Support proxy for connections to Enonic market

[aro]

Options:

• Add optional proxy settings to com.enonic.xp.market.cfg

  proxy.enabled=true
  proxy.host=42.42.42.42
  proxy.port=1234
  proxy.user=usr
  proxy.password=secret

• Use JVM command line parameter for options, if set

See https://docs.oracle.com/javase/8/docs/api/java/net/doc-files/net-properties.html

[sigdestad]

Hmm. But we already have a proxy setup for xp? Why would we want a different one for market?

[aro]

Do we? How? What is it used for?

[sigdestad]

Hmm.. I believe it is the default Java proxy config I'm referring to? What happens if you boot XP with this option set? Maybe it is not a good approach, as all requests are directed there? https://docs.oracle.com/javase/8/docs/technotes/guides/net/proxies.html

Also believe that lib-http-client uses this setting if it is available?

[aro]

The java proxy config is what I meant with the 2nd option above. This only applies for connections with the plain URL Java class, which is very basic. We use the OkHttp library, same as in lib-http-client. So we could read those settings and pass them to OkHttp, but it's not happening automatically.

The lib-http-client does not use the JVM settings either. We discussed using the JVM proxy settings in lib-http-client, but decided not to, if I remember correctly. I think the reason was that it might be a security hole. If you set the proxy config to access Enonic market, that would make any apps go through the same proxy. I think that in the environments where a proxy is required for outside connections, people want to have control. And then it's ok to have to configure it in more than one place.

[sigdestad]

You are probably right. Is there a way we could define a global proxy config that any app can load? Just to have this option over configuring the same setting over and over again?

[aro]

Ok. Let's just fix it so market requests work when passing the JVM proxy options. It's the easiest fix and does not affect any config or break anything else.

[sigdestad]

Yes, this is a quick fix to the problem and only affects market stuff?. We need to document it also!

[jsi]

Why does this issue have the "Not In Changelog" label?

I thought this came from a customer request, which is an especially good reason to have it in the changelog.

[aro]

@sigdestad You were right, I was wrong. This was working with standard JVM options already. OkHttp library is also using the proxy settings. I got confused when I tested it, because if it cannot find the proxy, it attempts a direct connection.

So we should just document it properly and close this issue.