hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Malcolm Smith (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HTTPCLIENT-1491) Enable provision of Service Principal Name to InitializeSecurityContext
Date Mon, 31 Mar 2014 12:40:15 GMT

     [ https://issues.apache.org/jira/browse/HTTPCLIENT-1491?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Malcolm Smith updated HTTPCLIENT-1491:

    Attachment: auth.win.patch

SVN patch to solve the described issue.

> Enable provision of Service Principal Name to InitializeSecurityContext 
> ------------------------------------------------------------------------
>                 Key: HTTPCLIENT-1491
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1491
>             Project: HttpComponents HttpClient
>          Issue Type: Improvement
>          Components: HttpClient
>    Affects Versions: 4.4 Alpha1
>         Environment: Windows 7
>            Reporter: Malcolm Smith
>              Labels: kerberos, newbie, patch, windows
>             Fix For: Future
>         Attachments: auth.win.patch
>   Original Estimate: 24h
>  Remaining Estimate: 24h
> I have found when using the org.apache.http.impl.auth.win patch for Kerberos authentication
in our corporate environment the InitializeSecurityContext *pszTargetName parameter must be
set to the service principal name (http://msdn.microsoft.com/en-us/library/windows/desktop/ms721625(v=vs.85).aspx#_security_service_principal_name_gly)
for the Kerberos handshake to succeed. 
> This patch allows the service principal name to be provided to the WindowsNegotiateScheme
constructor via the Factory classes. 
> I am unsure if this is required or correct for NTLM.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org

View raw message