JBoss behind corporate NTLM proxy - remote requests failing.

Posted on

Our JBoss machine is behind an Windows NTLM authenticating proxy. There is one particular war file that is communicating with Microsoft Azure to upload blobs. The problem is that the request is failing because it is not authenticated.

I want all http/https traffic generated from any war applications running in the JBoss container to use the JBoss proxy settings.

I tried setting the http.auth.ntlm.domain but it didn't work.

http.auth.ntlm.domain=OURDOMAIN
http.username=ouruser
http.password=password
http.nonProxyHosts=localhost
http.proxyHost=our-proxy.co
http.proxyPort=8080
https.username=ouruser
https.password=password
https.nonProxyHosts=localhost
https.proxyHost=our-proxy.co
https.proxyPort=8080

Instead I have installed CNTLM which is a proxy that allows you to communicate through an NTLM Windows proxy server from a NON Windows environment, the proxy runs on localhost:3128. We use this on other linux machines so I know this works.

I have set the following JBoss system properties (CNTLM runs on localhost:3128).

http.nonProxyHosts=localhost
http.proxyHost=localhost
http.proxyPort=3128
https.nonProxyHosts=localhost
https.proxyHost=localhost
https.proxyPort=3128

But that sill does not work either, the http request continues to fail. I have checked that the CNTLM proxy is working using wget and specifying the proxy and am able to make remote requests correctly.

Is is possible to authenticate requests made from a JBoss server through a NTLM Windows proxy without using a third party product like CNTLM?
How to I configure JBoss to route all http/https traffic through my CNTLM proxy?

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.