Username/Password authentication in SOCKS (type 2). All you have to do is to setup the authenticator like this,

Authenticator.setDefault(new Authenticator() {
    protected PasswordAuthentication getPasswordAuthentication() {
        return new PasswordAuthentication(username, password.toCharArray());
    }
});

Again, this may not work for you because it affects all authentication in your JVM (HTTP auth, Proxy Auth).

Answer 4

You can provide a custom socket factory which implements the SOCKS protocol, and register it as your default HTTP protocol handler. This solution has a limitation similar to tuergeist's answer above has - it applies globally, to any HTTP connection you'll establish through HttpClient.

If you find this a problem, take a look at this correspondence, where Oleg suggests using HttpClient 4.0, but also refers to a possible patch in HostConfiguration class for HttpClient 3.x.

Another possible solution, which is my personal favorite, is to write a wrapper HTTP proxy to the socks proxy.

Answer 5

I tried

System.setProperty("socksProxyHost", "socks.xyz.com");
System.setProperty("socksProxyPort", "1000");

and it's working fine.