Menu

#707 java.lang.Throwable: Unknown error

v5.1.0
closed-fixed
nobody
None
5
2019-08-06
2019-02-20
crequill
No

Hello Mickael,

All was working fine since november 2018 on Arch Linux with davmail 4.9 with O365Interactive via a proxy Squid with basic authentication: two factor authentication was working fine with openjdk 8.
Now with davmail 5.2.0, Squid server has been updated (from 3.1.19 to 4.5) and now I get a JavaFX error and two factor authentication login page didn’t appear any more: 

2019-02-20 11:31:35,868 ERROR [JavaFX Application Thread] davmail.exchange.auth.O365InteractiveAuthenticatorFrame  - java.lang.Throwable: Unknown error Unknown error
2019-02-20 11:31:36,761 ERROR [ImapConnection-39230] davmail.exchange.auth.O365InteractiveAuthenticator  - Authentication failed Unknown error
2019-02-20 11:31:36,761 ERROR [ImapConnection-39230] davmail  - Authentication failed Unknown error
davmail.exception.DavMailException: Authentication failed Unknown error
    at davmail.exchange.auth.O365InteractiveAuthenticator.authenticate(O365InteractiveAuthenticator.java:158)
    at davmail.exchange.ExchangeSessionFactory.getInstance(ExchangeSessionFactory.java:174)
    at davmail.exchange.ExchangeSessionFactory.getInstance(ExchangeSessionFactory.java:96)
    at davmail.imap.ImapConnection.run(ImapConnection.java:112)

It seems this is due to squid basic authentication. If I deactivated it in squid configuration. All is working, I get the two factor authentication.

Discussion

  • Mickael Guessant

    Mickael Guessant - 2019-02-20

    This is probably related to this:
    https://stackoverflow.com/questions/41806422/java-web-start-unable-to-tunnel-through-proxy-since-java-8-update-111

    => Java no longer accepts Proxy basic authentication, if you still want to use it you can reenable it with:

    -Djdk.http.auth.tunneling.disabledSchemes=""
     

    Last edit: Mickael Guessant 2019-02-23

    • crequill

      crequill - 2019-02-21

      Thanks Mickael it works for me. I put it on the command line when I launch davmail on ArchLinux:

      exec "$JAVA_HOME/bin/java" -cp $CP -Djdk.http.auth.tunneling.disabledSchemes="" 'davmail.DavGateway' "$@"

      On an another pc on windows, I have to modify C:\Program Files (x86)\Java\jre1.8.0_201\lib\net.properties and to comment out line 'jdk.http.auth.tunneling.disabledSchemes=Basic'. It works after that too.

       

      Last edit: crequill 2019-02-21

  • crequill

    crequill - 2019-02-20

    I do a network trace and it appears that first davmail sent a CONNECT to outlook.office365.com on port 443 without basic authentication, proxy reply with a 407 Proxy Authentication Required, then davmail sent the same CONNECT but with a Proxy-Authorization field and this time the reply was a 200 OK. But after some TLS v.1.2 exchange, a new CONNECT to login.microsoftonline.com on port 443 is sent by davmail without basic authentication, proxy reply with a 407 Proxy Authentication Required, then davmail sent the same CONNECT but always without basic authentication.
    This is the problem, why davmail didn’t send a CONNECT to login.microsoftonline.com with a Proxy-Authorization?

     

  • Mickael Guessant

    Mickael Guessant - 2019-02-23
    • status: open --> pending-fixed
     

  • Mickael Guessant

    Mickael Guessant - 2019-02-23

    Thanks for your feedback.

    I also enforced this in trunk:
    jdk.http.auth.tunneling.disabledSchemes=""

    Most of the time DavMail user has no way to change proxy authentication mode, this is the responsibility of proxy admin.

     

    Last edit: Mickael Guessant 2019-03-24

  • Mickael Guessant

    Mickael Guessant - 2019-08-06
    • status: pending-fixed --> closed-fixed
     

  • Mickael Guessant

    Mickael Guessant - 2019-08-06

    Fixed in 5.3.0

     

Log in to post a comment.

MongoDB Logo MongoDB