hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ricardo Pereira (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HTTPCLIENT-1383) NTLM authentication can enter in infinite loop
Date Sun, 07 Jul 2013 02:21:47 GMT

     [ https://issues.apache.org/jira/browse/HTTPCLIENT-1383?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Ricardo Pereira updated HTTPCLIENT-1383:

    Attachment: HTTPCLIENT-1383_patch_tests

Attached a patch (for trunk) with some changes to the NTLM tests:
 - Adds a new test which enters in infinite loop (the difference is that the first answer
is already a challenge message);
 - Adds a new response handler that answers only with challenge messages.
> NTLM authentication can enter in infinite loop
> ----------------------------------------------
>                 Key: HTTPCLIENT-1383
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1383
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpAuth
>    Affects Versions: Snapshot
>            Reporter: Ricardo Pereira
>             Fix For: 4.2.6, 4.3 Beta3
>         Attachments: ClientNtlmProxyAuthentication.java, HTTPCLIENT-1383_patch_tests,
> If the NTLM proxy sends, always, a challenge message the authentication enters in infinite
> This happened with an user account that got suspended because of too many failed authentication
attempts, after that the server started to send, always, the (same) challenge message causing
an infinite loop with the HttpClient.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org

View raw message