Run bot from behind a proxy with auth

[arkadiyk]

I am trying to run a bot from my company intranet which allows connection ONLY through proxy with authorization.

While the Sample bot seems to be taking into account the -Dhttps.proxyHost and -Dhttps.proxyPort it does not -Dhttps.proxyUser and -Dhttps.proxyPassword

Our proxy also rewrite https certs but I have the company cert trusted in the global keystore and mvn and other Java tools work just fine.

[maoo]

Hi @arkadiyk , we may need to change Utils.getSymphonyClient() in order to support that.

We could use a CustomHttpClient only if JVM proxy params are specified, otherwise use the existing approach; what do you think? See more on https://github.com/symphonyoss/symphony-java-client/issues/49#issuecomment-284516753

I'll give it a try this weekend, unless you want to do some testing on your side and let us know.

Thanks for the feedback!

[arkadiyk]

Thanks @maoo! Following the issue comments did let me do big step forward :smiley:

I bumped into another company restriction though. Only ports 80 and 433 are allowed to go out of the intranet. Both UAT and PROD Symphony API servers are running on 8444.

[maoo]

Glad I could help @arkadiyk

Re. the issue you mention, I think you have 3 options; it's up to you to decide which ones to chase and in which order:

1. Setup a AWS/Heroku (or any other public hosting) with an Apache/Nginx/HAproxy/Varnish reverse proxy that points to the 8444 Symphony endpoints and exposes them on default port (443) ; I'd consider this approach temporary and to use in combination of other approaches listed below
2. Ask Symphony support to use 443 port to expose endpoints (as we did for all our Foundation pods, dev and production)
3. Ask your network administrator to whitelist a port/host to connect to

[maoo]

Hi @arkadiyk I think we can close this one, feel free to reopen if you want to follow up the conversation.