1. 2017-04-19 - Use ruby bundler behind a proxy; Tags: Use ruby bundler behind a proxy
    Loading...

    Use ruby bundler behind a proxy

    How to install the ruby bundler behind a proxy with sudo.

    To use ruby bundler behind a proxy, define the proxy host in env variables http_proxy and https_proxy.

    For instance

    export http_proxy=http://10.0.2.2:3128
    export https_proxy=https://10.0.2.2:3128
    

    However if you need to sudo, because you have no write permission on the ruby gems folder, sudo does not preserve the http_proxy env variable. Therefore add following line in /etc/sudoers

    Defaults        env_keep = "http_proxy ftp_proxy"
    

    before this line:

    Defaults        env_reset
    

    After this you can install the bundler gem.

    tan@omega:~/sources/my-awesome-site$ sudo gem install bundler
    Fetching: bundler-1.14.6.gem (100%)
    Successfully installed bundler-1.14.6
    Parsing documentation for bundler-1.14.6
    Installing ri documentation for bundler-1.14.6
    Done installing documentation for bundler after 4 seconds
    1 gem installed
    
  2. 2016-12-28 - Using proxy in Dockerfile; Tags: Using proxy in Dockerfile
    Loading...

    Using proxy in Dockerfile

    Using docker in companies with tight security involves using proxies for pulling the image data of dockerhub. In my previous post I illustrated several ways how to enable docker using the proxy. I assume you are using a central local proxy auth server like CNTLM. So no bypassing any auth data. In the Dockerfile itself, it can be used like this:

    ENV http_proxy http://10.0.2.2:3128
    ENV https_proxy https://10.0.2.2:3128
    

    Most programs like curl, wget, apt (Debian) or apk (Alpine Linux) honor that. So something like this should work:

    RUN apk update && apk add wget
    

    Some programs however have dedicated options like gpg --keyserver <keyserver-name> --keyserver-options http-proxy=<proxy-data>.

    ENV GOSU_VERSION 1.9
    RUN set -x \
         && apk add --no-cache --virtual .gosu-deps \
             dpkg \
             gnupg \
             openssl \
         && dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')" \
         && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \
         && wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc" \
         && export GNUPGHOME="$(mktemp -d)" \
         && gpg --keyserver ha.pool.sks-keyservers.net --keyserver-options http-proxy=$http_proxy --recv-keys                       B42F6819007F00F88E364FD4036A9C25BF357DD4 \
         && gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \
         && rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc \
         && chmod +x /usr/local/bin/gosu \
         && gosu nobody true \
         && apk del .gosu-deps
    
  3. 2016-12-27 - Install docker on CentOS as virtual machine; Tags: Install docker on CentOS as virtual machine
    Loading...

    Install docker on CentOS as virtual machine

    Working with Windows sucks. Working with Docker and Windows also sucks. Working in a company with Docker and Windows sucks big time. Besides security and proxy everything is a hassle, because connectivity, filesystem or permissions might not work out of a box. Too many workarounds for docker freshmen. So I decided to run docker in a CentOS virtual machine. That is the closest thing to RHEL. This post demonstrates how to get Docker installed and properly configured, so you can work with docker with great pleasure :wink: .

    Installation

    docker.repo

    First step is to create a custom repo for docker:

    >[root@localhost vinh]# sudo tee /etc/yum.repos.d/docker.repo <<-'EOF' > [dockerrepo] > name=Docker Repository > baseurl=https://yum.dockerproject.org/repo/main/centos/7/ > enabled=1 > gpgcheck=1 > gpgkey=https://yum.dockerproject.org/gpg > EOF [dockerrepo] name=Docker Repository baseurl=https://yum.dockerproject.org/repo/main/centos/7/ enabled=1 gpgcheck=1 gpgkey=https://yum.dockerproject.org/gpg

    Download latest repo information

    [root@localhost vinh]# yum update
    Loaded plugins: fastestmirror
    dockerrepo                                                                                             | 2.9 kB  00:00:00
    dockerrepo/primary_db                                                                                  |  25 kB  00:00:00
    Loading mirror speeds from cached hostfile
     * base: centos.schlundtech.de
     * extras: centos.mirror.net-d-sign.de
     * updates: centos.bio.lmu.de
    No packages marked for update
    

