Jetty Logo
Version: 9.4.7.v20170914
Contact the core Jetty developers at www.webtide.com

private support for your internal/customer projects ... custom extensions and distributions ... versioned snapshots for indefinite support ... scalability guidance for your apps and Ajax/Comet projects ... development services for sponsored feature development

Proxy Support

Proxy Authentication Support

Jetty’s HTTP client can be configured to use proxies to connect to destinations.

Two types of proxies are available out of the box: a HTTP proxy (provided by class org.eclipse.jetty.client.HttpProxy) and a SOCKS 4 proxy (provided by class org.eclipse.jetty.client.Socks4Proxy). Other implementations may be written by subclassing ProxyConfiguration.Proxy.

The following is a typical configuration:

ProxyConfiguration proxyConfig = httpClient.getProxyConfiguration();
HttpProxy proxy = new HttpProxy("proxyHost", proxyPort);

// Do not proxy requests for localhost:8080
proxy.getExcludedAddresses().add("localhost:8080");

// add the new proxy to the list of proxies already registered
proxyConfig.getProxies().add(proxy);

ContentResponse response = httpClient.GET(uri);

You specify the proxy host and port, and optionally also the addresses that you do not want to be proxied, and then add the proxy configuration on the ProxyConfiguration instance.

Configured in this way, HttpClient makes requests to the HTTP proxy (for plain-text HTTP requests) or establishes a tunnel via HTTP CONNECT (for encrypted HTTPS requests).

Proxy Authentication Support

Jetty’s HTTP client support proxy authentication in the same way it supports server authentication.

In the example below, the proxy requires Basic authentication, but the server requires Digest authentication, and therefore:

URI proxyURI = new URI("http://proxy.net:8080");
URI serverURI = new URI("http://domain.com/secure");

AuthenticationStore auth = httpClient.getAuthenticationStore();

// Proxy credentials.
auth.addAuthentication(new BasicAuthentication(proxyURI, "ProxyRealm", "proxyUser", "proxyPass"));

// Server credentials.
auth.addAuthentication(new DigestAuthentication(serverURI, "ServerRealm", "serverUser", "serverPass"));

// Proxy configuration.
ProxyConfiguration proxyConfig = httpClient.getProxyConfiguration();
HttpProxy proxy = new HttpProxy("proxy.net", 8080);
proxyConfig.getProxies().add(proxy);

ContentResponse response = httpClient.newRequest(serverURI)
        .send()
        .get(5, TimeUnit.SECONDS);

The HTTP conversation for successful authentications on both the proxy and the server is the following:

Application  HttpClient                         Proxy                    Server
     |           |                                |                         |
     |--- GET -->|------------- GET ------------->|                         |
     |           |                                |                         |
     |           |<----- 407 + Proxy-Authn -------|                         |
     |           |                                |                         |
     |           |------ GET + Proxy-Authz ------>|                         |
     |           |                                |                         |
     |           |                                |---------- GET --------->|
     |           |                                |                         |
     |           |                                |<--- 401 + WWW-Authn ----|
     |           |                                |                         |
     |           |<------ 401 + WWW-Authn --------|                         |
     |           |                                |                         |
     |           |-- GET + Proxy-Authz + Authz -->|                         |
     |           |                                |                         |
     |           |                                |------ GET + Authz ----->|
     |           |                                |                         |
     |<-- 200 ---|<------------ 200 --------------|<--------- 200 ----------|

The application does not receive events related to the responses with code 407 and 401 since they are handled internally by HttpClient.

Similarly to the authentication section, the proxy authentication result and the server authentication result can be preempted to avoid, respectively, the 407 and 401 roundtrips.

See an error or something missing? Contribute to this documentation at Github!(Generated: 2017-09-14)