Return-Path: Delivered-To: apmail-jakarta-httpclient-dev-archive@www.apache.org Received: (qmail 37050 invoked from network); 29 Dec 2005 16:45:52 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 29 Dec 2005 16:45:52 -0000 Received: (qmail 41299 invoked by uid 500); 29 Dec 2005 16:45:51 -0000 Delivered-To: apmail-jakarta-httpclient-dev-archive@jakarta.apache.org Received: (qmail 41278 invoked by uid 500); 29 Dec 2005 16:45:51 -0000 Mailing-List: contact httpclient-dev-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Help: List-Post: List-Id: "HttpClient Project" Reply-To: "HttpClient Project" Delivered-To: mailing list httpclient-dev@jakarta.apache.org Received: (qmail 41267 invoked by uid 99); 29 Dec 2005 16:45:51 -0000 X-ASF-Spam-Status: No, hits=0.6 required=10.0 tests=NO_REAL_NAME X-Spam-Check-By: apache.org Received: from [192.87.106.226] (HELO ajax.apache.org) (192.87.106.226) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 29 Dec 2005 08:45:50 -0800 Received: by ajax.apache.org (Postfix, from userid 99) id 0AA2CCB; Thu, 29 Dec 2005 17:45:29 +0100 (CET) From: bugzilla@apache.org To: httpclient-dev@jakarta.apache.org Subject: DO NOT REPLY [Bug 38072] New: - Http Client: NTLM Authorization does not work with servers that require NTLM response in the authorization Message-ID: X-Bugzilla-Reason: AssignedTo Date: Thu, 29 Dec 2005 17:45:29 +0100 (CET) X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG� RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND� INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=38072 Summary: Http Client: NTLM Authorization does not work with servers that require NTLM response in the authorization Product: HttpClient Version: 3.0 RC4 Platform: Other OS/Version: other Status: NEW Severity: normal Priority: P2 Component: HttpAuth AssignedTo: httpclient-dev@jakarta.apache.org ReportedBy: twaisel@mercury.com I've tried to get http client to use NTLM authentication or Proxy Authentication with NTLM (for the proxy, not the server), In both cases I see that in the Authorization/Proxy Authorization header, only the LAN Manager response is sent and not the NTLM response (I've seen this in a sniffer and in the code itself, see below). This will not work with servers that their security settings does not allow this, Some require NTLM and do not allow to receive only LM. (NTLM is more secure). I've looked at the NTLM.java class (In org.apache.commons.httpclient), and looks like it really does not send the NTLM response on purpose (It sets its length to zero). To check the security settings in windows go to: Control Panel -> Administrative Tools -> Local Security Policy -> Local Policies -> Security Options -> LAN Manager authentication Level Note that Domain settings override local settings Is there a way to make it work? (Assuming I can't force the server to accept LAN Manager response only), And if not, is it planned to be supported in the http client? Thanks, Tali. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: httpclient-dev-unsubscribe@jakarta.apache.org For additional commands, e-mail: httpclient-dev-help@jakarta.apache.org