Return-Path: X-Original-To: apmail-hc-dev-archive@www.apache.org Delivered-To: apmail-hc-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 386BADCD5 for ; Sat, 8 Sep 2012 20:48:08 +0000 (UTC) Received: (qmail 82538 invoked by uid 500); 8 Sep 2012 20:48:08 -0000 Delivered-To: apmail-hc-dev-archive@hc.apache.org Received: (qmail 82500 invoked by uid 500); 8 Sep 2012 20:48:08 -0000 Mailing-List: contact dev-help@hc.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "HttpComponents Project" Delivered-To: mailing list dev@hc.apache.org Received: (qmail 82490 invoked by uid 99); 8 Sep 2012 20:48:08 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 08 Sep 2012 20:48:08 +0000 Date: Sun, 9 Sep 2012 07:48:07 +1100 (NCT) From: "Oleg Kalnichevski (JIRA)" To: dev@hc.apache.org Message-ID: <938218429.54546.1347137288017.JavaMail.jiratomcat@arcas> In-Reply-To: <405619109.5067.1345724142664.JavaMail.jiratomcat@arcas> Subject: [jira] [Commented] (HTTPCLIENT-1224) (regression) NTLM auth not retried after a redirect over a non-persistent connection MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HTTPCLIENT-1224?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13451404#comment-13451404 ] Oleg Kalnichevski commented on HTTPCLIENT-1224: ----------------------------------------------- Dave, Without additional input I'll have no other choice but to close the issue as resolved. Oleg > (regression) NTLM auth not retried after a redirect over a non-persistent connection > ------------------------------------------------------------------------------------ > > Key: HTTPCLIENT-1224 > URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1224 > Project: HttpComponents HttpClient > Issue Type: Bug > Components: HttpClient > Affects Versions: 4.2.1 > Environment: Fedora 15 > Reporter: Dave Godbey > Labels: NTLM, authentication, redirect > Fix For: 4.2.2 > > > When you communicate with a Microsoft Exchange server (eg. EWS), you point to /ews/Exchange.asmx. Exchange replies with a redirect order to ews/Services.wsdl. Client is failing to complete this with following wire log: > executing request: GET /ews/Exchange.asmx HTTP/1.1 > to target: https://mail02.ndc.nasa.gov:443 > 2012/08/22 15:05:41:570 CDT [DEBUG] BasicClientConnectionManager - Get connection for route {s}->https://mail02.ndc.nasa.gov:443 > 2012/08/22 15:05:41:785 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443 > 2012/08/22 15:05:42:324 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match > 2012/08/22 15:05:42:337 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context > 2012/08/22 15:05:42:337 CDT [DEBUG] RequestTargetAuthentication - Target auth state: UNCHALLENGED > 2012/08/22 15:05:42:338 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED > 2012/08/22 15:05:42:338 CDT [DEBUG] DefaultHttpClient - Attempt 1 to execute request > 2012/08/22 15:05:42:338 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1 > 2012/08/22 15:05:42:339 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1 > 2012/08/22 15:05:42:339 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443 > 2012/08/22 15:05:42:340 CDT [DEBUG] headers - >> Connection: Keep-Alive > 2012/08/22 15:05:42:340 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5) > 2012/08/22 15:05:42:395 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized > 2012/08/22 15:05:42:395 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized > 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Content-Length: 1656 > 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Content-Type: text/html > 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0 > 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate > 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << WWW-Authenticate: NTLM > 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << X-Powered-By: ASP.NET > 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:41 GMT > 2012/08/22 15:05:42:400 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely > 2012/08/22 15:05:42:401 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication > 2012/08/22 15:05:42:401 CDT [DEBUG] TargetAuthenticationStrategy - Authentication schemes in the order of preference: [negotiate, Kerberos, NTLM, Digest, Basic] > 2012/08/22 15:05:42:409 CDT [DEBUG] SPNegoScheme - Received challenge '' from the auth server > 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Kerberos authentication scheme not available > 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Digest authentication scheme not available > 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Basic authentication scheme not available > 2012/08/22 15:05:42:410 CDT [DEBUG] DefaultHttpClient - Selected authentication options: [NEGOTIATE, NTLM] > 2012/08/22 15:05:42:411 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match > 2012/08/22 15:05:42:411 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context > 2012/08/22 15:05:42:411 CDT [DEBUG] RequestTargetAuthentication - Target auth state: CHALLENGED > 2012/08/22 15:05:42:411 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using Negotiate scheme > 2012/08/22 15:05:42:412 CDT [DEBUG] SPNegoScheme - init mail02.ndc.nasa.gov:443 > 2012/08/22 15:05:42:428 CDT [WARN] RequestTargetAuthentication - NEGOTIATE authentication error: No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)) > 2012/08/22 15:05:42:428 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using ntlm scheme > 2012/08/22 15:05:42:430 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED > 2012/08/22 15:05:42:431 CDT [DEBUG] DefaultHttpClient - Attempt 2 to execute request > 2012/08/22 15:05:42:431 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1 > 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1 > 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443 > 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Connection: Keep-Alive > 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5) > 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAABAAAANQIIIAYABgAkAAAABAAEACAAAAA2ADgATgBEAEMA > 2012/08/22 15:05:42:479 