    Install Docker

    [root@localhost vinh]# yum install docker-engine
    Loaded plugins: fastestmirror
    Loading mirror speeds from cached hostfile
     * base: centos.schlundtech.de
     * extras: centos.mirror.net-d-sign.de
     * updates: centos.bio.lmu.de
    Resolving Dependencies
    ..
    --> Finished Dependency Resolution
    Dependencies Resolved
    ==============================================================================================================================
     Package                              Arch                 Version                             Repository                Size
    ==============================================================================================================================
    Installing:
     docker-engine                        x86_64               1.12.5-1.el7.centos                 dockerrepo                19 M
    Installing for dependencies:
     audit-libs-python                    x86_64               2.6.5-3.el7                         base                      70 k
     checkpolicy                          x86_64               2.5-4.el7                           base                     290 k
     docker-engine-selinux                noarch               1.12.5-1.el7.centos                 dockerrepo                28 k
     libcgroup                            x86_64               0.41-11.el7                         base                      65 k
     libseccomp                           x86_64               2.3.1-2.el7                         base                      56 k
     libsemanage-python                   x86_64               2.5-4.el7                           base                     103 k
     libtool-ltdl                         x86_64               2.4.2-21.el7_2                      base                      49 k
     policycoreutils-python               x86_64               2.5-9.el7                           updates                  444 k
     python-IPy                           noarch               0.75-6.el7                          base                      32 k
     setools-libs                         x86_64               3.3.8-1.1.el7                       base                     612 k
    Transaction Summary
    ==============================================================================================================================
    Install  1 Package (+10 Dependent packages)
    Total download size: 21 M
    Installed size: 85 M
    Is this ok [y/d/N]: y
    

    Service Configuration

    Enable service

    [root@localhost vinh]# sudo systemctl enable docker.service
    Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
    

    Start docker

    [root@localhost vinh]# sudo systemctl start docker
    

    Run Hello Docker

    Run hello world

    [root@localhost vinh]# docker run --rm hello-world
    Unable to find image 'hello-world:latest' locally
    Pulling repository docker.io/library/hello-world
    docker: Error while pulling image: Get https://index.docker.io/v1/repositories/library/hello-world/images: dial tcp 52.207.178.113:443: getsockopt: connection refused.
    See 'docker run --help'.
    

    Bypass with proxy

    This section assumes you are using CNTLM as single proxy solution. Otherwise you need to replace it with your real proxy data.

    Create custom settings for docker

    [root@localhost vinh]# mkdir /etc/systemd/system/docker.service.d
    

    We add the proxies for http and https. Additionally if you run an internal docker registry, put it on the NO_PROXY line.

    [root@localhost vinh]# vim /etc/systemd/system/docker.service.d/http-proxy.conf
    [Service]
    Environment="HTTP_PROXY=http://10.0.2.2:3128" "HTTPS_PROXY=https://10.0.2.2:3128" "NO_PROXY=localhost,127.0.0.1,artifactory.cinhtau.net"
    

    Reload and check

    [Service]
    [root@localhost vinh]# systemctl show --property=Environment docker
    Environment=HTTP_PROXY=http://10.0.2.2:3128 HTTPS_PROXY=https://10.0.2.2:3128 NO_PROXY=localhost,127.0.0.1,artifactory.six-group.net
    

    It it mandatory to restart

    [root@localhost vinh]# systemctl restart docker
    

    Run hello world again

    [root@localhost vinh]# docker run --rm hello-world
    Unable to find image 'hello-world:latest' locally
    latest: Pulling from library/hello-world
    c04b14da8d14: Pull complete
    Digest: sha256:0256e8a36e2070f7bf2d0b0763dbabdd67798512411de4cdcf9431a1feb60fd9
    Status: Downloaded newer image for hello-world:latest
    Hello from Docker!
    This message shows that your installation appears to be working correctly.
    To generate this message, Docker took the following steps:
     1. The Docker client contacted the Docker daemon.
     2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
     3. The Docker daemon created a new container from that image which runs the
        executable that produces the output you are currently reading.
     4. The Docker daemon streamed that output to the Docker client, which sent it
        to your terminal.
    To try something more ambitious, you can run an Ubuntu container with:
     $ docker run -it ubuntu bash
    Share images, automate workflows, and more with a free Docker Hub account:
     https://hub.docker.com
    For more examples and ideas, visit:
     https://docs.docker.com/engine/userguide/
    

    Have fun with Docker under Linux!

