hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Godbey, David J. (HQ-LM020)[INDYNE INC]" <david.j.god...@nasa.gov>
Subject RE: Can't communicate to Exchange server since authentication upgraded to ntlmv2
Date Tue, 21 Aug 2012 17:02:21 GMT
I'm still having issues getting my wsdl from Exchange. The exchange server was recently reconfigured
to ntlmv2. I hope someone can help me. What I'm using the new HttpResponseInterceptor for,
that I found on this forum 6/6, is to output the response headers. Below the code find that
output, if of help.
Here is the code below:

  private void sampleCode1() {
// http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/201206.mbox/%3C4FCE1554.1020900@maisis.pt%3E
    try {
      HttpHost httpHost = new HttpHost(_host, 443, "https");

      DefaultHttpClient httpclient = new DefaultHttpClient();

      try {
        httpclient.addResponseInterceptor(new HttpResponseInterceptor() {
          public void process(HttpResponse response, HttpContext context) throws HttpException,
IOException {
            for (Header h:response.getAllHeaders()) {
              System.out.println(h.getName() + "=" + h.getValue());
            }
            if (response.getStatusLine().getStatusCode() == 401) {
              Header ua = response.getFirstHeader("X-Powered-By");
              if (ua != null && ua.getValue().equalsIgnoreCase("ASP.NET")) {
                Header challenge = response.getFirstHeader(AUTH.WWW_AUTH);
                if (challenge != null && challenge.getValue().equalsIgnoreCase("Negotiate"))
{
                  response.setHeader(AUTH.WWW_AUTH, "Negotiate");
                  response.addHeader(AUTH.WWW_AUTH, "NTLM");
                }
              }
            } else if (response.getStatusLine().getStatusCode() == 302) {
              InputStream in = response.getEntity().getContent();
              int i = in.available();
              byte[] buf = new byte[i];
              in.read(buf);
              System.out.println(new String(buf));
            }
          }
        });

        httpclient.getCredentialsProvider().setCredentials(new AuthScope(httpHost), new NTCredentials(_user,
_password, _localIp, _domain));

// Create AuthCache instance
        AuthCache authCache = new BasicAuthCache();
        // Generate BASIC scheme object and add it to the local
        // auth cache
        HttpParams params = new BasicHttpParams();
        HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
        HttpProtocolParams.setContentCharset(params, "UTF-8");
        HttpProtocolParams.setUseExpectContinue(params, true);

        NTLMSchemeFactory nsf = new NTLMSchemeFactory();
        AuthScheme authScheme = nsf.newInstance(params);
        authCache.put(httpHost, authScheme);

        // Add AuthCache to the execution context
        BasicHttpContext localcontext = new BasicHttpContext();
        localcontext.setAttribute(ClientContext.AUTH_CACHE, authCache);

        HttpGet httpget = new HttpGet(_urlFrag);

        System.out.println("executing request: " + httpget.getRequestLine());
        System.out.println("to target: " + httpHost);

        HttpResponse response = httpclient.execute(httpHost, httpget, localcontext); //, localcontext);
//        HttpResponse response = httpclient.execute(httpHost, httpget); //, localcontext);
        HttpEntity entity = response.getEntity();


        System.out.println("----------------------------------------");
        System.out.println(response.getStatusLine());
        if (entity != null) {
          System.out.println("Response content length: " + entity.getContentLength());
        }
        EntityUtils.consume(entity);

      } finally {
        // When HttpClient instance is no longer needed,
        // shut down the connection manager to ensure
        // immediate deallocation of all system resources
        httpclient.getConnectionManager().shutdown();
      }
    } catch (Exception e) {
      throw new RuntimeException(e);
    }
  }

Below is the output set of headers. Running this app, the interceptor is run four times. See
the header output below.
1st iteration
HTTP/1.1 401 Unauthorized

Content-Length=1656
Content-Type=text/html
Server=Microsoft-IIS/6.0
WWW-Authenticate=Negotiate
WWW-Authenticate=NTLM
X-Powered-By=ASP.NET
Date=Tue, 21 Aug 2012 15:02:19 GMT

2nd iteration
HTTP/1.1 401 Unauthorized

Content-Length=1539
Content-Type=text/html
Server=Microsoft-IIS/6.0
WWW-Authenticate=NTLM TlRMTVNTUAACAAAABgAGADgAAAA1AokiwCUuuCyjaBUAAAAAAAAAAIwAjAA+AAAABQLODgAAAA9OAEQAQwACAAYATgBEAEMAAQASAE4ARABNAFMAQwBBAFMAMQAzAAQAGABuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgADACwAbgBkAG0AcwBjAGEAcwAxADMALgBuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgAFABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAAAAAA==
X-Powered-By=ASP.NET
Date=Tue, 21 Aug 2012 15:03:41 GMT

3rd iteration
HTTP/1.1 302 Found

Connection=close
Date=Tue, 21 Aug 2012 15:04:28 GMT
Server=Microsoft-IIS/6.0
X-Powered-By=ASP.NET
X-AspNet-Version=2.0.50727
Location=/ews/Services.wsdl
Cache-Control=private
Content-Type=text/html

Got following debug output after this iteration.
Aug 21, 2012 10:05:09 AM org.apache.http.client.protocol.RequestAuthenticationBase process
SEVERE: NTLM authentication error: Unexpected state: MSG_TYPE3_GENERATED

4th iteration
HTTP/1.1 401 Unauthorized

Content-Length=1656
Content-Type=text/html
Server=Microsoft-IIS/6.0
WWW-Authenticate=Negotiate
WWW-Authenticate=NTLM
X-Powered-By=ASP.NET
Date=Tue, 21 Aug 2012 15:05:09 GMT

I'm not getting my page, although iteration 3 suggests that I'm almost home. Anyone have a
clue what I might try next?

Thanks,
Dave

-----Original Message-----
From: Godbey, David J. (HQ-LM020)[INDYNE INC] [mailto:david.j.godbey@nasa.gov] 
Sent: Monday, August 20, 2012 3:59 PM
To: httpclient-users@hc.apache.org
Subject: Can't communicate to Exchange server since authentication upgraded to ntlmv2

I'm a java developer who has built a couple of J2EE components around an Exchange server using
EWS (JAX-WS). Everything was working swimmingly until last week when the Exchange server was
upgraded. At that point, my EWS services went down. I'm still trying to figure out what happened,
but my biggest clue is that they upgraded the authentication scheme to NTLMv2. With that knowledge,
I installed version 4.2 of the client, and I'm just trying to download the wsdl file: https://myMailServer/ews/Exchange.asmx<https://mailServer/ews/Exchange.asmx>.

The errors I got looked a lot like what Pedro Saraiva reported on June 5, http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/201206.mbox/%3C4FCDE4E1.70701%40maisis.pt%3E

What is the proper way to add HttpResponseInterceptor interceptors? Which one should work
with an NTLMv2 SSL Exchange server? I noticed that the only one my code is calling is the
ResponseProcessCookies.




---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


Mime
View raw message