hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adrian Sutton <adr...@intencha.com>
Subject Re: NTLM or NTLMv2?
Date Fri, 20 Feb 2004 11:44:45 GMT
> It is possible to set the minimum security that is used for programs
> that use the NTLM Security Support Provider (SSP) by modifying a
> registry key. So anybody may set level 5 which does not accept NTLM but
> NTLMv2 only. Do you refer to that by naming Windows 2003 Server?
> If so that would mean NTLMv2 is not supported by HttpClient. Correct?

Hi Steven,
The information you quote is for Windows NT 4.0 and Windows 2000, as far as
can be determined, HttpClient is fully compatible with these OS's, the only
problem (and it is theoretical as we haven't received any actual reports of
it not working) is with Windows 2003 Server in a specific configuration.  As
I understand it, the configuration isn't so much a new version of NTLM as
adding a cryptographic key to the messages such that only Windows can be
compatible with it.  It is essentially an attempt by Microsoft to break
SAMBA (the linux-based project).

>From what you've sent through I would say that HttpClient does support
NTLMv2 however I have to stress that there are no published specs for NTLM
(any version) and as such the only real way to know if it works for you is
to test it.

>  Stefan Dingfelder


Adrian Sutton.

Intencha "tomorrow's technology today"
Ph: 38478913 0422236329
Suite 8/29 Oatland Crescent
Holland Park West 4121
Australia QLD

To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org

View raw message