Return-Path: X-Original-To: apmail-hc-dev-archive@www.apache.org Delivered-To: apmail-hc-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 0061DE634 for ; Tue, 4 Dec 2012 15:27:02 +0000 (UTC) Received: (qmail 65214 invoked by uid 500); 4 Dec 2012 15:27:00 -0000 Delivered-To: apmail-hc-dev-archive@hc.apache.org Received: (qmail 65084 invoked by uid 500); 4 Dec 2012 15:27:00 -0000 Mailing-List: contact dev-help@hc.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "HttpComponents Project" Delivered-To: mailing list dev@hc.apache.org Received: (qmail 64982 invoked by uid 99); 4 Dec 2012 15:26:58 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 04 Dec 2012 15:26:58 +0000 Date: Tue, 4 Dec 2012 15:26:58 +0000 (UTC) From: "Karl Wright (JIRA)" To: dev@hc.apache.org Message-ID: <1741860903.59142.1354634818861.JavaMail.jiratomcat@arcas> In-Reply-To: <675855222.45848.1354296838285.JavaMail.jiratomcat@arcas> Subject: [jira] [Commented] (HTTPCLIENT-1266) Flag issues in NTLM implementation prevent authentication on some servers MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HTTPCLIENT-1266?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13509792#comment-13509792 ] Karl Wright commented on HTTPCLIENT-1266: ----------------------------------------- Code is written; writing fairly extensive tests now, and will try in the field before I attach a patch. Several problems discovered - notably (so far): - ntlmv2 response broken because blob too short by 8 bytes - handling of "request ntlm2 response" not correct when target and targetinfo present (which apparently is the case now in the newest NTLM release by microsoft) - missing "domain present" and "workstation present" flag settings in Type 1 message I am also adding calculation of session key; this is done by cURL but is not particularly useful for HTTP interactions. We'll see how that works out in the end. > Flag issues in NTLM implementation prevent authentication on some servers > ------------------------------------------------------------------------- > > Key: HTTPCLIENT-1266 > URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1266 > Project: HttpComponents HttpClient > Issue Type: Bug > Components: HttpAuth > Affects Versions: 4.2.2 > Reporter: Karl Wright > Fix For: Future > > > At the ManifoldCF project, we've recently encountered two SharePoint servers (Windows 2008 Server R2) which seem to be configured in a way that the connector cannot authenticate with them using httpcomponents NTLM. It's worth noting that cURL succeeds, so the NTLM setup is apparently reasonable. Furthermore, the mcf patched version of commons-httpclient also fails in exactly the same way, so it looks like a long-standing issue. > Working through the problem, it appears that the NTLM flags httpclient sends are, in some cases, inconsistent with the data we include. I am working on a httpclient patch, which I hope to be able to exercise in one of the client situations within the next week or two. > Please see CONNECTORS-572 for details and research results. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org For additional commands, e-mail: dev-help@hc.apache.org