If the HTTP proxy supports multiple authentication methods, the second one doesn't seem to work properly. For example, if the proxy responds with these headers:

HTTP/1.0 407 Proxy Authentication Required
Date: Fri, 14 Mar 2008 00:28:18 GMT
Content-Length: 938
Content-Type: text/html
Server: NetCache appliance (NetApp/5.6.2D12)
Proxy-Authenticate: NTLM
Proxy-Authenticate: Basic realm="Enter your ID and PASSWORD"

Confluence attempts the NTLM first (with the patch from CONF-2326), followed by the Basic authentication once the NTLM fails. But this doesn't seem to work for this particular proxy.

This occurs with the normal configuration of a HTTP proxy in Confluence with the following system properties:

-Dhttp.proxyHost=proxy.example.org  -Dhttp.proxyPort=8080 -Dhttp.proxyUser=userid -Dhttp.proxyPassword=password 

This bug affects the RSS macro and any other outbound HTTP connections.

Apache's HttpClient doc: http://hc.apache.org/httpclient-3.x/authentication.html#Proxy_Authentication