Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-49685

Unable to download the NVD CVE data. Caused by: java.io.IOException: Unable to tunnel through proxy. Proxy returns "HTTP/1.1 407 Proxy Authentication Required"

XMLWordPrintable

      My Jenkins Instance is sitting behind a proxy that requires basic authentication, which is configured in the Jenkins Instance. Updating plugins via https works without problems with the configured proxy.

      When trying to run the dependencyCheckAnalyzer from a Jenkins Pipeline I get the following error and stack trace:

      [DependencyCheck] One or more exceptions were thrown while executing Dependency-Check
      [DependencyCheck] Exception Caught: org.owasp.dependencycheck.data.update.exception.UpdateException
      [DependencyCheck] Cause: java.util.concurrent.ExecutionException: org.owasp.dependencycheck.utils.DownloadFailedException: Error making HTTP GET request.
      [DependencyCheck] Message: Unable to download the NVD CVE data.
      [DependencyCheck] org.owasp.dependencycheck.data.update.exception.UpdateException: Unable to download the NVD CVE data.
      [DependencyCheck] at org.owasp.dependencycheck.data.update.NvdCveUpdater.update(NvdCveUpdater.java:130)
      [DependencyCheck] at org.owasp.dependencycheck.Engine.doUpdates(Engine.java:889)
      [DependencyCheck] at org.owasp.dependencycheck.Engine.initializeAndUpdateDatabase(Engine.java:716)
      [DependencyCheck] at org.owasp.dependencycheck.Engine.analyzeDependencies(Engine.java:642)
      [DependencyCheck] at org.jenkinsci.plugins.DependencyCheck.DependencyCheckExecutor.executeDependencyCheck(DependencyCheckExecutor.java:172)
      [DependencyCheck] at org.jenkinsci.plugins.DependencyCheck.DependencyCheckExecutor.call(DependencyCheckExecutor.java:103)
      [DependencyCheck] at org.jenkinsci.plugins.DependencyCheck.DependencyCheckExecutor.call(DependencyCheckExecutor.java:46)
      [DependencyCheck] at hudson.remoting.UserRequest.perform(UserRequest.java:210)
      [DependencyCheck] at hudson.remoting.UserRequest.perform(UserRequest.java:53)
      [DependencyCheck] at hudson.remoting.Request$2.run(Request.java:358)
      [DependencyCheck] at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
      [DependencyCheck] at java.util.concurrent.FutureTask.run(FutureTask.java:266)
      [DependencyCheck] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
      [DependencyCheck] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
      [DependencyCheck] at hudson.remoting.Engine$1$1.run(Engine.java:94)
      [DependencyCheck] at java.lang.Thread.run(Thread.java:748)
      [DependencyCheck] Caused by: org.owasp.dependencycheck.utils.DownloadFailedException: java.util.concurrent.ExecutionException: org.owasp.dependencycheck.utils.DownloadFailedException: Error making HTTP GET request.
      [DependencyCheck] at org.owasp.dependencycheck.data.update.NvdCveUpdater.retrieveLastModifiedDates(NvdCveUpdater.java:460)
      [DependencyCheck] at org.owasp.dependencycheck.data.update.NvdCveUpdater.retrieveCurrentTimestampsFromWeb(NvdCveUpdater.java:402)
      [DependencyCheck] at org.owasp.dependencycheck.data.update.NvdCveUpdater.getUpdatesNeeded(NvdCveUpdater.java:319)
      [DependencyCheck] at org.owasp.dependencycheck.data.update.NvdCveUpdater.update(NvdCveUpdater.java:117)
      [DependencyCheck] ... 15 more
      [DependencyCheck] Caused by: java.util.concurrent.ExecutionException: org.owasp.dependencycheck.utils.DownloadFailedException: Error making HTTP GET request.
      [DependencyCheck] at java.util.concurrent.FutureTask.report(FutureTask.java:122)
      [DependencyCheck] at java.util.concurrent.FutureTask.get(FutureTask.java:206)
