Hi Oleg, Thanks for the info. I don't think #1 is possible unless I types uid/pwd wrong for 100s of time I tested and typed them correctly when browser prompted me when it downloaded applet. I am not even able to do "Basic" authentication. I turned the TRACE on and found that HttpMethodDirectorauthenticateProxy(final HttpMethod method) Writes 2 of the following logs. LOG.debug("Authenticating with " + authscope); LOG.warn("Required proxy credentials not available for " + authscope); Here is the code snippet between 2 of the logs. if (authstate.isAuthRequested() || !authscheme.isConnectionBased()) { AuthScope authscope = new AuthScope( conn.getProxyHost(), conn.getProxyPort(), authscheme.getRealm(), authscheme.getSchemeName()); if (LOG.isDebugEnabled()) { LOG.debug("Authenticating with " + authscope); } Credentials credentials = this.state.getProxyCredentials(authscope); if (credentials != null) { String authstring = authscheme.authenticate(credentials, method); if (authstring != null) { method.addRequestHeader(new Header(PROXY_AUTH_RESP, authstring, true)); } } else { if (LOG.isWarnEnabled()) { LOG.warn("Required proxy credentials not available for " + authscope); if (method.getProxyAuthState().isPreemptive()) { LOG.warn("Preemptive authentication requested but no default " + "proxy credentials available"); } } } } It looks like Credentials credentials = this.state.getProxyCredentials(authscope); is returning null and that is why authentication is skipped. This is how I am passing Credentials. AuthScope authScope = new AuthScope(tunnelBean.getHost(), tunnelBean.getPort()); Credentials credentials = new NTCredentials(tunnelBean.getUserName(), tunnelBean.getPassword(), tunnelBean.getUserIp(), tunnelBean.getDomain()); proxyClient.getState().setProxyCredentials(authScope, credentials); Am I doing anything wrong here? I upgraded from 3.0.1 to 3.1 and now I am getting following error "ProxyClient Connect failed: secure protocol socket factory may not be used" Here is how I set host. proxyClient.getHostConfiguration().setHost(host, port, "https"); Jiggy. -----Original Message----- From: Oleg Kalnichevski [mailto:olegk@apache.org] Sent: Monday, August 11, 2008 1:48 PM To: HttpClient User Discussion Subject: Re: Need help with ProxyClient tunneling through authenticatingproxy On Fri, 2008-08-08 at 11:33 -0400, Jignesh Malkan wrote: > Hi, > > > > I am new to HttpClient and I am trying to open a Socket connection from > Applet to the Server tunneling through the ISA proxy. > > > > Proxy client works fine with Non-Authenticating Proxy but it fails when > I turn on "basic" or "Integrated" (NTLM) authentication. I have spent a > good amount of time and have not made much progress. So I decided to > call help from experts :-) > > > > I am using httpclient-3.0.1 and client machine will have a JRE version > >=1.5 > > > > Here is my code flow: > > 1. I detect proxy using ProxySelector.getDefault().select(new > URI(uri)); > 2. I set the System properties for https.proxySet=true, > https.proxyHost=proxyHost, https.proxyPort=proxyPort > 3. Next set these properties into TunnelBean and pass this to the > following method: > The most likely reasons are: (1) credentials are wrong (2) the proxy server has been configured to disallow NTLMv1. HttpClient 3.1 supports NTLMv1 only. It does not support NTLMv2. Oleg --------------------------------------------------------------------- To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org For additional commands, e-mail: httpclient-users-help@hc.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org For additional commands, e-mail: httpclient-users-help@hc.apache.org