  4. 2016-08-07 - Key Authentication with sftp for FileZilla; Tags: Key Authentication with sftp for FileZilla
    Loading...

    Key Authentication with sftp for FileZilla

    FileZilla is capable of using ssh keys for using sftp. Sadly there is no native support and you need to convert the private key to PuTTY’s PPK format. Although FileZilla can do that for you. Go to Edit → Preferences and in section SFTP add the private key file. FileZilla will convert that into the PPK format and your are ready to use sftp.

    filezilla-sftp

  5. 2016-04-06 - Get system hostname with Python; Tags: Get system hostname with Python
    Loading...

    Get system hostname with Python

    Python

    tan@prometheus:~> python
    Python 2.7.5 (default, Apr  9 2015, 11:03:32)
    [GCC 4.8.3 20140911 (Red Hat 4.8.3-9)] on linux2
    Type "help", "copyright", "credits" or "license" for more information.
    >>> import socket
    >>> socket.gethostname()
    'prometheus'
    >>> exit()
    
  6. 2016-03-09 - Using proxy within Java for HTTP or HTTPS connection; Tags: Using proxy within Java for HTTP or HTTPS connection
    Loading...

    Using proxy within Java for HTTP or HTTPS connection

    This post list all essential property names for using HTTP or HTTPS connections in Java.

    These basic property names are used within Java. For HTTPS just add the S to it.

    public static final String HTTP_PROXY_HOST = "http.proxyHost";
    public static final String HTTP_PROXY_PORT = "http.proxyPort";
    public static final String HTTP_PROXY_USER = "http.proxyUser";
    public static final String HTTP_PROXY_PASSWORD = "http.proxyPassword";
    

    Set properties at runtime

    System.getProperties().put("http.proxyHost", "ProxyURL");
    System.getProperties().put("http.proxyPort", "ProxyPort");
    System.getProperties().put("http.proxyUser", "UserName");
    System.getProperties().put("http.proxyPassword", "Password");
    

    Pass as program arguments

    $> java -Dhttp.proxyHost=proxyhostURL -Dhttp.proxyPort=proxyPortNumber
    -Dhttp.proxyUser=UserName -Dhttp.proxyPassword=Password ProxyClassHere
    

    Remove or cleanup the proxy setting

    System.clearProperty(HTTP_PROXY_HOST);
    System.clearProperty(HTTP_PROXY_PORT);
    System.clearProperty(HTTP_PROXY_USER);
    System.clearProperty(HTTP_PROXY_PASSWORD);
    
  7. 2016-01-25 - Use netstat to check used ports of a process; Tags: Use netstat to check used ports of a process
    Loading...

    Use netstat to check used ports of a process

    This blog post demonstrates a small example how helpful netstat can be. netstat is capable to display all used ports of the user processes.

    Following command can be a life-saver

    netstat -tulpn
    

    Options explained:

    • -t = tcp
    • -u = udp
    • -l = listening
    • -p = program
    • -n = numeric

    Problem

    First of all, I have a Java EE application, that claims to run the management port 12099

    tan@server:~> ps -Af | grep demo
    tan 11182 10919  0 Jan19 ?        00:07:18 /opt/java/jdk1.8.0_51/bin/java -D[Standalone] -server -XX:+UseCompressedOops -verbose:gc -Xloggc:/var/log/jboss/demo_prd_1/log/gc.log -XX:+PrintGCDetails -XX:+PrintGCDateStamps -XX:+UseGCLogFileRotation -XX:NumberOfGCLogFiles=5 -XX:GCLogFileSize=3M -XX:-TraceClassUnloading -Xms1303m -Xmx1303m -XX:MaxPermSize=256m -Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true -Djboss.modules.policy-permissions=true -Dorg.jboss.boot.log.file=/var/log/jboss/demo_prd_1/log/server.log -Dlogging.configuration=file:/opt/demo_prd_1/configuration/logging.properties -jar /opt/jboss/jboss-eap-6.4.2/jboss-modules.jar -mp /opt/jboss/jboss-eap-6.4.2/modules -jaxpmodule javax.xml.jaxp-provider org.jboss.as.standalone -Djboss.home.dir=/opt/jboss/jboss-eap-6.4.2 -Djboss.server.base.dir=/opt/apps/demo_prd_1 -Djboss.server.base.dir=/opt/apps/demo_prd_1 -b=192.168.100.74 -Djboss.management.native.port=12099 -bmanagement=192.168.100.74 -Djboss.server.log.dir=/var/log/jboss/demo_prd_1/log -P /opt/apps/demo_prd_1/configuration/demo_prd_1.properties --server-config=standalone.xml
    

