Electronic update fails when using using a HTTP proxy authenticated through LDAP
Electronic update fails when using using a HTTP proxy authenticated through LDAP
Symptoms:
An issue has been identified when using the 'httpclient.proxy-autodetect=false' setting to force the system to use the HTTP proxy settings in core.proxy.server.properties and using a proxy server which authenticates via LDAP. When an electronic update is scheduled, the update fails with the following shown in core.update.log:
2019-01-11 11:38:57 ERROR[http-bio-8888-exec-8][UpdateServiceImpl]java.net.UnknownHostException: updates.palamida.com 2019-01-11 11:38:57 ERROR[http-bio-8888-exec-8][UpdateServiceImpl]Error checking for updates com.palamida.appsec.BusinessException: Error download from HTTPS: updates.palamida.com at com.palamida.appsec.service.impl.UpdateServiceImpl.downloadHTTPS(UpdateServiceImpl.java:1449) at com.palamida.appsec.service.impl.UpdateServiceImpl.downloadFromUpdatesHTTPS(UpdateServiceImpl.java:1386) at com.palamida.appsec.service.impl.UpdateServiceImpl.isManifestFileAvailable(UpdateServiceImpl.java:1216) at com.palamida.appsec.service.impl.UpdateServiceImpl$$FastClassBySpringCGLIB$$33823c93.invoke(<generated>) at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
Diagnosis:
By default Oracle Java disables Basic authentication when proxying HTTPS as follows:
Customers wishing to setup HTTPS proxy authentication can enable "Basic" authentication by removing the Basic from following property in the CATALINA_OPTS variable of the catalina.* file located at <Install Dir>/tomcat/bin/catalina.*
