Proxies with basic authorization do not work in Unirest 4

[KostyantynFT]

Proxies with basic authorization do not work in Unirest 4 but works fine in 3.14.1.

It looks like the native Java client does not work correctly.

I setup a squid server with basic authorization.

Requests via Postman or Insomnia works fine.

But credentials are not provided when working via Unirest 4.4.4. So the proxy server returns the 407 error.

Here is the squid log. The first entry - a request with Unirest 3.14.1 - the user name is provided (ftproxy). The second entry - a request with Unirest 4.4.4 - the user name is empty and the request is denied.

1729865365.856   1801 46.119.153.187 TCP_TUNNEL/200 56545 CONNECT github.com:443 ftproxy HIER_DIRECT/140.82.113.4 -
1729865417.937      0 46.119.153.187 TCP_DENIED/407 3992 CONNECT github.com:443 - HIER_NONE/- text/html

Code:

        Unirest.config().proxy("11.11.11.11", 3128, "ftproxy", "**************");

                final GetRequest request = Unirest.get("https://github.com/");

        logger.info("Request URL: {}", request.getUrl());
        logger.info("Request headers: {}", request.getHeaders());

        final HttpResponse<JsonNode> jsonResponse = request.asJson();

        logger.info("Status: {}, StatusText: {}", jsonResponse.getStatus(), jsonResponse.getStatusText());

        logger.info("Response headers: {}", jsonResponse.getHeaders());

Log:

17:15:01 INFO  ProxyConnect - Request URL: https://github.com/
17:15:02 INFO  ProxyConnect - Request headers: 
17:15:03 INFO  ProxyConnect - Status: 407, StatusText: 
17:15:03 INFO  ProxyConnect - Response headers: cache-status: http-proxy**********************
connection: keep-alive
content-language: en
content-length: 3511
content-type: text/html;charset=utf-8
date: Fri, 25 Oct 2024 14:15:04 GMT
mime-version: 1.0
proxy-authenticate: Basic realm="proxy"
server: squid/6.6
vary: Accept-Language
via: 1.1 http-proxy.***************** (squid/6.6)
x-squid-error: ERR_CACHE_ACCESS_DENIED 0

[ryber]

Hi @KostyantynFT thanks for posting this. Can I asked if you can try the following. Before you make the request, set the following properties with your values:

        System.setProperty("http.proxyUser", "my-username");
        System.setProperty("http.proxyPassword", "**************");
        System.setProperty("jdk.http.auth.tunneling.disabledSchemes", "");

[KostyantynFT]

Yes, it works.

But I do not think we can use this approach. We have a big web-app and we call many different web-services and only for one of them we need to use a proxy (I spawn a Unirest instance for that).

At the moment I just added Unirest 3.14.1 to the pom, so we have both dependencies (3 and 4) and for these calls via proxy I use the old classes from kong.unirest.* packages. I think it should work this way.

[ryber]

Unfortunately this seems to be a limitation with Java itself

[KostyantynFT]

I think it would be useful to be able to select which client to use on creating/spawning Unirest - Java or Apache. The Apache client in 3.14.1 works perfectly. It is not very good to use a library that does not do so simple and common thing as proxy authentication.

[ryber]

Apache 4 does not support all the new features we need like HTTP2, and Websockets. Apache 5's async model is fully reactive and is incompatible with the way Unrest wants to do async, so it has never been able to "fit" as an engine.