    Even the log is telling me, that this port is being used

    2016-01-19 05:29:16,069 INFO  [MSC service thread 1-8] [] [] [] [] [] (org.jboss.as) JBAS015899: JBoss EAP 6.4.2.GA (AS 7.5.2.Final-redhat-2) starting
    2016-01-19 05:29:16,074 DEBUG [MSC service thread 1-8] [] [] [] [] [] (org.jboss.as.config) Configured system properties:
            [Standalone] =
            ..
            jboss.management.native.port = 12099
            jboss.modules.dir = /opt/jboss/jboss-eap-6.4.2/modules
    

    Now I try to connect to the CLI to change the log level at runtime, if you haven’t setup JAVA_HOME properly, you can setup it accordingly with these commands

    tan@server:~> export JAVA_HOME=/opt/java/jdk1.8.0_51
    tan@server:~> export PATH=$PATH:$JAVA_HOME/bin
    tan@server:~> /opt/jboss/jboss-eap-6.4.2/bin/jboss-cli.sh --controller=192.168.100.74:12099 --connect
    org.jboss.as.cli.CliInitializationException: Failed to connect to the controller
    ..
    Caused by: org.jboss.as.cli.CommandLineException: The controller is not available at 192.168.100.74:12099
            ... 8 more
    Caused by: java.io.IOException: java.net.ConnectException: JBAS012174: Could not connect to remote://192.168.100.74:12099. The connection failed
            ... 11 more
    Caused by: java.net.ConnectException: JBAS012174: Could not connect to remote://192.168.100.74:12099. The connection failed
            ... 13 more
    Caused by: java.net.ConnectException: Connection refused
            ... 23 more
    

    WTF happened? The port should be ok.

    Check with netstat

    Now we can check with netstat which ports are used by process 11182.

    tan@server:~> netstat -tulpn | grep 11182
    (Not all processes could be identified, non-owned process info
    will not be shown, you would have to be root to see it all.)
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name
    tcp        0      0 10.152.48.74:12090          0.0.0.0:*                   LISTEN      11182/java
    tcp        0      0 10.152.48.74:13099          0.0.0.0:*                   LISTEN      11182/java
    tcp        0      0 10.152.48.74:8943           0.0.0.0:*                   LISTEN      11182/java
    tcp        0      0 10.152.48.74:12047          0.0.0.0:*                   LISTEN      11182/java
    tcp        0      0 10.152.48.74:12080          0.0.0.0:*                   LISTEN      11182/java
    

    Well we haven’t found 12099, but 13099! Now let’s check the login.

    tan@server:~> /opt/jboss/jboss-eap-6.4.2/bin/jboss-cli.sh --controller=192.168.100.74:13099 --connect
    [standalone@192.168.100.74:13099 /] /subsystem=logging/logger=net.cinhtau.net.dmr:write-attribute(name="level", value="INFO")
    {"outcome" => "success"}
    [standalone@192.168.100.74:13099 /] exit
    

    Check the console.log, that tells the truth

    tan@server:~/logs> cat console.log
    ..
    05:29:16,787 INFO  [org.jboss.as.remoting] (MSC service thread 1-45) JBAS017100: Listening on 192.168.100.74:12047
    ..
    05:29:16,908 INFO  [org.apache.coyote.http11.Http11Protocol] (MSC service thread 1-27) JBWEB003001: Coyote HTTP/1.1 initializing on : http-/192.168.100.74:12080
    05:29:16,912 INFO  [org.apache.coyote.http11.Http11Protocol] (MSC service thread 1-27) JBWEB003000: Coyote HTTP/1.1 starting on: http-/192.168.100.74:12080
    ..
    05:29:16,960 INFO  [org.jboss.as.remoting] (MSC service thread 1-14) JBAS017100: Listening on 192.168.100.74:13099
    
  8. 2015-11-06 - Testing tns connections; Tags: Testing tns connections
    Loading...

