Skip to content
Home » security » 407 error in Java with Forcepoint

407 error in Java with Forcepoint

I had a Java app pointing at a Forcepoint (formerly known as Websense) proxy server. The proxy server wasn’t working, at least not consistently, and the app was giving me a 407 error. Here’s a workaround for this weird intermittent error. Intermittent problems are always the toughest ones to solve.

Finding the root cause of the 407 error in Java with Forcepoint

We had Forcepoint (Websense) set to require NTLM authorization, but it turns out Java won’t do NTLM, so the Java app’s traffic wasn’t even showing up in the Forcepoint monitor.

We could have stopped requiring NTLM, but we didn’t really want to do that. Since the problem was intermittent, it was fairly easy to come up with a workaround after I determined the root cause. If someone came in to work and launching the Java app was the first thing they did after logging in, it didn’t work and they got the 407 error. If they launched a web browser first and did anything at all in the browser, it worked fine. By letting the browser authenticate for it, the Java app worked because the proxy had the credentials cached.

Two possible workarounds

My workaround was to have users open a browser, then go to any web page immediately before opening the app.

The problem with that is that the user has to remember to do that. And if they forget, someone in the IT department has to remember they have to do that.

That leads to the second possible workaround. You can automate the process to work around the 407 error in Java with a two line batch file. You’ll also need a small utility. First have the batch file use use a tool like IEcapt or Cutycapt to visit any web page, then start the applet. As long as they remember to use the batch file, it will work the first time every time.

%d bloggers like this: