axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Davanum Srinivas <dava...@gmail.com>
Subject Re: NTLM Authentication Limitations
Date Tue, 17 Jan 2006 19:34:07 GMT
Martin,

Could u please raise this as an issue against Commons HTTPclient?

thanks,
dims

On 1/17/06, Martin Woodward <martin.woodward@gmail.com> wrote:
> Apologies for the intrusion, just wanted to pass on the following
> in-case anyone runs across it.
>
> We are using Axis to communicate with a windows web service that
> requires NTLM authentication.  Everything was working super (thanks to
> all the hard work everyone!), then we ran into a problem with one
> particular user.
>
> After much investigation, it turned out that this was because his
> password was 15 characters.  NTLM v1 (used by Apache HttpClient) is
> limited to 14 bytes for the password.  In the windows world this
> doesn't cause a problem as the clients can use NTLMv2, but it means
> that a java client must use credentials with less than 14 bytes to be
> able to inter-operate.
>
> Just thought I'd mention it.  It isn't a bug, more a known limitation
> - but hard to diagnose from the symptoms.  It might be worth a patch
> to throw an error if axis is passed credentials with greater than 14
> bytes - let me know if you want me to submit this.
>
> Thanks,
>
> Martin.
>
> --
>
> http://www.woodwardweb.com
>


--
Davanum Srinivas : http://wso2.com/blogs/

Mime
View raw message