    Testing tns connections

    This post demonstrates how to test tns connections for the Oracle DB. First of all, what is TNS? Transparent Network Substrate (TNS) is a proprietary Oracle computer networking technology that supports homogeneous peer-to-peer connectivity on top of other networking technologies such as TCP/IP, SDP and named pipes.

    So if you have installed or any other Oracle DBA have setup an Oracle DB instance for you, you can check the connectivity with tnsping utility. The tnsping utility determines whether the listener for a service on an Oracle Net network can be reached successfully. It is automatically shipped within your local Oracle DB installation.

    Test local connection (german output) of SID dev

    C:\Users\vinh>tnsping dev
    TNS Ping Utility for 64-bit Windows: Version 12.1.0.2.0 - Production on 06-NOV-2
    015 08:35:24
    Copyright (c) 1997, 2014, Oracle.  All rights reserved.
    Parameterdateien benutzt:
    C:\Daten\oracle\product\12.1.0\dbhome_1\network\admin\sqlnet.ora
    Adapter TNSNAMES zur Aufl&divide;sung des Alias benutzt
    Verbindungsversuch mit (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = localho
    st)(PORT = 1521)) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = dev)))
    OK (20 ms)
    

    Test local connection 20 times, like the JBoss Connection pooling

    C:\Users\vinh>tnsping dev 20
    TNS Ping Utility for 64-bit Windows: Version 12.1.0.2.0 - Production on 06-NOV-2
    015 08:36:15
    Copyright (c) 1997, 2014, Oracle.  All rights reserved.
    Parameterdateien benutzt:
    C:\Daten\oracle\product\12.1.0\dbhome_1\network\admin\sqlnet.ora
    Adapter TNSNAMES zur Aufl&divide;sung des Alias benutzt
    Verbindungsversuch mit (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = localho
    st)(PORT = 1521)) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = dev)))
    OK (10 ms)
    OK (20 ms)
    OK (10 ms)
    OK (20 ms)
    OK (10 ms)
    OK (20 ms)
    OK (0 ms)
    OK (20 ms)
    OK (10 ms)
    OK (20 ms)
    OK (0 ms)
    OK (10 ms)
    OK (20 ms)
    OK (0 ms)
    OK (10 ms)
    OK (20 ms)
    OK (0 ms)
    OK (10 ms)
    OK (20 ms)
    OK (20 ms)
    

    Read more at http://Testing Connections - Oracle Online Help.

  9. 2015-10-15 - List all used IP addresses in a network; Tags: List all used IP addresses in a network
    Loading...

    List all used IP addresses in a network

    nmap - Network exploration tool and security / port scanner - allows to scan an entire network and list all used or assigned IP addresses in a private network. This post shows a little example.

    First we need to install:

    sudo apt-get install nmap
    

    Second we scan and list with the option -sL.

    The list scan is a degenerate form of host discovery that simply lists each host of the network(s) specified, without sending any packets to the target hosts. By default, Nmap still does reverse-DNS resolution on the hosts to learn their names. .. Nmap also reports the total number of IP addresses at the end. The list scan is a good sanity check to ensure that you have proper IP addresses for your targets. ..

