Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ApacheHttpClient Proxy Authentication fails #5884

Open
1 task
urfuchs opened this issue Feb 17, 2025 · 1 comment · May be fixed by #5975
Open
1 task

ApacheHttpClient Proxy Authentication fails #5884

urfuchs opened this issue Feb 17, 2025 · 1 comment · May be fixed by #5975
Assignees
@bhoradc
Labels
bug This issue is a bug. p2 This is a standard priority issue

Comments

@urfuchs
Copy link

urfuchs commented Feb 17, 2025
edited
Loading

Describe the bug

Proxy Authentification fails with Status 407 when Proxy requires preemptive authentication.

My code:

SdkHttpClient httpClient = ApacheHttpClient.builder()
    .proxyConfiguration(ProxyConfiguration.builder()
        .endpoint(URI.create("http://proxy.example.com"))
        .username("username")
        .password("password")
        .preemptiveBasicAuthenticationEnabled(true)
        .build())
    .build();

SnsClient snsClient = SnsClient.builder()
    .httpClient(httpClient)
    .credentialsProvider(credentials)
    .region(Region.EU_CENTRAL_1)
    .build();

A request sent by this client fails with 407 when the proxy requires preemptive authentication.
It works fine when the proxy does not.

Regression Issue

  • Select this option if this issue appears to be a regression.

Expected Behavior

A request passes the proxy.

Current Behavior

software.amazon.awssdk.services.sns.model.SnsException: null (Service: Sns, Status Code: 407, Request ID: null)
	at software.amazon.awssdk.core.internal.http.CombinedResponseHandler.handleErrorResponse(CombinedResponseHandler.java:125)
	at software.amazon.awssdk.core.internal.http.CombinedResponseHandler.handleResponse(CombinedResponseHandler.java:82)
	at software.amazon.awssdk.core.internal.http.CombinedResponseHandler.handle(CombinedResponseHandler.java:60)
	at software.amazon.awssdk.core.internal.http.CombinedResponseHandler.handle(CombinedResponseHandler.java:41)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.HandleResponseStage.execute(HandleResponseStage.java:50)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.HandleResponseStage.execute(HandleResponseStage.java:38)

Reproduction Steps

SdkHttpClient httpClient = ApacheHttpClient.builder()
    .proxyConfiguration(ProxyConfiguration.builder()
        .endpoint(URI.create("http://proxy.example.com"))
        .username("username")
        .password("password")
        .preemptiveBasicAuthenticationEnabled(true)
        .build())
    .build();

SnsClient snsClient = SnsClient.builder()
    .httpClient(httpClient)
    .credentialsProvider(credentials)
    .region(Region.EU_CENTRAL_1)
    .build();

PublishRequest request = PublishRequest.builder()
    .message("Greetings")
    .topicArn("arn:aws:sns:eu-central-1:account:topic")
    .build();

PublishResponse publishResult = snsClient.publish(request);

Possible Solution

I found a possible reason in software.amazon.awssdk.http.apache.internal.utils.ApacheUtils.

The method addPreemptiveAuthenticationProxy contains:

BasicScheme basicAuth = new BasicScheme();
authCache.put(targetHost, basicAuth);

I added a challenge and now it works:

BasicScheme basicAuth = new BasicScheme();
basicAuth.processChallenge(new BasicHeader(AUTH.PROXY_AUTH, "BASIC realm=default"));
authCache.put(targetHost, basicAuth);

Additional Information/Context

No response

AWS Java SDK version used

2.30.17

JDK version used

openjdk version "21.0.4" 2024-07-16 LTS

Operating System and version

Linux rodeoarch 6.12.4-arch1-1
@urfuchs urfuchs added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Feb 17, 2025
@bhoradc bhoradc removed the needs-triage This issue or PR still needs to be triaged. label Mar 5, 2025
@bhoradc bhoradc self-assigned this Mar 5, 2025
@bhoradc bhoradc added the p2 This is a standard priority issue label Mar 5, 2025
@pilec
Copy link

pilec commented Mar 20, 2025

Thank you a lot! I headed into completely the same issue and your resolution fix that.

urfuchs added a commit to urfuchs/aws-sdk-java-v2 that referenced this issue Mar 20, 2025
@urfuchs
fix issue aws#5884
047a9fa
@urfuchs urfuchs linked a pull request Mar 20, 2025 that will close this issue
Draft
12 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bhoradc bhoradc

Labels
bug This issue is a bug. p2 This is a standard priority issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix issue #5884: fix preemptive authentication urfuchs/aws-sdk-java-v2
3 participants
@pilec @urfuchs @bhoradc