Some of our customers cannot run our Java Web Start client anymore since Java 8 Update 111. They get:
java.io.IOException: Unable to tunnel through proxy. Proxy returns "HTTP/1.1 407 Proxy Authentication Required
Looks like it has to do with this change:
Now, proxies requiring Basic authentication when setting up a tunnel for HTTPS will no longer succeed by default. If required, this authentication scheme can be reactivated by removing Basic from the jdk.http.auth.tunneling.disabledSchemes networking property, or by setting a system property of the same name to "" ( empty ) on the command line.
Is there any way if customers are not willing to change their proxy authentication method?
Note: Adding <property name="jdk.http.auth.tunneling.disabledSchemes" value=""/>
to <resources>
of the JNLP has no effect. This is because only a few properties are supported this way (there is a list near the bottom of this page). "jdk.http.auth.tunneling.disabledSchemes" is not among them.
I found out that there is one way, but not in the hands of the developer: The user can add
-Djdk.http.auth.tunneling.disabledSchemes=""
for Java 8 in Java Control Panel → Java → View... → Runtime Parameters
for Java 9 in Java Control Panel → Desktop Settings → Runtime Parameters
Beside the answer of mbee one can also configure this in the net.properties
file of the jre:
C:\Program Files (x86)\Java\jre1.8.0_131\lib\net.properties
Currently last line 100 need to be commented out:
Before:
#jdk.http.auth.proxying.disabledSchemes=
jdk.http.auth.tunneling.disabledSchemes=Basic
After:
#jdk.http.auth.proxying.disabledSchemes=
#jdk.http.auth.tunneling.disabledSchemes=Basic
Note that both answers need to be repeated after a Java Update, although the Java Auto Update is deactivated with Basic Internet Proxy Authentication.
If you require to do this at runtime you can set the value of the jdk.http.auth.proxying.disabledSchemes property by adding
System.setProperty("jdk.http.auth.tunneling.disabledSchemes", "");
to the main method of your application.
I had this issue too while trying to access an external SOAP Webservice trough a Proxy-Server using BASIC-Authentification for an application running on Apache Tomcat.
Setting the property programmatically (System.setProperty("jdk.http.auth.tunneling.disabledSchemes", "");) during application initialization did not work. It had to be set as VM-Argument or (not very nice way of course :)) in [JRE_HOME]\lib\net.properties.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With