hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tony Thompson" <Tony.Thomp...@stone-ware.com>
Subject RE: Using NTLM auth with expect continue
Date Wed, 09 Apr 2008 20:43:28 GMT
The trace is below (wasn't sure if I could send attachments).  Here is
basically what you are looking at:

1. GET form.html
2. 401 returned from server
3. My application detects the 401 and does another GET but this time the
NTLM credentials are provided to HTTPClient
4. NTLM negotiation succeeds and the form is returned
5. I force the socket to close between client and server so the POST to
displayform2.asp will cause another 401
6. The 401 happens and again my app makes another request but this time
providing the credentials
7. The 400 response is returned.

I did try to add the NTLM credentials to the request the first time so
that you wouldn't see the request tried twice in each case and it still
had the same result.

DEBUG (04/09) 13:34:34 [httpclient.wire.header]: >> "GET
/ntlmtest/form.html HTTP/1.1[\r][\n]"
DEBUG (04/09) 13:34:34 [httpclient.wire.header]: >> "Accept: image/gif,
image/x-xbitmap, image/jpeg, image/pjpeg, application/x-sh
ockwave-flash, */*[\r][\n]"
DEBUG (04/09) 13:34:34 [httpclient.wire.header]: >> "Accept-Language:
en-us[\r][\n]"
DEBUG (04/09) 13:34:34 [httpclient.wire.header]: >> "UA-CPU:
x86[\r][\n]"
DEBUG (04/09) 13:34:34 [httpclient.wire.header]: >> "Accept-Encoding:
gzip, deflate[\r][\n]"
DEBUG (04/09) 13:34:34 [httpclient.wire.header]: >> "If-None-Match:
"d0513afb5cfc71:5898"[\r][\n]"
DEBUG (04/09) 13:34:34 [httpclient.wire.header]: >> "User-Agent:
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4
322)[\r][\n]"
DEBUG (04/09) 13:34:34 [httpclient.wire.header]: >> "Cookie:
__utma=192635624.1155137762.1196176465.1205518449.1205528317.17; __ut
mz=192635624.1196176465.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none
); mbox=PC#1203020122430-488091.00#1267215576|session#1204
140538593-649658#1204145436|edge#app2-prod3.prod3.offermatica.com.120414
3582590#1204145437|check#true#1204143636; Janus4Legacy=Jan
us4Legacy;
CStoneSessionID=QrsnhygYbnqre4f033a1!119343e67ab!-7f1b[\r][\n]"
DEBUG (04/09) 13:34:34 [httpclient.wire.header]: >> "Host:
mssb01.stone-ware.com[\r][\n]"
DEBUG (04/09) 13:34:34 [httpclient.wire.header]: >> "[\r][\n]"
DEBUG (04/09) 13:34:34 [httpclient.wire.header]: << "HTTP/1.1 401
Unauthorized[\r][\n]"
DEBUG (04/09) 13:34:34 [httpclient.wire.header]: << "HTTP/1.1 401
Unauthorized[\r][\n]"
DEBUG (04/09) 13:34:34 [httpclient.wire.header]: << "Content-Length:
1656[\r][\n]"
DEBUG (04/09) 13:34:34 [httpclient.wire.header]: << "Content-Type:
text/html[\r][\n]"
DEBUG (04/09) 13:34:34 [httpclient.wire.header]: << "Server:
Microsoft-IIS/6.0[\r][\n]"
DEBUG (04/09) 13:34:34 [httpclient.wire.header]: << "WWW-Authenticate:
NTLM[\r][\n]"
DEBUG (04/09) 13:34:34 [httpclient.wire.header]: << "WWW-Authenticate:
Negotiate[\r][\n]"
DEBUG (04/09) 13:34:34 [httpclient.wire.header]: << "WWW-Authenticate:
Digest qop="auth",algorithm=MD5-sess,nonce="3393c6f9679ac80
1fe20959cc5fb4d2960f5333ce01f368be592f3faf685be1ed5424759ee12105f",chars
et=utf-8,realm="stone-ware.com"[\r][\n]"
DEBUG (04/09) 13:34:34 [httpclient.wire.header]: <<
"MicrosoftOfficeWebServer: 5.0_Pub[\r][\n]"
DEBUG (04/09) 13:34:34 [httpclient.wire.header]: << "X-Powered-By:
ASP.NET[\r][\n]"
DEBUG (04/09) 13:34:34 [httpclient.wire.header]: << "Date: Wed, 09 Apr
2008 17:34:34 GMT[\r][\n]"
DEBUG (04/09) 13:34:34 [httpclient.wire.header]: << "[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<!DOCTYPE HTML
PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html
4/strict.dtd">[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: <<
"<HTML><HEAD><TITLE>You are not authorized to view this
page</TITLE>[\r][\n]"

DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<META
HTTP-EQUIV="Content-Type" Content="text/html; charset=Windows-1252">[\
r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<STYLE
type="text/css">[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "  BODY { font:
8pt/12pt verdana }[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "  H1 { font:
13pt/15pt verdana }[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "  H2 { font:
8pt/12pt verdana }[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "  A:link { color:
red }[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "  A:visited {
color: maroon }[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "</STYLE>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: <<
"</HEAD><BODY><TABLE width=500 border=0 cellspacing=10><TR><TD>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<h1>You are not
authorized to view this page</h1>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "You do not have
permission to view this directory or page using the credenti
als that you supplied because your Web browser is sending a
WWW-Authenticate header field that the Web server is not configured to
 accept.[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<hr>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<p>Please try the
following:</p>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<ul>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<li>Contact the
Web site administrator if you believe you should be able to
view this directory or page.</li>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<li>Click the <a
href="javascript:location.reload()">Refresh</a> button to t
ry again with different cred"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: <<
"entials.</li>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "</ul>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<h2>HTTP Error
401.2 - Unauthorized: Access is denied due to server configur
ation.<br>Internet Information Services (IIS)</h2>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<hr>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<p>Technical
Information (for support personnel)</p>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<ul>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<li>Go to <a
href="http://go.microsoft.com/fwlink/?linkid=8180">Microsoft Pr
oduct Support Services</a> and perform a title search for the words
<b>HTTP</b> and <b>401</b>.</li>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<li>Open <b>IIS
Help</b>, which is accessible in IIS Manager (inetmgr),[\r][
\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << " and search for
topics titled <b>About Security</b>, <b>Authentication</b>,
and <b>About Custom Error Messages</b>.</li>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "</ul>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: <<
"</TD></TR></TABLE></BODY></HTML>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "GET
/ntlmtest/form.html HTTP/1.1[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "Accept: image/gif,
image/x-xbitmap, image/jpeg, image/pjpeg, application/x-sh
ockwave-flash, */*[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "Accept-Language:
en-us[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "UA-CPU:
x86[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "Accept-Encoding:
gzip, deflate[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "If-None-Match:
"d0513afb5cfc71:5898"[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "User-Agent:
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4
322)[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "Cookie:
__utma=192635624.1155137762.1196176465.1205518449.1205528317.17; __ut
mz=192635624.1196176465.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none
); mbox=PC#1203020122430-488091.00#1267215576|session#1204
140538593-649658#1204145436|edge#app2-prod3.prod3.offermatica.com.120414
3582590#1204145437|check#true#1204143636; Janus4Legacy=Jan
us4Legacy;
CStoneSessionID=QrsnhygYbnqre4f033a1!119343e67ab!-7f1b[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "Host:
mssb01.stone-ware.com[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "HTTP/1.1 401
Unauthorized[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "HTTP/1.1 401
Unauthorized[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "Content-Length:
1656[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "Content-Type:
text/html[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "Server:
Microsoft-IIS/6.0[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "WWW-Authenticate:
NTLM[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "WWW-Authenticate:
Negotiate[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "WWW-Authenticate:
Digest qop="auth",algorithm=MD5-sess,nonce="9b1cd0f9679ac80
1ee22ced61e15d5f81247262f3e9885285d41e49b86879a898512b452dd89e91b",chars
et=utf-8,realm="stone-ware.com"[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: <<
"MicrosoftOfficeWebServer: 5.0_Pub[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "X-Powered-By:
ASP.NET[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "Date: Wed, 09 Apr
2008 17:34:34 GMT[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<!DOCTYPE HTML
PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html
4/strict.dtd">[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: <<
"<HTML><HEAD><TITLE>You are not authorized to view this
page</TITLE>[\r][\n]"

DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<META
HTTP-EQUIV="Content-Type" Content="text/html; charset=Windows-1252">[\
r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<STYLE
type="text/css">[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "  BODY { font:
8pt/12pt verdana }[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "  H1 { font:
13pt/15pt verdana }[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "  H2 { font:
8pt/12pt verdana }[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "  A:link { color:
red }[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "  A:visited {
color: maroon }[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "</STYLE>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: <<
"</HEAD><BODY><TABLE width=500 border=0 cellspacing=10><TR><TD>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<h1>You are not
authorized to view this page</h1>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "You do not have
permission to view this directory or page using the credenti
als that you supplied because your Web browser is sending a
WWW-Authenticate header field that the Web server is not configured to
 accept.[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<hr>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<p>Please try the
following:</p>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<ul>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<li>Contact the
Web site administrator if you believe you should be able to
view this directory or page.</li>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<li>Click the <a
href="javascript:location.reload()">Refresh</a> button to t
ry again with different cred"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: <<
"entials.</li>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "</ul>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<h2>HTTP Error
401.2 - Unauthorized: Access is denied due to server configur
ation.<br>Internet Information Services (IIS)</h2>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<hr>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<p>Technical
Information (for support personnel)</p>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<ul>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<li>Go to <a
href="http://go.microsoft.com/fwlink/?linkid=8180">Microsoft Pr
oduct Support Services</a> and perform a title search for the words
<b>HTTP</b> and <b>401</b>.</li>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<li>Open <b>IIS
Help</b>, which is accessible in IIS Manager (inetmgr),[\r][
\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << " and search for
topics titled <b>About Security</b>, <b>Authentication</b>,
and <b>About Custom Error Messages</b>.</li>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "</ul>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: <<
"</TD></TR></TABLE></BODY></HTML>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "GET
/ntlmtest/form.html HTTP/1.1[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "Accept: image/gif,
image/x-xbitmap, image/jpeg, image/pjpeg, application/x-sh
ockwave-flash, */*[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "Accept-Language:
en-us[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "UA-CPU:
x86[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "Accept-Encoding:
gzip, deflate[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "If-None-Match:
"d0513afb5cfc71:5898"[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "User-Agent:
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4
322)[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "Cookie:
__utma=192635624.1155137762.1196176465.1205518449.1205528317.17; __ut
mz=192635624.1196176465.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none
); mbox=PC#1203020122430-488091.00#1267215576|session#1204
140538593-649658#1204145436|edge#app2-prod3.prod3.offermatica.com.120414
3582590#1204145437|check#true#1204143636; Janus4Legacy=Jan
us4Legacy;
CStoneSessionID=QrsnhygYbnqre4f033a1!119343e67ab!-7f1b[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "Authorization: NTLM
TlRMTVNTUAABAAAABlIAAAcABwA0AAAAFAAUACAAAABTV1RFVC5TVE9OR
S1XQVJFLkNPTU5PVC1TRVQ=[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "Host:
mssb01.stone-ware.com[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "HTTP/1.1 401
Unauthorized[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "HTTP/1.1 401
Unauthorized[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "Content-Length:
1539[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "Content-Type:
text/html[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "Server:
Microsoft-IIS/6.0[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "WWW-Authenticate:
NTLM TlRMTVNTUAACAAAACgAKADgAAAAGAoECTdghKL1Qs5IAAAAAAAAAAJ
oAmgBCAAAABQLODgAAAA9TVE9ORS1XQVJFAgAUAFMAVABPAE4ARQAtAFcAQQBSAEUAAQAMAE
0AUwBTAEIAMAAxAAQAHABzAHQAbwBuAGUALQB3AGEAcgBlAC4AYwBvAG0A
AwAqAE0AUwBTAEIAMAAxAC4AcwB0AG8AbgBlAC0AdwBhAHIAZQAuAGMAbwBtAAUAHABzAHQA
bwBuAGUALQB3AGEAcgBlAC4AYwBvAG0AAAAAAA==[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: <<
"MicrosoftOfficeWebServer: 5.0_Pub[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "X-Powered-By:
ASP.NET[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "Date: Wed, 09 Apr
2008 17:34:34 GMT[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<!DOCTYPE HTML
PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html
4/strict.dtd">[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: <<
"<HTML><HEAD><TITLE>You are not authorized to view this
page</TITLE>[\r][\n]"

DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<META
HTTP-EQUIV="Content-Type" Content="text/html; charset=Windows-1252">[\
r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<STYLE
type="text/css">[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "  BODY { font:
8pt/12pt verdana }[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "  H1 { font:
13pt/15pt verdana }[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "  H2 { font:
8pt/12pt verdana }[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "  A:link { color:
red }[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "  A:visited {
color: maroon }[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "</STYLE>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: <<
"</HEAD><BODY><TABLE width=500 border=0 cellspacing=10><TR><TD>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<h1>You are not
authorized to view this page</h1>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "You do not have
permission to view this directory or page using the credenti
als that you supplied.[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<hr>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<p>Please try the
following:</p>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<ul>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<li>Contact the
Web site administrator if you believe you should be able to
view this directory or page.</li>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<li>Click the <a
href="javascript:location.reload()">Refresh</a> button to t
ry again with different credentials.</li>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "</ul>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<h2>HTTP Error
401.1 - Unauthorized: Access is denied due to invalid credent
ials.<br>Internet "
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "Information
Services (IIS)</h2>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<hr>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<p>Technical
Information (for support personnel)</p>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<ul>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<li>Go to <a
href="http://go.microsoft.com/fwlink/?linkid=8180">Microsoft Pr
oduct Support Services</a> and perform a title search for the words
<b>HTTP</b> and <b>401</b>.</li>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "<li>Open <b>IIS
Help</b>, which is accessible in IIS Manager (inetmgr),[\r][
\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << " and search for
topics titled <b>Authentication</b>, <b>Access Control</b>,
and <b>About Custom Error Messages</b>.</li>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "</ul>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: << "[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.content]: <<
"</TD></TR></TABLE></BODY></HTML>[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "GET
/ntlmtest/form.html HTTP/1.1[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "Accept: image/gif,
image/x-xbitmap, image/jpeg, image/pjpeg, application/x-sh
ockwave-flash, */*[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "Accept-Language:
en-us[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "UA-CPU:
x86[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "Accept-Encoding:
gzip, deflate[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "If-None-Match:
"d0513afb5cfc71:5898"[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "User-Agent:
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4
322)[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "Cookie:
__utma=192635624.1155137762.1196176465.1205518449.1205528317.17; __ut
mz=192635624.1196176465.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none
); mbox=PC#1203020122430-488091.00#1267215576|session#1204
140538593-649658#1204145436|edge#app2-prod3.prod3.offermatica.com.120414
3582590#1204145437|check#true#1204143636; Janus4Legacy=Jan
us4Legacy;
CStoneSessionID=QrsnhygYbnqre4f033a1!119343e67ab!-7f1b[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "Authorization: NTLM
TlRMTVNTUAADAAAAGAAYAGQAAAAAAAAAfAAAAAcABwBAAAAACQAJAEcAA
AAUABQAUAAAAAAAAAB8AAAABlIAAE5PVC1TRVRUVEhPTVBTT05TV1RFVC5TVE9ORS1XQVJFL
kNPTXGSJKZjdgHIyNtBBEE+8NlDIV9gfFJFAg==[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "Host:
mssb01.stone-ware.com[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: >> "[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "HTTP/1.1 304 Not
Modified[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "HTTP/1.1 304 Not
Modified[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "Last-Modified: Wed,
25 Jul 2007 21:51:40 GMT[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "Accept-Ranges:
bytes[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "ETag:
"d0513afb5cfc71:5898"[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "Server:
Microsoft-IIS/6.0[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: <<
"MicrosoftOfficeWebServer: 5.0_Pub[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "X-Powered-By:
ASP.NET[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "Date: Wed, 09 Apr
2008 17:34:34 GMT[\r][\n]"
DEBUG (04/09) 13:34:35 [httpclient.wire.header]: << "[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "POST
/ntlmtest/displayform2.asp HTTP/1.1[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "Accept: image/gif,
image/x-xbitmap, image/jpeg, image/pjpeg, application/x-sh
ockwave-flash, */*[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "Accept-Language:
en-us[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "UA-CPU:
x86[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "Accept-Encoding:
gzip, deflate[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "User-Agent:
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4
322)[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "Cookie:
__utma=192635624.1155137762.1196176465.1205518449.1205528317.17; __ut
mz=192635624.1196176465.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none
); mbox=PC#1203020122430-488091.00#1267215576|session#1204
140538593-649658#1204145436|edge#app2-prod3.prod3.offermatica.com.120414
3582590#1204145437|check#true#1204143636; Janus4Legacy=Jan
us4Legacy;
CStoneSessionID=QrsnhygYbnqre4f033a1!119343e67ab!-7f1b[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "Referer:
https://bb.stone-ware.com/ntlmtest/form.html[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "Content-Type:
application/x-www-form-urlencoded[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "Content-Length:
21[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "Cache-Control:
no-cache[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "Host:
mssb01.stone-ware.com[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "Expect:
100-continue[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: << "HTTP/1.1 401
Unauthorized[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: << "HTTP/1.1 401
Unauthorized[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: << "Content-Length:
1656[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: << "Content-Type:
text/html[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: << "Server:
Microsoft-IIS/6.0[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: << "WWW-Authenticate:
NTLM[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: << "WWW-Authenticate:
Negotiate[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: << "WWW-Authenticate:
Digest qop="auth",algorithm=MD5-sess,nonce="f7771606689ac80
1904a06dc8bf8037a09ed1f117087aea5dfb54f69e4177a1616c420cc1a6e8b62",chars
et=utf-8,realm="stone-ware.com"[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: <<
"MicrosoftOfficeWebServer: 5.0_Pub[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: << "X-Powered-By:
ASP.NET[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: << "Date: Wed, 09 Apr
2008 17:34:54 GMT[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: << "[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "<!DOCTYPE HTML
PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html
4/strict.dtd">[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: <<
"<HTML><HEAD><TITLE>You are not authorized to view this
page</TITLE>[\r][\n]"

DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "<META
HTTP-EQUIV="Content-Type" Content="text/html; charset=Windows-1252">[\
r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "<STYLE
type="text/css">[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "  BODY { font:
8pt/12pt verdana }[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "  H1 { font:
13pt/15pt verdana }[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "  H2 { font:
8pt/12pt verdana }[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "  A:link { color:
red }[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "  A:visited {
color: maroon }[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "</STYLE>[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: <<
"</HEAD><BODY><TABLE width=500 border=0 cellspacing=10><TR><TD>[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "<h1>You are not
authorized to view this page</h1>[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "You do not have
permission to view this directory or page using the credenti
als that you supplied because your Web browser is sending a
WWW-Authenticate header field that the Web server is not configured to
 accept.[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "<hr>[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "<p>Please try the
following:</p>[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "<ul>[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "<li>Contact the
Web site administrator if you believe you should be able to
view this directory or page.</li>[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "<li>Click the <a
href="javascript:location.reload()">Refresh</a> button to t
ry again with different cred"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: <<
"entials.</li>[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "</ul>[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "<h2>HTTP Error
401.2 - Unauthorized: Access is denied due to server configur
ation.<br>Internet Information Services (IIS)</h2>[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "<hr>[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "<p>Technical
Information (for support personnel)</p>[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "<ul>[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "<li>Go to <a
href="http://go.microsoft.com/fwlink/?linkid=8180">Microsoft Pr
oduct Support Services</a> and perform a title search for the words
<b>HTTP</b> and <b>401</b>.</li>[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "<li>Open <b>IIS
Help</b>, which is accessible in IIS Manager (inetmgr),[\r][
\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << " and search for
topics titled <b>About Security</b>, <b>Authentication</b>,
and <b>About Custom Error Messages</b>.</li>[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "</ul>[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: <<
"</TD></TR></TABLE></BODY></HTML>[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "POST
/ntlmtest/displayform2.asp HTTP/1.1[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "Accept: image/gif,
image/x-xbitmap, image/jpeg, image/pjpeg, application/x-sh
ockwave-flash, */*[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "Accept-Language:
en-us[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "UA-CPU:
x86[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "Accept-Encoding:
gzip, deflate[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "User-Agent:
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4
322)[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "Cookie:
__utma=192635624.1155137762.1196176465.1205518449.1205528317.17; __ut
mz=192635624.1196176465.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none
); mbox=PC#1203020122430-488091.00#1267215576|session#1204
140538593-649658#1204145436|edge#app2-prod3.prod3.offermatica.com.120414
3582590#1204145437|check#true#1204143636; Janus4Legacy=Jan
us4Legacy;
CStoneSessionID=QrsnhygYbnqre4f033a1!119343e67ab!-7f1b[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "Referer:
https://bb.stone-ware.com/ntlmtest/form.html[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "Content-Type:
application/x-www-form-urlencoded[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "Content-Length:
21[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "Cache-Control:
no-cache[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "Host:
mssb01.stone-ware.com[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "Expect:
100-continue[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: >> "[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: << "HTTP/1.1 400 Bad
Request[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: << "HTTP/1.1 400 Bad
Request[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: << "Content-Type:
text/html[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: << "Date: Wed, 09 Apr
2008 17:34:54 GMT[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: << "Connection:
close[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: << "Content-Length:
34[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.header]: << "[\r][\n]"
DEBUG (04/09) 13:34:55 [httpclient.wire.content]: << "<h1>Bad Request
(Invalid URL)</h1>"
 

