Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-3350

Connect to update center via HTTP proxy that requires NTLM authentication

XMLWordPrintable

    • Icon: Improvement Improvement
    • Resolution: Unresolved
    • Icon: Major Major
    • plugin-proposals
    • None
    • Platform: All, OS: All

      Our company uses a proxy server that requires NTLM authentication for accessing the internet. We are running hudson on
      Windows XP.

      Even when I provide login and password in the "advanced" section of "manage plugins" I get:

      Preparation
      Checking internet connectivity
      Checking java.net connectivity
      java.io.IOException: Unable to tunnel through proxy. Proxy returns "HTTP/1.1 403 Forbidden" at
      sun.net.www.protocol.http.HttpURLConnection.doTunneling(HttpURLConnection.java:1472) at
      sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:164) at
      sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1026) at
      sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234) at
      hudson.model.UpdateCenter$UpdateCenterConfiguration.testConnection(UpdateCenter.java:637) at
      hudson.model.UpdateCenter$UpdateCenterConfiguration.checkUpdateCenter(UpdateCenter.java:514) at
      hudson.model.UpdateCenter$ConnectionCheckJob.run(UpdateCenter.java:677) at
      java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441) at
      java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303) at
      java.util.concurrent.FutureTask.run(FutureTask.java:138) at
      java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) at
      java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) at java.lang.Thread.run(Thread.java:619)
      Cobertura Plugin
      Failure
      java.io.IOException: Unable to tunnel through proxy. Proxy returns "HTTP/1.1 403 Forbidden"
      at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
      at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
      at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
      at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
      at sun.net.www.protocol.http.HttpURLConnection$6.run(HttpURLConnection.java:1345)
      at java.security.AccessController.doPrivileged(Native Method)
      at sun.net.www.protocol.http.HttpURLConnection.getChainedException(HttpURLConnection.java:1339)
      at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:993)
      at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
      at hudson.model.UpdateCenter$UpdateCenterConfiguration.download(UpdateCenter.java:563)
      at hudson.model.UpdateCenter$DownloadJob.run(UpdateCenter.java:754)
      at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441)
      at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
      at java.util.concurrent.FutureTask.run(FutureTask.java:138)
      at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
      at java.lang.Thread.run(Thread.java:619)
      Caused by: java.io.IOException: Unable to tunnel through proxy. Proxy returns "HTTP/1.1 403 Forbidden"
      at sun.net.www.protocol.http.HttpURLConnection.doTunneling(HttpURLConnection.java:1472)
      at
      sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:164)
      at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1026)
      at sun.net.www.protocol.http.HttpURLConnection.getHeaderField(HttpURLConnection.java:2107)
      at java.net.URLConnection.getHeaderFieldInt(URLConnection.java:579)
      at java.net.URLConnection.getContentLength(URLConnection.java:474)
      at sun.net.www.protocol.https.HttpsURLConnectionImpl.getContentLength(HttpsURLConnectionImpl.java:378)
      at hudson.model.UpdateCenter$UpdateCenterConfiguration.download(UpdateCenter.java:562)
      ... 7 more

      I have tried to prefix the login with the NT domain or not. It makes no difference. Googling around didn't provide any
      information about this issue. Someway hudson (java?) doesn't provide the right authentication information.

      Anyway we tried to deploy the same Hudson on Windows host where the logged user is allowed to access the internet through
      the proxy and it worked.

      Another interesting insight: we are running artifactory on the same host as the "failing" hudson. There you can provide
      login, password, and domain. In this case it works.

      So it seems that the issue is related in someway to the domain that seems not provided properly to the proxy server
      (BlueCoat).

      Any clues to push debugging further?

            Unassigned Unassigned
            jmborer jmborer
            Votes:
            10 Vote for this issue
            Watchers:
            11 Start watching this issue

              Created:
              Updated: