hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From yoga p <sendmeans...@gmail.com>
Subject Httpclient and NTLMv1 protocol support
Date Wed, 06 May 2009 16:36:30 GMT

We are using HttpClient (commons-httpclient-3.0-rc2.jar) for NTLM
Authentication and currently facing issues when the following security
settings in Windows Server 2003 or (win xp) is enabled:
Control Panel -> Administrative Tools -> Domain Security Policy -> Local
Policies -> Security Options -> Network security: Do not store LAN Manager
Hash value on next password change.
Click Enabled and then click OK.
After setting this property, NTLM authentication fails with following error:

HTTP Error 401.1 - Unauthorized: Access is denied due to invalid
Has anyone faced similar issue? If so, is there any possible work around
other than disabling above setting?
Also, does it mean that httpclient not supporting NTLM v1?
In the authentication guide of httpclient (
http://hc.apache.org/httpclient-3.x/authentication.html), under known
limitations and problems, it is mentioned that "HttpClient provides limited
support for what is known as NTLMv1, the early version of the NTLM
protocol." Does anybody know what is the early version of the NTLM protocol?
Thanks in advance.

Mr. Yoga

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message