Java Web Start: Unable to tunnel through proxy since Java 8 Update 111

java https proxy java-web-start tunneling
30,786

Solution 1

I found out that there is one way, but not in the hands of the developer: The user can add 

-Djdk.http.auth.tunneling.disabledSchemes=""

for Java 8 in Java Control Panel → Java → View... → Runtime Parameters

for Java 9 in Java Control Panel → Desktop Settings → Runtime Parameters

Solution 2

Beside the answer of mbee one can also configure this in the net.properties file of the jre:

C:\Program Files (x86)\Java\jre1.8.0_131\lib\net.properties

Currently last line 100 need to be commented out:

Before:

 #jdk.http.auth.proxying.disabledSchemes=
 jdk.http.auth.tunneling.disabledSchemes=Basic

After:

 #jdk.http.auth.proxying.disabledSchemes=
 #jdk.http.auth.tunneling.disabledSchemes=Basic

Note that both answers need to be repeated after a Java Update, although the Java Auto Update is deactivated with Basic Internet Proxy Authentication.

Solution 3

If you require to do this at runtime you can set the value of the jdk.http.auth.proxying.disabledSchemes property by adding

System.setProperty("jdk.http.auth.tunneling.disabledSchemes", "");

to the main method of your application.

Share:
30,786
Marcus
Author by

Marcus

My interests include usability of websites and other products software development in Java and in Scala web technologies

Updated on July 09, 2022

Comments

  • Marcus
    Marcus almost 2 years

    Some of our customers cannot run our Java Web Start client anymore since Java 8 Update 111. They get:

    java.io.IOException: Unable to tunnel through proxy. Proxy returns "HTTP/1.1 407 Proxy Authentication Required

    Looks like it has to do with this change:

    Now, proxies requiring Basic authentication when setting up a tunnel for HTTPS will no longer succeed by default. If required, this authentication scheme can be reactivated by removing Basic from the jdk.http.auth.tunneling.disabledSchemes networking property, or by setting a system property of the same name to "" ( empty ) on the command line.

    Is there any way if customers are not willing to change their proxy authentication method?

    Note: Adding <property name="jdk.http.auth.tunneling.disabledSchemes" value=""/> to <resources> of the JNLP has no effect. This is because only a few properties are supported this way (there is a list near the bottom of this page). "jdk.http.auth.tunneling.disabledSchemes" is not among them.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

creating a Java Proxy Server that accepts HTTPS
How to configure a proxy server for both HTTP and HTTPS in Maven's settings.xml?
How to remove JVM property "https.proxyHost"?
Apache HttpClient exception PKIX path building failed
Scrapy using pool of random proxies to avoid being banned
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
Flutter https with self signed certificate
git error: RPC failed; HTTP 502 curl 22 The requested URL returned error: 502 Proxy Error
Python urllib2 HTTPS and proxy NTLM authentication
How to enable TLSv1.2 in JAVA 7u80 client