-----Original Message-----
From: Oleg Kalnichevski [mailto:olegk@apache.org] 
Sent: Wednesday, April 09, 2008 1:23 PM
To: HttpClient User Discussion
Subject: Re: Using NTLM auth with expect continue


On Tue, 2008-04-08 at 18:53 -0400, Tony Thompson wrote:
> I am using HTTPClient 3.1.  I have an application that does NTLM 
> authentication.  I am posting data with the HTTPClient using a stream 
> that is not buffered.  If the web server requires an NTLM handshake, I

> get an "unbuffered entity enclosing request" exception (makes sense).
> So, after searching the mailing list archives, I thought I could use
> "Expect: continue" so the NTLM negotiation could happen before my 
> content was posted.  It does not appear to work properly.  On a 
> connection that has already been authenticated (i.e. I don't need to 
> authenticate the POST request), the conversation looks like this:
>  
> POST request (headers only) --> server client <-- HTTP 100 POST 
> content --> server client <-- HTTP 200
>  
> So, if you can make sense of that, it appears the server (IIS 6.0) 
> will deal with expect continue correctly.  So, if the connection needs

> to be authenticated, here is what happens:
>  
> POST request (headers only) --> server client <-- HTTP 401 POST 
> content (content is junk) --> server client <-- HTTP 400
>  
> I am not sure why content is posted in response to a 401.  Also, the 
> content that is posted is the request headers that were sent in step 
> #1 not the actual content (that is why I said it was junk above).
>  
> Any idea why this might be happening?  I can't buffer the content 
> without causing major issues with my application so the expect 
> continue solution sounds perfect, if it can be made to work.
>  

Tony,

Please post a wire/context log of that session. I'll try to find time to
take a look

http://hc.apache.org/httpclient-3.x/logging.html

Oleg



> Thanks
> Tony
>  
> This message (and any associated files) is intended only for the use 
> of the individual or entity to which it is addressed and may contain 
> information that is confidential, subject to copyright or constitutes 
> a trade secret. If you are not the intended recipient you are hereby 
> notified that any dissemination, copying or distribution of this 
> message, or files associated with this message, is strictly 
> prohibited. If you have received this message in error, please notify 
> us immediately by replying to the message and deleting it from your 
> computer. Messages sent to and from Stoneware, Inc.
> may be monitored.


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


Mime
View raw message