File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Tomcat and the fly likes Tomcat behind proxy must access to 2 different webservices Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Tomcat behind proxy must access to 2 different webservices" Watch "Tomcat behind proxy must access to 2 different webservices" New topic

Tomcat behind proxy must access to 2 different webservices

Adrien Ruffie
Ranch Hand

Joined: Jan 14, 2009
Posts: 92
Hello all I have a problem,

my application run on tomcat is behind a proxy, so I have set in or during tomcat launching these properties:


My application use 2 different webservices, one need a password and other don't need the provided password. But when I provide
proxy password, the webservice which don't need password fail.

And if I don't provide password the webservice which need, fail in its turn ... with following error:

Proxy Authentication Required (407) - Unauthorized
at org.restlet.resource.ClientResource.handle(

Some people have an idea ?

Thank you.

Best regards Adryen

Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 17417

I don't quite understand, but it sounds like there are 4 servers involved here:

1. A proxy server linking to Tomcat
2. The tomcat server
3. webservices server #1
4. webservices server #2

It seems to sound like maybe webservices server #1 also is fronted by a proxy server, possibly the same one proxying for Tomcat, but possibly not, but in either event, requiring proxy credentials. Whether webservices server #2 is proxied doesn't matter, since there are no proxy-related credentials.

I don't think Tomcat itself has any specific parameters that have to be set to make it proxied. At least in my case there aren't, although I let Tomcat handle its own security, not my proxy server.

For the web services, what really counts is what security credentials are supplied when the web services are invoked. That is being done by the webapp, and part of the application program's logic should be to supply whatever security tokens are needed as part of their interfaces to the web services. Thus, it is the responsibility to ensure that suitable security tokens are provided on a per-server basis when invoking foreign (webservices) servers.

An IDE is no substitute for an Intelligent Developer.
I agree. Here's the link:
subject: Tomcat behind proxy must access to 2 different webservices
It's not a secret anymore!