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized > 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized > 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << Content-Length: 1539 > 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << Content-Type: text/html > 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0 > 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << WWW-Authenticate: NTLM TlRMTVNTUAACAAAABgAGADgAAAA1AokiF/jsXoLF09YAAAAAAAAAAIwAjAA+AAAABQLODgAAAA9OAEQAQwACAAYATgBEAEMAAQASAE4ARABNAFMAQwBBAFMAMAA3AAQAGABuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgADACwAbgBkAG0AcwBjAGEAcwAwADcALgBuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgAFABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAAAAAA== > 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << X-Powered-By: ASP.NET > 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT > 2012/08/22 15:05:42:480 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely > 2012/08/22 15:05:42:481 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication > 2012/08/22 15:05:42:481 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed > 2012/08/22 15:05:42:481 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match > 2012/08/22 15:05:42:482 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context > 2012/08/22 15:05:42:482 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE > 2012/08/22 15:05:42:491 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED > 2012/08/22 15:05:42:491 CDT [DEBUG] DefaultHttpClient - Attempt 3 to execute request > 2012/08/22 15:05:42:491 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1 > 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1 > 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443 > 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Connection: Keep-Alive > 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5) > 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAC4ALgAWAAAAAYABgAQAQAADgAOABYBAAAEAAQAJAEAAAAAAAAoAQAANQIIIBHmQ40nLaSFn1s5yZuMSjVu5GMt03gALm3CwkwfZcuQnNpCRGUtYgwBAQAAAAAAAKDzIIKhgM0BbuRjLdN4AC4AAAAAAgAGAE4ARABDAAEAEgBOAEQATQBTAEMAQQBTADAANwAEABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAwAsAG4AZABtAHMAYwBhAHMAMAA3AC4AbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYABQAYAG4AZABjAC4AbgBhAHMAYQAuAGcAbwB2AAAAAABOAEQAQwBkAGcAbwBkAGIAZQB5ADYAOAA= > 2012/08/22 15:05:42:548 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 302 Found > 2012/08/22 15:05:42:548 CDT [DEBUG] headers - << HTTP/1.1 302 Found > 2012/08/22 15:05:42:548 CDT [DEBUG] headers - << Connection: close > 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT > 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0 > 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << X-Powered-By: ASP.NET > 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << X-AspNet-Version: 2.0.50727 > 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Location: /ews/Services.wsdl > 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Cache-Control: private > 2012/08/22 15:05:42:550 CDT [DEBUG] headers - << Content-Type: text/html > 2012/08/22 15:05:42:551 CDT [DEBUG] DefaultRedirectStrategy - Redirect requested to location '/ews/Services.wsdl' > 2012/08/22 15:05:42:558 CDT [DEBUG] DefaultHttpClient - Redirecting to 'https://mail02.ndc.nasa.gov:443/ews/Services.wsdl' via {s}->https://mail02.ndc.nasa.gov:443 > 2012/08/22 15:05:42:559 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:56462<->198.117.0.46:443 closed > 2012/08/22 15:05:42:560 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443 > 2012/08/22 15:05:42:703 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match > 2012/08/22 15:05:42:704 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context > 2012/08/22 15:05:42:704 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE > 2012/08/22 15:05:42:704 CDT [ERROR] RequestTargetAuthentication - NTLM authentication error: Unexpected state: MSG_TYPE3_GENERATED > 2012/08/22 15:05:42:704 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED > 2012/08/22 15:05:42:705 CDT [DEBUG] DefaultHttpClient - Attempt 4 to execute request > 2012/08/22 15:05:42:705 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Services.wsdl HTTP/1.1 > 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> GET /ews/Services.wsdl HTTP/1.1 > 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443 > 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> Connection: Keep-Alive > 2012/08/22 15:05:42:706 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5) > 2012/08/22 15:05:43:091 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized > 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized > 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Content-Length: 1656 > 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Content-Type: text/html > 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0 > 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate > 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << WWW-Authenticate: NTLM > 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << X-Powered-By: ASP.NET > 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT > 2012/08/22 15:05:43:093 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely > 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication > 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed > 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - Authentication failed > Source breakpoint: NtlmTest1.java:229 > ---------------------------------------- > HTTP/1.1 401 Unauthorized > Response content length: 1656 > 2012/08/22 15:05:48:626 CDT [DEBUG] BasicClientConnectionManager - Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl@18b1f8f > 2012/08/22 15:05:48:626 CDT [DEBUG] BasicClientConnectionManager - Connection can be kept alive indefinitely > 2012/08/22 15:05:48:626 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:56463<->198.117.0.46:443 closed -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org For additional commands, e-mail: dev-help@hc.apache.org