Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to get Bamboo agent work through a Web proxy that needs NTLM credentials?

Video Guy
Video Guy June 3, 2015

I have a Bamboo agent that needs to connect to Bamboo server via a http proxy.

I see it timing out. Then I added the following to wrapper.conf file.

 

wrapper.java.additional.3=-Dhttps.proxyHost=proxy.ins.dell.com
wrapper.java.additional.4=-Dhttps.proxyPort=80

 

Then it is failing with the following errors.

What is the trick to get Bamboo work through a proxy?

The version of Bamboo server is 5.9.0.

 

Thanks

 

++++++++++++++++++++++++++++++++++++++++++++++++++++++

INFO   | jvm 5    | 2015/06/03 15:49:50 | 2015-06-03 15:49:50,085 INFO [WrapperSimpleAppMain] [AgentContext] Requesting fingerprint, url: https://bamboo.kace.com/agentServer/GetFingerprint.action?hostName=8187K5TX1.aus.amer.dell.com&version=3&agentUuid=fcb45982-d658-4220-acdc-3191be5f8a57
INFO   | jvm 5    | 2015/06/03 15:49:50 | 2015-06-03 15:49:50,133 INFO [WrapperSimpleAppMain] [AuthChallengeProcessor] ntlm authentication scheme selected
INFO   | jvm 5    | 2015/06/03 15:49:50 | 2015-06-03 15:49:50,134 INFO [WrapperSimpleAppMain] [HttpMethodDirector] No credentials available for NTLM <any realm>@proxy.ins.dell.com:80
INFO   | jvm 5    | 2015/06/03 15:49:50 | Exiting due to fatal exception.
INFO   | jvm 5    | 2015/06/03 15:49:50 | com.atlassian.bamboo.agent.bootstrap.RemoteAgentHttpException: HTTP status code 407 received in response to fingerprint request.
INFO   | jvm 5    | 2015/06/03 15:49:50 |     at com.atlassian.bamboo.agent.bootstrap.AgentContext.initFingerprint(AgentContext.java:133)
INFO   | jvm 5    | 2015/06/03 15:49:50 |     at com.atlassian.bamboo.agent.bootstrap.AgentContext.initServerSession(AgentContext.java:98)
INFO   | jvm 5    | 2015/06/03 15:49:50 |     at com.atlassian.bamboo.agent.bootstrap.AgentContext.run(AgentContext.java:89)
INFO   | jvm 5    | 2015/06/03 15:49:50 |     at com.atlassian.bamboo.agent.bootstrap.AgentBootstrap.run(AgentBootstrap.java:93)
INFO   | jvm 5    | 2015/06/03 15:49:50 |     at com.atlassian.bamboo.agent.bootstrap.AgentBootstrap.main(AgentBootstrap.java:40)
INFO   | jvm 5    | 2015/06/03 15:49:50 |     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
INFO   | jvm 5    | 2015/06/03 15:49:50 |     at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
INFO   | jvm 5    | 2015/06/03 15:49:50 |     at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
INFO   | jvm 5    | 2015/06/03 15:49:50 |     at java.lang.reflect.Method.invoke(Unknown Source)
INFO   | jvm 5    | 2015/06/03 15:49:50 |     at org.tanukisoftware.wrapper.WrapperSimpleApp.run(WrapperSimpleApp.java:240)
INFO   | jvm 5    | 2015/06/03 15:49:50 |     at java.lang.Thread.run(Unknown Source)
INFO   | jvm 5    | 2015/06/03 15:49:50 | 2015-06-03 15:49:50,136 FATAL [WrapperSimpleAppMain] [AgentBootstrap] Exiting due to fatal exception.
INFO   | jvm 5    | 2015/06/03 15:49:50 | com.atlassian.bamboo.agent.bootstrap.RemoteAgentHttpException: HTTP status code 407 received in response to fingerprint request.
INFO   | jvm 5    | 2015/06/03 15:49:50 |     at com.atlassian.bamboo.agent.bootstrap.AgentContext.initFingerprint(AgentContext.java:133)
INFO   | jvm 5    | 2015/06/03 15:49:50 |     at com.atlassian.bamboo.agent.bootstrap.AgentContext.initServerSession(AgentContext.java:98)
INFO   | jvm 5    | 2015/06/03 15:49:50 |     at com.atlassian.bamboo.agent.bootstrap.AgentContext.run(AgentContext.java:89)
INFO   | jvm 5    | 2015/06/03 15:49:50 |     at com.atlassian.bamboo.agent.bootstrap.AgentBootstrap.run(AgentBootstrap.java:93)
INFO   | jvm 5    | 2015/06/03 15:49:50 |     at com.atlassian.bamboo.agent.bootstrap.AgentBootstrap.main(AgentBootstrap.java:40)
INFO   | jvm 5    | 2015/06/03 15:49:50 |     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
INFO   | jvm 5    | 2015/06/03 15:49:50 |     at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
INFO   | jvm 5    | 2015/06/03 15:49:50 |     at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
INFO   | jvm 5    | 2015/06/03 15:49:50 |     at java.lang.reflect.Method.invoke(Unknown Source)
INFO   | jvm 5    | 2015/06/03 15:49:50 |     at org.tanukisoftware.wrapper.WrapperSimpleApp.run(WrapperSimpleApp.java:240)
INFO   | jvm 5    | 2015/06/03 15:49:50 |     at java.lang.Thread.run(Unknown Source)
DEBUG  | wrapper  | 2015/06/03 15:49:50 | JVM process exited with a code of 1, setting the wrapper exit code to 1.
ERROR  | wrapper  | 2015/06/03 15:49:50 | JVM exited while starting the application.

