Java Web Start: Unable to tunnel through proxy since Java 8 Update 111
Solution 1
I found out that there is one way, but not in the hands of the developer: The user can add
-Djdk.http.auth.tunneling.disabledSchemes=""
for Java 8 in Java Control Panel → Java → View... → Runtime Parameters
for Java 9 in Java Control Panel → Desktop Settings → Runtime Parameters
Solution 2
Beside the answer of mbee one can also configure this in the net.properties
file of the jre:
C:\Program Files (x86)\Java\jre1.8.0_131\lib\net.properties
Currently last line 100 need to be commented out:
Before:
#jdk.http.auth.proxying.disabledSchemes=
jdk.http.auth.tunneling.disabledSchemes=Basic
After:
#jdk.http.auth.proxying.disabledSchemes=
#jdk.http.auth.tunneling.disabledSchemes=Basic
Note that both answers need to be repeated after a Java Update, although the Java Auto Update is deactivated with Basic Internet Proxy Authentication.
Solution 3
If you require to do this at runtime you can set the value of the jdk.http.auth.proxying.disabledSchemes property by adding
System.setProperty("jdk.http.auth.tunneling.disabledSchemes", "");
to the main method of your application.
Marcus
My interests include usability of websites and other products software development in Java and in Scala web technologies
Updated on July 09, 2022Comments
-
Marcus almost 2 years
Some of our customers cannot run our Java Web Start client anymore since Java 8 Update 111. They get:
java.io.IOException: Unable to tunnel through proxy. Proxy returns "HTTP/1.1 407 Proxy Authentication Required
Looks like it has to do with this change:
Now, proxies requiring Basic authentication when setting up a tunnel for HTTPS will no longer succeed by default. If required, this authentication scheme can be reactivated by removing Basic from the jdk.http.auth.tunneling.disabledSchemes networking property, or by setting a system property of the same name to "" ( empty ) on the command line.
Is there any way if customers are not willing to change their proxy authentication method?
Note: Adding
<property name="jdk.http.auth.tunneling.disabledSchemes" value=""/>
to<resources>
of the JNLP has no effect. This is because only a few properties are supported this way (there is a list near the bottom of this page). "jdk.http.auth.tunneling.disabledSchemes" is not among them.