Return-Path: Delivered-To: apmail-ws-axis-dev-archive@www.apache.org Received: (qmail 72991 invoked from network); 17 Jan 2006 19:37:35 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 17 Jan 2006 19:37:35 -0000 Received: (qmail 73163 invoked by uid 500); 17 Jan 2006 19:37:26 -0000 Delivered-To: apmail-ws-axis-dev-archive@ws.apache.org Received: (qmail 73113 invoked by uid 500); 17 Jan 2006 19:37:26 -0000 Mailing-List: contact axis-dev-help@ws.apache.org; run by ezmlm Precedence: bulk Reply-To: axis-dev@ws.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list axis-dev@ws.apache.org Received: (qmail 73092 invoked by uid 99); 17 Jan 2006 19:37:25 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 17 Jan 2006 11:37:25 -0800 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: domain of davanum@gmail.com designates 66.249.82.194 as permitted sender) Received: from [66.249.82.194] (HELO xproxy.gmail.com) (66.249.82.194) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 17 Jan 2006 11:34:28 -0800 Received: by xproxy.gmail.com with SMTP id t16so966400wxc for ; Tue, 17 Jan 2006 11:34:07 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=ltJIevNR5yMvQaki4cAvbPZc3ImRaZGBfCnrRLHFsBWjNKQQJgm+8yZQ0K7VXhbQvbJqyEsLoupr79lxhTzuJ+WUMCHxOQmq7dMtdq+HUACXFRwLrXqEK7Axd5hnG8/d1VF33CpKtTV8fwhFJcHrBZ1ddkJPq20D1Htm0YI7Zes= Received: by 10.11.98.47 with SMTP id v47mr109276cwb; Tue, 17 Jan 2006 11:34:07 -0800 (PST) Received: by 10.11.120.4 with HTTP; Tue, 17 Jan 2006 11:34:07 -0800 (PST) Message-ID: <19e0530f0601171134oa0b1826k694e649feac6fafd@mail.gmail.com> Date: Tue, 17 Jan 2006 14:34:07 -0500 From: Davanum Srinivas Reply-To: dims@apache.org To: axis-dev@ws.apache.org Subject: Re: NTLM Authentication Limitations In-Reply-To: <598d83ad0601171111w4bb95ea7y9d7d413a5a8833a9@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <598d83ad0601171111w4bb95ea7y9d7d413a5a8833a9@mail.gmail.com> X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Martin, Could u please raise this as an issue against Commons HTTPclient? thanks, dims On 1/17/06, Martin Woodward wrote: > Apologies for the intrusion, just wanted to pass on the following > in-case anyone runs across it. > > We are using Axis to communicate with a windows web service that > requires NTLM authentication. Everything was working super (thanks to > all the hard work everyone!), then we ran into a problem with one > particular user. > > After much investigation, it turned out that this was because his > password was 15 characters. NTLM v1 (used by Apache HttpClient) is > limited to 14 bytes for the password. In the windows world this > doesn't cause a problem as the clients can use NTLMv2, but it means > that a java client must use credentials with less than 14 bytes to be > able to inter-operate. > > Just thought I'd mention it. It isn't a bug, more a known limitation > - but hard to diagnose from the symptoms. It might be worth a patch > to throw an error if axis is passed credentials with greater than 14 > bytes - let me know if you want me to submit this. > > Thanks, > > Martin. > > -- > > http://www.woodwardweb.com > -- Davanum Srinivas : http://wso2.com/blogs/