Win a copy of Design for the Mind this week in the Design forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Kerberos authentication with Proxy server is failing with JRE 1.6.0_30

Deepak Kumar Mishra
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
In our project we need to communicate to a URL on internet through a proxy server. The proxy server has kerberos authentication integrated with an Active Directory.
When I try to communicate to the URL through a proxy server, using JRE 1.6.0_30, the client is redirected 20 times and finally " Server redirected too many times (20)" error comes. On the other hand when same program is run with JRE 1.6.0_33/1.6.0_37, the communication with the internet URL through proxy server is successful. Can any body please tell me if there was a bug fix related to kerberos authentication in JRE 1.6._30 or is there any mistake in program?

Following is the program I am using:

public class TestConnectionThroughProxy {
public static void main(String[] args) throws IOException {
TestConnectionThroughProxy test = new TestConnectionThroughProxy();

private static class MyAuthenticator extends Authenticator {
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication("domainuser", "domainpassword".toCharArray());

private void test() throws IOException {
System.setProperty("", "krb5.ini");
System.setProperty("", "spNegoLogin.conf");
System.setProperty("", "false");
System.setProperty("", "true");

Authenticator.setDefault(new MyAuthenticator());

SocketAddress socketAddr = new InetSocketAddress("proxyserver.testdomain.local", 3128);
Proxy proxy = new Proxy(Proxy.Type.HTTP, socketAddr);

URL url = new URL("");
URLConnection conn = url.openConnection(proxy);
InputStream is = conn.getInputStream();
BufferedReader reader = new BufferedReader(new InputStreamReader(is));
char[] c = new char[1024];
int i = 0;
StringBuilder builder = new StringBuilder();
while((i = >= 0) {
builder.append(c, 0, i);

krb5.ini file:

default_realm = TESTDOMAIN.LOCAL
default_tkt_enctypes = aes128-cts-hmac-sha1-96,rc4-hmac,aes256-cts-hmac-sha1-96,aes128-cts-hmac-sha1-96
default_tgs_enctypes = rc4-hmac,aes256-cts-hmac-sha1-96,aes128-cts-hmac-sha1-96
forwardable = true
kdc = adserver.testdomain.local:88
testdomain.local = TESTDOMAIN.LOCAL
.testdomain.local = TESTDOMAIN.LOCAL

spNegoLogin.conf: { required doNotPrompt=false useTicketCache=false;

Please help us in finding the reason of problem.
Thank You,
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic