2

Our daemons application is using msal4j 1.3 to get access token from https://login.microsoftonline.com/. However, in some of our customer's production environment, it is not possible to access https://login.microsoftonline.com directly. They want to use authenticated proxy to access it. Is it possible to set have msal4j to use a webProxy? If not, what is the suggestion for us to use msal4j with such a webProxy?

Lin Chen
  • 71
  • 2
  • 6

1 Answers1

1

Yes, you can have MSAL4J use a Proxy.

The most straightforward way would be by injecting the Http client that the application is using into MSAL. You would configure the proxy settings on the Http client, implement MSALs IHttpClient, and then pass in the implementation into MSAL when you instantiate the client application object. MSAL will then use this Http client for all requests. For more information, see the Configure Http Client wiki page

sgonzalez
  • 741
  • 6
  • 20
  • Thanks. Are there any other solutions? Our (Daemon) app does not have its own http client. Whet it use EWS the EWS actually provided an interface to set webProxy. I really want to aovid the effort to develop a new http client for MSAL in order to make it work with webproxy. – Lin Chen Feb 27 '20 at 19:22
  • You can also set the Proxy on the client application object. To authenticate into the proxy, you can use Java.net.Authenticator. There are more detailed posts out there explaining how you can do this. – sgonzalez Feb 27 '20 at 23:15
  • I am using PublicClientApplication. In its builder, as you have suggested I can set my IHttpClient instance, which I want to avoid. The app builder also allows setting a proxy, which is a java.net.proxy object. I looked into the java.net.proxy, unlike the webproxy for EWS, java.net.proxy does have a way to specify proxy credential. You pointed that java.net.authenticator can be used. I cannot find any helpful posting. Would you please pointed out some examples? Thanks so far. – Lin Chen Feb 28 '20 at 16:37
  • https://stackoverflow.com/questions/1626549/authenticated-http-proxy-with-java – sgonzalez Feb 28 '20 at 17:29
  • Keep in mind that the benefit of using the Http client is that the proxy settings that you set on it will only affect MSAL. By using the java.net.authentication and system properties, this will set those properties for all outgoing connections – sgonzalez Feb 28 '20 at 17:32
  • Thanks a lot. I developed my own http client that can use an authenticated proxy. It would be nice that the SMAL library can have built-in authenticated proxy. – Lin Chen Mar 03 '20 at 18:07