 

 

Answer
Watch
Like Steffen Opel _Utoolity_ likes this
2236 views

4 answers

1 vote
Video Guy
Video Guy June 24, 2015

Finally I found a way to get past proxy authentication. In wrapper.conf, all I had to configure were https.proxyPort=80, https.proxyHost=proxydnsaddress and java.net.useSystemProxies=true. The last property did the trick. Now I see the agent get past initial finger print handshake without any timeouts or exceptions.

Now it is failing that it can't connect to tcp://bambooserverdns:54663. Our firewall doesn't allow any port other than 80, 443 going outward. That could be the reason.

I see Bamboo agent uses ActiveMQ for broker protocol handshake. Apache ActiveMQ site describes many other transports besides tcp. I believe ActiveMQ supports payload go over https. I am wondering how to use https transport instead of tcp for the broker handshake. That will make it work without having to open any firewall ports.

 

Reply
1 vote
Przemek Bruski
Przemek Bruski
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 3, 2015

Note that Bamboo uses JMS communication too. If you have an enforced proxy between agent and the server, it won't work even if you make the HTTP traffic work.

View More Comments
Dana Cleveland
Dana Cleveland
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 4, 2015

Right.. Forgot all about the JMS channel

Like
Reply
1 vote
Dana Cleveland
Dana Cleveland
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 3, 2015

depending on your version of java i have found that i need to set the following to get passed ntlm proxy

http.proxyHost=proxy.domain.com
http.proxyPort=80
http.proxyUser=username
http.proxyPassword=password
http.nonProxyHosts='*.myowndomain.com|localhost'
http.auth.ntlm.domain=DOMAIN
http.proxyAuth=basic,digest,ntlm

I also set the 'https' versions as well, but you might only need the http version.. 

Because of the # of extra parameter you might need, you could also use the wrapper additional file option instead of additional.3, additional.4

wrapper.java.additional_file

http://wrapper.tanukisoftware.com/doc/english/prop-java-additional-n.html#file

 

Reply
0 votes
Video Guy
Video Guy June 4, 2015

The wrapper I have is 3.2.3. It doesn't support wrapper.java.additional_file property.

I tried proxyUser and proxyPassword (both http.* and https.*). It still doesn't work. I am still getting the 407 error.

 

Was wrapper ever tested behind a corporate proxy that requires Active directory credentials (using NTLM)?

 

View More Comments
Video Guy
Video Guy June 10, 2015

I am trying to get the ports on our firewall/proxy opened for agent to work. Are there any other ports besides 80, 443 and 54663 outbound from the agent box to the server that need to be opened (i.e. No proxy/firewall intervening in middle)?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bamboo
Bamboo
TAGS
AUG Leaders

Atlassian Community Events

    See all events