hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Blanc, Isabelle" <Isabelle.Bl...@mairie-paris.fr>
Subject authentication ...
Date Wed, 31 Dec 2003 15:42:33 GMT
Hi everybody :)

and first of all, I wish you all an happy new year :)) 

and now is my question/remark (i don't know if it's better to post it here, or in the user
mailing list, or as a comment in bugzilla, but I don't want to cross post, so for now I post
it only here - let me know if I should cross post or add a comment in bugzilla) : 

- the proxy I had to go though was using NTLM, and I checkouted the HTTPCLIENT_2_0_BRANCH
tag sources from cvs.
- then the sysadmin decided to open a door for me in the proxy that would use only basic authentication.
So i though that replacing the NTCredentials with UsernamePasswordCredentials would be enough
- and it wasn't. The code was still returning a 407 - which is weird with basic auth.
- I finally found out where the "error" was (and now it works fine - only for me tho), but
I can't decide if it's because of the proxy (that returns a "wrong" answer) or because of
commons/httpclient code :
	* the proxy returns these challenges, in this order : ntlm - basic - kerberos - negotiate
	* in HttpAuthenticator.selectAuthScheme, after having built the challengemap, you go like
		challenge = (String) challengemap.get("ntlm");
		if (challenge != null) {
			return new NTLMScheme(challenge);
		challenge = (String) challengemap.get("digest");
		if (challenge != null) {
			return new DigestScheme(challenge);
		challenge = (String) challengemap.get("basic");
		if (challenge != null) {
			return new BasicScheme(challenge);

I only commented out the 4 lines about NTLM (i know it's quick & dirty but .. i had to
make it work before 2004 ;] !)
Anyway, does it mean that the proxy should NOT return any ntlm challenge if it expects a basic
auth, even if it's for one single realm (all other realms (domains for ntlm) use NTLM auth)
Or does it mean there's something here in the code that needs to be twisted (like, the only
challenge that actually has a "value" is the basic one : if i print the challenge map i get

basic--Basic realm="hidden-sorry"
) ??

that was my 2 cents ....
hope you'll all have a nice nice new year's eve tonight :o) ! 


To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org

View raw message