Loading
Salesforce から送信されるメールは、承認済ドメインからのみとなります続きを読む

How to deal with HTTP Requester returning 407 HTTP error status when sitting behind a proxy with BASIC authentication on JVM HotSpot 8u111+

公開日: Jul 24, 2025
解決策

SYMPTOM

When attempting to deploy an application with an HTTP Requester or a WebService Consumer, which:

- Has an HTTPS URL configured.
- Sits behind a proxy server with BASIC ( username / password ) authentication, so Proxy tab is configured with proxy details (username / password /host /port).
- JVM under which mule runtime is running is HotSpot 8u111 or higher.

 Under these conditions, then the deployment fails to start due to the following exception being raised at mule startup: 
 org.mule.module.launcher.DeploymentInitException: IOException: Unable to tunnel through proxy. Proxy returns "HTTP/1.0 407 Proxy Authentication Required"
        at org.mule.module.launcher.application.DefaultMuleApplication.init(DefaultMuleApplication.java:205) ~[mule-module-launcher-3.8.0.jar:3.8.0]
        at org.mule.module.launcher.artifact.ArtifactWrapper$2.execute(ArtifactWrapper.java:63) ~[mule-module-launcher-3.8.0.jar:3.8.0]
        at org.mule.module.launcher.artifact.ArtifactWrapper.executeWithinArtifactClassLoader(ArtifactWrapper.java:136) ~[mule-module-launcher-3.8.0.jar:3.8.0]
        at org.mule.module.launcher.artifact.ArtifactWrapper.init(ArtifactWrapper.java:58) ~[mule-module-launcher-3.8.0.jar:3.8.0]
        at org.mule.module.launcher.DefaultArtifactDeployer.deploy(DefaultArtifactDeployer.java:25) ~[mule-module-launcher-3.8.0.jar:3.8.0]
        at org.mule.module.launcher.DefaultArchiveDeployer.guardedDeploy(DefaultArchiveDeployer.java:324) ~[mule-module-launcher-3.8.0.jar:3.8.0]
        at org.mule.module.launcher.DefaultArchiveDeployer.deployArtifact(DefaultArchiveDeployer.java:345) ~[mule-module-launcher-3.8.0.jar:3.8.0]
        at org.mule.module.launcher.DefaultArchiveDeployer.deployExplodedApp(DefaultArchiveDeployer.java:311) ~[mule-module-launcher-3.8.0.jar:3.8.0]
        at org.mule.module.launcher.DefaultArchiveDeployer.deployExplodedArtifact(DefaultArchiveDeployer.java:114) ~[mule-module-launcher-3.8.0.jar:3.8.0]
        at org.mule.module.launcher.DeploymentDirectoryWatcher.deployExplodedApps(DeploymentDirectoryWatcher.java:290) ~[mule-module-launcher-3.8.0.jar:3.8.0]
        at org.mule.module.launcher.DeploymentDirectoryWatcher.start(DeploymentDirectoryWatcher.java:151) ~[mule-module-launcher-3.8.0.jar:3.8.0]
        at org.mule.module.launcher.MuleDeploymentService.start(MuleDeploymentService.java:104) ~[mule-module-launcher-3.8.0.jar:3.8.0]
        at org.mule.module.launcher.MuleContainer.start(MuleContainer.java:170) ~[mule-module-launcher-3.8.0.jar:3.8.0]
 
When you try to consume the external service by using an external tool like wget or curl, configured to go through the proxy, the invocation succeeds and a 200 response code is returned, so no problems neither on the proxy server side nor the invoked external service. The problem is on the consumer.

CAUSE

Starting with HotSpot JVM 8u111, Oracle has disabled basic proxy authentication by default on the JVM when HTTPS protocol is being used, for security reasons.

In some environments, certain authentication schemes may be undesirable when proxying HTTPS. Accordingly, the Basic authentication scheme has been deactivated, by default, in the Oracle Java Runtime
Now, proxies requiring Basic authentication when setting up a tunnel for HTTPS will no longer succeed by default.

http://www.oracle.com/technetwork/java/javase/8u111-relnotes-3124969.html

SOLUTION

Edit your $MULE_HOME/conf/wrapper.conf file, and add the following argument:

wrapper.java.additional.<n>=-Djdk.http.auth.tunneling.disabledSchemes=""

Replace <n> with the corresponding  java parameter sequential number.
 
Restart your mule instance for this change to take effect.
ナレッジ記事番号

001123768

 
読み込み中
Salesforce Help | Article