407 Proxy Authentication Required
HTTP response status code 407 Proxy Authentication Required is a client error that is returned by the server to indicate that the request has to be authenticated for the client to use a proxy. This is similar to a 401 Unauthorized error message, and the user must satisfy the requirements before being allowed access to the resource.
When the 407 Proxy Authentication Required error message is received, the client understands that valid login credentials need to be supplied in advance of being granted access to the requested resource. This is very similar to the 401 Unauthorized response and the client can use the same authentication protocols.
The Proxy-Authenticate header is returned by the server to indicate what methods it allows.
Search engines like Google will not index a URL with 407 Proxy Authentication Required response status, and consequently, URLs that have been indexed in the past but are now returning this HTTP status code will be removed from the search results.
In the example, the client requests a resource and the server responds with the 407 Proxy Authentication Required response to indicate that the resource is protected. As part of the response, the server indicates that it supports basic authorization. The client responds by stating that it is providing a
username:password pair using the basic authentication protocol, which is specified in the Proxy-Authorization header. Finally, the server responds by transmitting the requested resource.
GET /documents/tech-news HTTP/1.1 Host: www.example.re
HTTP/1.1 407 Proxy Authentication Required Proxy-Authenticate: Basic; realm=”Documents”
GET /documents/tech-news HTTP/1.1 Host: www.example.re Proxy-Authorization: Basic RXhhbXBsZTphaQ==
HTTP/1.1 200 OK Content-Type: application/pdf Content-Length: 25000 <PDF document included in message body>
Apache HttpComponents Core
The 407 Proxy Authentication Required status code is used to indicate the authorization is required to access the requested resource through a proxy. The server will inform which Authentication method(s) it supports and the client is required to authenticate itself before access is granted. Several common authentication schemes exist.