The problem came up at least twice so far on our Java Studio Creator Forum. How can the application server use a proxy to connect to remote webservices etc when the proxy setup requires user authentication?
It looks like the normal Java SE 5 JDK does not provide any system properties alongside http.proxyHost and friends. At least I could not find any reference in the official documentation.
I think I found a way;-) But – I can not test it!! I don’t have a proxy setup which requires authentication. I did some tests with normal web site authentication and those seemed to work as expected;-)
This will only work with Java SE 5 or newer! In that version java.net.Authenticator changed a bit so that I can distinguish between authentication requests from normal servers and from proxies.
The Authenticator is not hard to write, I wrote one which takes additional system properties, http.proxyUserName, http.proxyPassword and the https.* versions. You can also write one which will find that information in a file or from LDAP if you like. In a development environment you could even bring up a dialog;-) But that will not work for headless systems;-)
The trick is, you have to get a default Authenticator registered with the jvm which runs the application server. That turned out to be a bit harder. I did not find any hook where I could execute some code in the global server at startup (or at least before the first connection attempt to the proxy). You can’t add it to normal applications, the SecurityManager will not let you do that:-(
My solution to the problem was a little jar file in the boot classpath;-) I took the java.net.Authenticator source from the JDK src.zip and added a little static bit to it;-) Something like
That will make sure, my Authenticator will be the default one;-) If something later overwrites it, that’s ok I guess.
So when a proxy server (or a web server) asks for authentication, my code will be invoked and I can do whatever I need to get the username and password;-)
To use this approach, add the following into the domain.xml in your application server.