I am trying to connect to a HTTPS URL from my java program through a proxy. The proxy server is also created by me using jetty library which runs in a different machine. In my proxy server I need to validate the incoming Proxy-Authorization header in my ConnectHandler. However I am not to get the Proxy-Authorization header passed with Https URL.
My code is as follows:
String https_url = "https://www.google.com/";
URL url;
try {
String host = "my-proxy-server.com";
SocketAddress addr = new InetSocketAddress(host, 8888);
Proxy proxy = new Proxy(Proxy.Type.HTTP, addr);
url = new URL(https_url);
HttpsURLConnection con = (HttpsURLConnection)url.openConnection(proxy);
String authHeader = "Basic " + new String(Base64.getEncoder().encode(new String("admin" + ":" + "admin").getBytes("UTF-8")));
con.setRequestProperty("Proxy-Authorization", authHeader);
con.connect();
con.disconnect();
} catch (MalformedURLException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
In my jetty based proxy server's ConnectHandler, I am printing out the headers and Proxy-Authorization is not one of the headers. It only prints the following header, Accept, User-Agent, Host, Proxy-Connection
I have tried all potential solutions in other stackoverflow posts, the most common being running the program with the following env variable, but it still doesnt work.
java -Dhttp.auth.preference=basic -Djdk.http.auth.tunneling.disabledSchemes=
Also I have updated it in jre/lib/net.properties
jdk.http.auth.proxying.disabledSchemes=
jdk.http.auth.tunneling.disabledSchemes=
I have also tried the approach to set the default authenticator
Authenticator.setDefault( new Authenticator() {
@Override
protected PasswordAuthentication getPasswordAuthentication() {
if (getRequestorType().equals( RequestorType.PROXY )) {
return new PasswordAuthentication( userid, password.toCharArray() );
}
return super.getPasswordAuthentication();
}
});
}
With above approach getPasswordAuthentication does not get called during the initial CONNECT request to the proxy. If I hack my proxy server to return true in the handleAuthentication of my CONNECT Handler even if the proxy authorization header is not found, then I noticed getPasswordAuthentication gets called during actual call to htts://www.google.com, after the CONNECT response has returned.
Debugging through the decompiled code it seems, AuthenticationInfo.getProxyAuth is returning null which is why the proxy authorization header is not set. The AuthCache which is backed up by a Hashtable is empty. However not sure how this AuthCache is populated.
I am using JDK 1.8 java version "1.8.0_202"
Any help greatly appreciated.