407 Proxy Authentication Required

Q: How do I prevent maven:PROXY_AUTH_REQUIRED_407 in CI?

Standardize `settings.xml` distribution for developers and CI so proxy configuration is consistent. Use a repository manager inside the network so external proxy rules affect fewer endpoints. Document required proxy settings (including `nonProxyHosts`) for build environments.

Q: How can I manually validate maven:PROXY_AUTH_REQUIRED_407?

Print effective settings and check ` `: `mvn -q help:effective-settings`. Confirm the proxy `host`, `port`, and `protocol` match your network requirements (HTTP vs HTTPS proxy). Confirm `nonProxyHosts` includes internal repository hosts that should bypass the proxy (if applicable). Retry with debug logs to confirm Maven is attempting to use the proxy: `mvn -X -DskipTests package`.

What This Error Means

Maven is using an HTTP proxy to reach repositories, but the proxy requires authentication and Maven is not configured with valid proxy credentials.

Read this as a precise clue about which part of the workflow broke first. Once you know the failing layer, the fix path gets much shorter.

How to Fix It

Add or update a <proxy> entry in ~/.m2/settings.xml with the correct host, port, protocol, and credentials.

If only one proxy should be active, ensure only one <proxy> has <active>true</active>.

If you have an internal repository manager, add its host to nonProxyHosts so Maven can reach it directly.

Re-run the Maven command. If it still fails, run with debug logs:mvn -X -DskipTests package and confirm the proxy settings being used.

Why It Happens

Usually this comes down to proxy configuration is missing from settings.xml on the machine running Maven, proxy username/password is missing or incorrect, the proxy changed (host/port) or credentials were rotated, or maven is unintentionally using a proxy in one environment but not another (different settings files).

Verify the Fix

Re-run the original Maven goal and confirm Maven can download artifacts without 407 responses, and confirm at least one new artifact is written to ~/.m2/repository/.

Manual proxy configuration checks

Print effective settings and check <proxies>, then mvn -q help:effective-settings.

Confirm the proxy host, port, and protocol match your network requirements (HTTP vs HTTPS proxy).

Confirm nonProxyHosts includes internal repository hosts that should bypass the proxy (if applicable).

Retry with debug logs to confirm Maven is attempting to use the proxy:mvn -X -DskipTests package

Examples

[ERROR] Failed to transfer file: https://repo.maven.apache.org/maven2/... Return code is: 407, ReasonPhrase: Proxy Authentication Required.
[ERROR] 407 Proxy Authentication Required

How Maven uses proxies

This is the part worth understanding if the quick fix did not hold. It explains what Maven is trying to do at the moment the error appears.

Maven proxy settings live in ~/.m2/settings.xml under <proxies>.

If a proxy is required for outbound traffic, Maven must be configured with the correct proxy host/port and (if needed) username/password. If proxy auth is missing or wrong, the proxy responds with 407 and Maven cannot reach repositories.

Prevent It From Coming Back

To prevent this, standardize settings.xml distribution for developers and CI so proxy configuration is consistent, use a repository manager inside the network so external proxy rules affect fewer endpoints, and document required proxy settings (including nonProxyHosts) for build environments.

Docs and source code

github.com/apache/maven/blob/maven-3.9.6/maven-core/src/main/java/org/apache/maven/project/DefaultProjectDependenciesResolver.java

HTTP proxy failures (407) are surfaced to Maven as a transfer failure message from the underlying resolver/wagon layer (e.getMessage()). - GitHub

String msg = "Could not resolve dependencies for project " + project.getId() + ": " + e.getMessage();
DependencyResolutionException dex = new DependencyResolutionException(msg, e);
dex.setResult(e.getResult());
throw dex;