hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Steve Johnson <sjohn...@mercury.com>
Subject RE: NTLM authentication to an MS Exchange web page account using HTTP Client V2.0
Date Wed, 23 Jun 2004 16:31:24 GMT
Hi All,

Thanks again Adrian, very helpful.

The NTCredentials API shows that the user, password, host, and domain
can be set. Is it possible to use the logged-in users credentials?
This way it would allow a user to be authenticated without
reentering user/pw.

Thanks for the help,

-----Original Message-----
From: Adrian Sutton [mailto:adrian@intencha.com] 
Sent: Tuesday, June 22, 2004 4:20 PM
To: Commons HttpClient Project
Subject: Re: NTLM authentication to an MS Exchange web page account using HTTP Client V2.0

This sounds very much like the webserver isn't really using NTLM but is 
using Digest/Basic instead.  If it really were using NTLM passing in 
DOMAIN\User would definitely not work because HttpClient doesn't check 
for that case.  That would also explain why the realm isn't what you 
expect.  I'd say a wire log should shed a lot of light on the situation 
(see http://jakarta.apache.org/commons/httpclient/logging.html )


Adrian Sutton

On 23/06/2004, at 3:43 AM, Steve Johnson wrote:

> Hi All,
> Using HTTPClient version 2.0
> We are using HTTPClient to login to a MS Exchange web page account.
> We can only get it to work by passing in the realm as null, and
> putting the domain back on to the front of the user to pass into 
> NTCredentials().
> new NTCredentials(authUserNameAppendDomainWithBackSlash + 
> settings.getAuthUserName(),
> settings.getAuthPassword(),
>                                 settings.getHost(), 
> settings.getAuthDomain())
> The comments on the interface say that only the username should be 
> passed in, and NOT the domain.
> For other NTLM pages it works to use only the user, but this page has 
> not worked for us without the domain
> like this myDomain\myUser.
> On State.setCredentials() we have tried passing the host, null, and 
> the string "realm" in without the domain
> appended to user.
> All these attempts fail. We would prefer to use the API without the 
> domain on the user.
>                 client.getState().setCredentials(
>                         null,                     //"realm", null, 
> settings.getHost()-
>                         settings.getHost(),
>                         new NTCredentials(authUserNameAppendDomain + 
> settings.getAuthUserName(),
> settings.getAuthPassword(),
>                                 settings.getHost(), 
> settings.getAuthDomain())
>                 );
> Is there some documentation on how the realm interacts with 
> authentication?
> Thanks for your time and effort,
> Steve
> Steve Johnson
> Software Engineer
> Mercury Interactive
> 720 564 - 6532
> USA, Canada and the Americas
> 720 564-6620
> Hours: M-F 08:00-17:00 MST (Mountain Standard Time)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>  <http://www.mercuryinteractive.com> http://www.mercuryinteractive.com
> Looking for Answers to your SiteScope or SiteSeer questions?        
> <http://support.mercuryinteractive.com>
> http://support.mercuryinteractive.com
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Intencha "tomorrow's technology today"
Ph: 38478913 0422236329
Suite 8/29 Oatland Crescent
Holland Park West 4121
Australia QLD

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message