      [DependencyCheck] at org.owasp.dependencycheck.data.update.NvdCveUpdater.retrieveLastModifiedDates(NvdCveUpdater.java:455)
      [DependencyCheck] ... 18 more
      [DependencyCheck] Caused by: org.owasp.dependencycheck.utils.DownloadFailedException: Error making HTTP GET request.
      [DependencyCheck] at org.owasp.dependencycheck.utils.Downloader.getLastModified(Downloader.java:293)
      [DependencyCheck] at org.owasp.dependencycheck.utils.Downloader.getLastModified(Downloader.java:235)
      [DependencyCheck] at org.owasp.dependencycheck.data.update.NvdCveUpdater$TimestampRetriever.call(NvdCveUpdater.java:507)
      [DependencyCheck] at org.owasp.dependencycheck.data.update.NvdCveUpdater$TimestampRetriever.call(NvdCveUpdater.java:480)
      [DependencyCheck] at java.util.concurrent.FutureTask.run(FutureTask.java:266)
      [DependencyCheck] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
      [DependencyCheck] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
      [DependencyCheck] ... 1 more
      [DependencyCheck] Caused by: java.io.IOException: Unable to tunnel through proxy. Proxy returns "HTTP/1.1 407 Proxy Authentication Required"
      [DependencyCheck] at sun.net.www.protocol.http.HttpURLConnection.doTunneling(HttpURLConnection.java:2124)
      [DependencyCheck] at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:183)
      [DependencyCheck] at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
      [DependencyCheck] at org.owasp.dependencycheck.utils.Downloader.getLastModified(Downloader.java:268)
      [DependencyCheck] ... 7 more
      [DependencyCheck]
      [DependencyCheck] Exception Caught: org.owasp.dependencycheck.exception.NoDataException
      [DependencyCheck] Message: No documents exist
      [DependencyCheck] org.owasp.dependencycheck.exception.NoDataException: No documents exist
      [DependencyCheck] at org.owasp.dependencycheck.Engine.ensureDataExists(Engine.java:1068)
      [DependencyCheck] at org.owasp.dependencycheck.Engine.analyzeDependencies(Engine.java:646)
      [DependencyCheck] at org.jenkinsci.plugins.DependencyCheck.DependencyCheckExecutor.executeDependencyCheck(DependencyCheckExecutor.java:172)
      [DependencyCheck] at org.jenkinsci.plugins.DependencyCheck.DependencyCheckExecutor.call(DependencyCheckExecutor.java:103)
      [DependencyCheck] at org.jenkinsci.plugins.DependencyCheck.DependencyCheckExecutor.call(DependencyCheckExecutor.java:46)
      [DependencyCheck] at hudson.remoting.UserRequest.perform(UserRequest.java:210)
      [DependencyCheck] at hudson.remoting.UserRequest.perform(UserRequest.java:53)
      [DependencyCheck] at hudson.remoting.Request$2.run(Request.java:358)
      [DependencyCheck] at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
      [DependencyCheck] at java.util.concurrent.FutureTask.run(FutureTask.java:266)
      [DependencyCheck] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
      [DependencyCheck] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
      [DependencyCheck] at hudson.remoting.Engine$1$1.run(Engine.java:94)
      [DependencyCheck] at java.lang.Thread.run(Thread.java:748)

      I assume this is caused by jdk.http.auth.tunneling.disabledSchemes as described here http://www.oracle.com/technetwork/java/javase/8u111-relnotes-3124969.html

      A possible workaround is to remove Basic from jdk.http.auth.tunneling.disabledSchemes but this seems unnecessary since all other parts of Jenkins do not require this setting and work flawlessly with the proxy configuration and HTTPS traffic and this plugin should as well.

            sspringett Steve Springett
            pmr Philipp Moeller
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: