This guide provides the list of supported authentication types and describes how to handle various authentication requests.

Proxy, Basic, Digest, NTLM

To handle Proxy, Basic, Digest or NTLM authentication please use the AuthenticateCallback. In this callback you can provide the required username and password, display a dialog where you can ask the user to provide the required credentials, or just cancel an authentication request.

To check whether the authentication request is issued by a proxy server, please use the AuthenticateCallback.Params.isProxy() method. For example:

network.set(AuthenticateCallback.class, (params, tell) -> {
    if (params.isProxy()) {
        // This authentication request is issued by a proxy server.

The following example demonstrates how to provide the required credentials:

network.set(AuthenticateCallback.class, (params, tell) ->
        tell.authenticate("<username>", "<password>"));

To cancel an authentication request please use the following approach:

network.set(AuthenticateCallback.class, (params, tell) -> tell.cancel());

HTTPS Client Certificate

At the start of a SSL or TLS session, the web server may require the client application to submit a client certificate for authentication. Upon receiving the certificate, the server would then use it to identify the certificate’s source and determine whether the client should be given an access.

If the web server is enabled with the client certificate authentication, only the users who attempt to connect from the clients loaded with the right client certificates will succeed. If a client has several client certificates installed, JxBrowser calls the SelectClientCertificateCallback callback. In this callback you can tell the web server which client certificate should be used:

browser.set(SelectClientCertificateCallback.class, (params, tell) -> {
    // The list of the installed and available client certificates.
    List<Certificate> certificates = params.certificates();
    // Select the last client certificate in the list of available
    // client certificates. - 1);

In this callback you can display a dialog where you can ask the user to select the required client certificate from the list of the installed and available certificates.

To cancel a client certificate authentication please use the following approach:

browser.set(SelectClientCertificateCallback.class, (params, tell) -> 

Custom Client Certificate

JxBrowser allows selecting a custom client certificate that is not installed and as result is not available in the given list of the client certificates. The following example demonstrates how to select a custom client certificate:

private static final Path CLIENT_CERT_FILE = Paths.get("<cert-file>.p12");
private static final String CLIENT_CERT_PASSWORD = "<cert-password>";
browser.set(SelectClientCertificateCallback.class, (params, tell) ->,
                CLIENT_CERT_PASSWORD, KeyStoreType.PKCS12)));

In this example we load a custom client certificate from the <cert-file> using PKCS12 keystore, extract its Private Key using <cert-password>, and create ClientCertificate with the client certificate bytes and the Private Key.

SuisseID, U2F

JxBrowser supports authentication through SuisseID and U2F devices. Yo do not need to do anything to enable them. These devices will be recognized automatically when you load a web page that requires this type of authentication.

Go Top