    Replace with your broadcast IP, if you want to try it yourself.

    nmap -sL 192.168.1.0/24 > nmap.out
    

    The output is written to the file nmap.out. It has (simplified and truncated) following lines:

    tan@cinhtau:~$ cat nmap.out
    Starting Nmap 6.40 ( http://nmap.org ) at 2015-10-14 21:25 CEST
    Nmap scan report for 192.168.1.0
    Nmap scan report for dsldevice.home (192.168.1.1)
    ..
    Nmap scan report for TanVinhsiPhone.home (192.168.1.119)
    Nmap scan report for omega.home (192.168.1.120)
    Nmap scan report for 192.168.1.121
    Nmap scan report for pelion.home (192.168.1.122)
    ..
    Nmap scan report for 192.168.1.255
    Nmap done: 256 IP addresses (0 hosts up) scanned in 4.12 seconds
    

    To get only the interesting information (IP addresses, that have host names) we can use awk with its regex capability. The regex searches simply for the term with alphabetical letters, instead of the IP address. The host name is in the fifth field and the IP address is in the last field.

    tan@cinhtau:~$ cat nmap.out | awk '/Nmap scan report for [a-zA-z]/ {print $5 " " $NF}'
    dsldevice.home (192.168.1.1)
    TanVinhsiPhone.home (192.168.1.119)
    omega.home (192.168.1.120)
    pelion.home (192.168.1.122)
    
  10. 2015-07-07 - Configure proxy server for git; Tags: Configure proxy server for git
    Loading...

    Configure proxy server for git

    Pay attention that your credentials are stored in the config. A better way is to use ssh keys.

    Setup proxy server for HTTP and HTTPS

    git config --global http.proxy http://user:passwd@proxy.cinhtau.net:8080
    git config --global https.proxy https://user:passwd@proxy.cinhtau.net:8080
    

    Remove proxy server for HTTP and HTTPS

    git config --global --unset http.proxy
    git config --global --unset https.proxy
    
  11. 2015-07-01 - Setup file-server for Windows; Tags: Setup file-server for Windows
    Loading...

    Setup file-server for Windows

    We enable the Raspberry Pi as file server for Windows. To achieve that we need to install Samba. Samba allows windows clients to access the Raspberry Pis attached storage devices. All commands need root privileges, if you are working as user gain privileges by adding sudo before each command.

    Install samba software

    apt-get install samba samba-common-bin
    

    The samba configuration can be found in /etc/samba/smb.conf.

    This configuration should contain

    workgroup = WORKGROUP
    wins support = yes
    

    At the bottom of the configuration file you add to your network share for Windows. Following example is a the share named Backup from which the Windows client can read and write.

    [Backup]
    comment = Backup Folder
    path = /media/usbhdd/share
    valid users = @users
    force group = users
    create mask = 0660
    directory mask = 0771
    read only = no
    writeable = yes
    browseable = yes
    

    Some explanations

    • path points to physical directory, the external usb hdd
    • authenticated samba user must be in group users
    • file permissions are in create and directory mask
    • since it is a backup folder, writable is yes

    As you have noticed, the Windows client has to authenticate to access the network share. The samba user is also the linux user. If the smb.conf has a password sync, it will also change the password of the user on the linux OS. To allow Windows to authenticate as user john, john has to be in group users. I assume the group users already exists.

    Add the user john to group users

    usermod -a -G users john
    

    Set samba password for user john

    smbpasswd -a john
    

    Start samba

    service samba start
    

    After that you should be able to access the network share.

  12. 2015-06-17 - Socket (HTTP) connection over Proxy; Tags: Socket (HTTP) connection over Proxy
    Loading...

    Socket (HTTP) connection over Proxy

    If you need to check that a remote host has a socket open, check following example. This example creates a socket at the HTTP port over your custom network proxy. If the proxy requires authentication, you may override the default Authenticator. Keep in mind that it is only an example!

    @Test
    public void testSocketConnection() throws Exception {
    	SocketAddress addr = new InetSocketAddress("proxy.cinhtau.net", 8080);
    	Proxy proxy = new Proxy(Proxy.Type.HTTP, addr);
    	Socket socket = new Socket(proxy);
    
    	// if you have a proxy user
    	Authenticator.setDefault(new Authenticator() {
    		@Override
    		protected PasswordAuthentication getPasswordAuthentication() {
    			return new PasswordAuthentication("esmeralda", "secret".toCharArray());
    		}
    	});
    
    	InetSocketAddress dest = new InetSocketAddress("cinhtau.net", 80);
    	try {
    		socket.connect(dest);
    		assertTrue(socket.isConnected());
    	} catch (IOException e) {
    		LOGGER.error("Network error", e);
    	} finally {
    		socket.close();
    	}
    }

    Read more → Java Networking and Proxies