Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-42711

Setting proxyUser and proxyPassword in the catalina.properties file breaks web proxy configuration

    XMLWordPrintable

Details

    Description

      Summary

      Setting proxyUser and proxyPassword in the catalina.properties file breaks web proxy configuration

      Environment

      • Any version of Confluence using SAL plugin 3.0.5
      • Confluence 5.9.5 in this case

      Steps to Reproduce

      1. Use the following configuration in catalina.properties 
        #web proxy settings
http.proxyHost=localhost
http.proxyPort=8888
http.nonProxyHosts=localhost
http.proxyUser=admin
http.proxyPassword=admin

        Does not need to be a valid proxy server as we are testing against the nonProxyHosts
        This problem also occurs if the proxy configuration is set in Confluence's setenv.sh rather than in catalina.properties

      1. Start Confluence
      2. Start JIRA on the same server
      3. Attempt to create application link to the Confluence server using the localhost address

      Expected Results

      The link should be created despite the invalid proxy configuration as localhost is whitelisted in http.nonProxyHost

      Actual Results

      The below exception is thrown in the atlassian-confluence.log file:

      2016-01-28 21:26:05,565 INFO [http-nio-8085-exec-22] [AccessLogFilter] admin GET http://10.60.3.18:8090/confluence/rest/applinks/3.0/manifest.json?_=1453987487624 348848kb
2016-01-28 21:26:05,578 ERROR [http-nio-8085-exec-21] [CreateApplicationLinkUIResource] Exception thrown while retrieving manifest
com.google.common.util.concurrent.UncheckedExecutionException: java.lang.IllegalStateException: org.apache.http.auth.MalformedChallengeException: Authentication challenge is empty
	at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2203)
	at com.google.common.cache.LocalCache.get(LocalCache.java:3937)
	at com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:3941)
	at com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:4824)

      Notes

      Removing the the username and password field, despite using an invalid proxy ip and port, works as localhost is whitelisted as nonProxyHosts

      Workaround

      Since the problem only affects configurations in which a proxy is used that requires credentials to be provided, a potential workaround is to change the configuration of the proxy server such that it allows connections from the IP address of the machine that Confluence is running on without requiring credentials.

      Suggested Resolution

      Fix SAL-350 and bundle the newest version of that plugin into Confluence.

      Attachments

        Issue Links

          is caused by

          SAL-350 Loading...

          Activity

            People

              dunterwurzacher Denise Unterwurzacher [Atlassian] (Inactive)
              dponzio Daniel Ponzio
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: