Return-Path: X-Original-To: apmail-hc-dev-archive@www.apache.org Delivered-To: apmail-hc-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 5E0951098E for ; Thu, 9 Jan 2014 23:27:53 +0000 (UTC) Received: (qmail 51104 invoked by uid 500); 9 Jan 2014 23:27:52 -0000 Delivered-To: apmail-hc-dev-archive@hc.apache.org Received: (qmail 51055 invoked by uid 500); 9 Jan 2014 23:27:52 -0000 Mailing-List: contact dev-help@hc.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "HttpComponents Project" Delivered-To: mailing list dev@hc.apache.org Received: (qmail 50888 invoked by uid 99); 9 Jan 2014 23:27:51 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 09 Jan 2014 23:27:51 +0000 Date: Thu, 9 Jan 2014 23:27:51 +0000 (UTC) From: "Carina Lansing (JIRA)" To: dev@hc.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Updated] (HTTPCLIENT-1446) Proxy authentication Error - NTLM authentication error: Unexpected state: MSG_TYPE3_GENERATED in Http Client 4.3.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HTTPCLIENT-1446?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carina Lansing updated HTTPCLIENT-1446: --------------------------------------- Attachment: httpDebugTrace.txt > Proxy authentication Error - NTLM authentication error: Unexpected state: MSG_TYPE3_GENERATED in Http Client 4.3.1 > ------------------------------------------------------------------------------------------------------------------ > > Key: HTTPCLIENT-1446 > URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1446 > Project: HttpComponents HttpClient > Issue Type: Bug > Components: HttpClient > Affects Versions: 4.3.1 > Environment: Windows 7 > Reporter: Carina Lansing > Attachments: httpDebugTrace.txt > > > We are using httpclient 4.3.1, trying to connect to a website that requires basic authentication through an NTLM v2 proxy. It appears that the proxy authentication is successfully negotiated, but then when trying to process the challenge from the target web site in the next pass, the NTLMScheme is throwing this exception at line 147? We are instantiating our http client via the snippet shown below. Attached is a debug trace of the HttpGet operation. > ----------------------------------------------------------------------------------- > ConnectionConfig connectionConfig = ConnectionConfig.custom() > .setMalformedInputAction(CodingErrorAction.IGNORE) > .setUnmappableInputAction(CodingErrorAction.IGNORE) > .setCharset(Consts.UTF_8) > .setMessageConstraints(MessageConstraints.DEFAULT) > .build(); > > this.connManager = new PoolingHttpClientConnectionManager(); > // Configure the connection manager to use connection configuration > this.connManager.setDefaultConnectionConfig(connectionConfig); > // Configure total max or per route limits for persistent connections > // that can be kept in the pool or leased by the connection manager. > this.connManager.setMaxTotal(30); > this.connManager.setDefaultMaxPerRoute(30); > // Create global request configuration > this.defaultRequestConfig = RequestConfig.custom() > .setCookieSpec(CookieSpecs.BEST_MATCH) > .setExpectContinueEnabled(true) > .setStaleConnectionCheckEnabled(true) > .setTargetPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC)) > .setProxyPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC, AuthSchemes.NTLM)) > .build(); > ..... > // Set the route planner with our Proxy Selector which should auto-determine the proxy settings > SystemDefaultRoutePlanner routePlanner = new SystemDefaultRoutePlanner(ProxyConfig.getProxySelector()); > // Use custom credentials provider to set credentials for server and proxy > CredentialsProvider credentialsProvider = new BasicCredentialsProvider(); > // Set credentials for velo server > credentialsProvider.setCredentials( > new AuthScope(this.server, this.port), // velo server and port (i.e., akuna.labworks.org:80) > new UsernamePasswordCredentials(username, password)); > // Set credentials for proxy > if(ProxyConfig.getHost() != null && ProxyConfig.getProxyUsername() != null) { > // basic scheme > credentialsProvider.setCredentials( > new AuthScope(ProxyConfig.getHost(), ProxyConfig.getPort(), new BasicScheme().getSchemeName()), > new UsernamePasswordCredentials(ProxyConfig.getProxyUsername(), ProxyConfig.getProxyPassword())); > // NTLM scheme > credentialsProvider.setCredentials( > new AuthScope(ProxyConfig.getHost(), ProxyConfig.getPort(), AuthScope.ANY_REALM, new NTLMScheme().getSchemeName()), > new NTCredentials(ProxyConfig.getProxyUsername(), ProxyConfig.getProxyPassword(), > ProxyConfig.getClientMachine(), ProxyConfig.getClientDomain())); > } > > // Configure for https > SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, > SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); > > // Create an HttpClient with the given custom dependencies and configuration. > CloseableHttpClient httpclient = HttpClients.custom() > .setConnectionManager(this.connManager) > .setDefaultCredentialsProvider(credentialsProvider) > // .setProxy(new HttpHost("myproxy", 8080)) // don't need to set proxy since routePlanner should do it > .setRoutePlanner(routePlanner) > .setDefaultRequestConfig(this.defaultRequestConfig) > .setSSLSocketFactory(sslsf) > .build(); -- This message was sent by Atlassian JIRA (v6.1.5#6160) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org For additional commands, e-mail: dev-help@hc.apache.org