Mailing-List: contact httpclient-users-help@hc.apache.org; run by ezmlm
Precedence: bulk
Reply-To: "HttpClient User Discussion" <httpclient-users@hc.apache.org>
Received-SPF: pass (athena.apache.org: domain of david.j.godbey@nasa.gov
 designates 198.117.1.121 as permitted sender)
From: "Godbey, David J. (HQ-LM020)[INDYNE INC]" <david.j.godbey@nasa.gov>
To: HttpClient User Discussion <httpclient-users@hc.apache.org>
Date: Tue, 21 Aug 2012 12:02:21 -0500
Subject: RE: Can't communicate to Exchange server since authentication
 upgraded to ntlmv2
Thread-Topic: Can't communicate to Exchange server since authentication
 upgraded to ntlmv2
Thread-Index: Ac1/DjCh5RSFra+3TjKq90ezbG7lyQAsBdsw
Message-ID: 
 <A0632223C5686042AD41B9F46BAD76DB9A4F83243A@NDMSSCC08.ndc.nasa.gov>
References: 
 <A0632223C5686042AD41B9F46BAD76DB9A4F83215E@NDMSSCC08.ndc.nasa.gov>
In-Reply-To: 
 <A0632223C5686042AD41B9F46BAD76DB9A4F83215E@NDMSSCC08.ndc.nasa.gov>
Accept-Language: en-US
Content-Language: en-US
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0

I'm still having issues getting my wsdl from Exchange. The exchange server =
was recently reconfigured to ntlmv2. I hope someone can help me. What I'm u=
sing the new HttpResponseInterceptor for, that I found on this forum 6/6, i=
s to output the response headers. Below the code find that output, if of he=
lp.
Here is the code below:

  private void sampleCode1() {
// http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/201206.mbox=
/%3C4FCE1554.1020900@maisis.pt%3E
    try {
      HttpHost httpHost =3D new HttpHost(_host, 443, "https");

      DefaultHttpClient httpclient =3D new DefaultHttpClient();

      try {
        httpclient.addResponseInterceptor(new HttpResponseInterceptor() {
          public void process(HttpResponse response, HttpContext context) t=
hrows HttpException, IOException {
            for (Header h:response.getAllHeaders()) {
              System.out.println(h.getName() + "=3D" + h.getValue());
            }
            if (response.getStatusLine().getStatusCode() =3D=3D 401) {
              Header ua =3D response.getFirstHeader("X-Powered-By");
              if (ua !=3D null && ua.getValue().equalsIgnoreCase("ASP.NET")=
) {
                Header challenge =3D response.getFirstHeader(AUTH.WWW_AUTH)=
;
                if (challenge !=3D null && challenge.getValue().equalsIgnor=
eCase("Negotiate")) {
                  response.setHeader(AUTH.WWW_AUTH, "Negotiate");
                  response.addHeader(AUTH.WWW_AUTH, "NTLM");
                }
              }
            } else if (response.getStatusLine().getStatusCode() =3D=3D 302)=
 {
              InputStream in =3D response.getEntity().getContent();
              int i =3D in.available();
              byte[] buf =3D new byte[i];
              in.read(buf);
              System.out.println(new String(buf));
            }
          }
        });

        httpclient.getCredentialsProvider().setCredentials(new AuthScope(ht=
tpHost), new NTCredentials(_user, _password, _localIp, _domain));

// Create AuthCache instance
        AuthCache authCache =3D new BasicAuthCache();
        // Generate BASIC scheme object and add it to the local
        // auth cache
        HttpParams params =3D new BasicHttpParams();
        HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
        HttpProtocolParams.setContentCharset(params, "UTF-8");
        HttpProtocolParams.setUseExpectContinue(params, true);

        NTLMSchemeFactory nsf =3D new NTLMSchemeFactory();
        AuthScheme authScheme =3D nsf.newInstance(params);
        authCache.put(httpHost, authScheme);

        // Add AuthCache to the execution context
        BasicHttpContext localcontext =3D new BasicHttpContext();
        localcontext.setAttribute(ClientContext.AUTH_CACHE, authCache);

        HttpGet httpget =3D new HttpGet(_urlFrag);

        System.out.println("executing request: " + httpget.getRequestLine()=
);
        System.out.println("to target: " + httpHost);

        HttpResponse response =3D httpclient.execute(httpHost, httpget, loc=
alcontext); //, localcontext);
//        HttpResponse response =3D httpclient.execute(httpHost, httpget); =
//, localcontext);
        HttpEntity entity =3D response.getEntity();


        System.out.println("----------------------------------------");
        System.out.println(response.getStatusLine());
        if (entity !=3D null) {
          System.out.println("Response content length: " + entity.getConten=
tLength());
        }
        EntityUtils.consume(entity);

      } finally {
        // When HttpClient instance is no longer needed,
        // shut down the connection manager to ensure
        // immediate deallocation of all system resources
        httpclient.getConnectionManager().shutdown();
      }
    } catch (Exception e) {
      throw new RuntimeException(e);
    }
  }

Below is the output set of headers. Running this app, the interceptor is ru=
n four times. See the header output below.
1st iteration
HTTP/1.1 401 Unauthorized

Content-Length=3D1656
Content-Type=3Dtext/html
Server=3DMicrosoft-IIS/6.0
WWW-Authenticate=3DNegotiate
WWW-Authenticate=3DNTLM
X-Powered-By=3DASP.NET
Date=3DTue, 21 Aug 2012 15:02:19 GMT

2nd iteration
HTTP/1.1 401 Unauthorized

Content-Length=3D1539
Content-Type=3Dtext/html
Server=3DMicrosoft-IIS/6.0
WWW-Authenticate=3DNTLM TlRMTVNTUAACAAAABgAGADgAAAA1AokiwCUuuCyjaBUAAAAAAAA=
AAIwAjAA+AAAABQLODgAAAA9OAEQAQwACAAYATgBEAEMAAQASAE4ARABNAFMAQwBBAFMAMQAzAA=
QAGABuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgADACwAbgBkAG0AcwBjAGEAcwAxADMALgBuAGQAY=
wAuAG4AYQBzAGEALgBnAG8AdgAFABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAAAAAA=3D=3D
X-Powered-By=3DASP.NET
Date=3DTue, 21 Aug 2012 15:03:41 GMT

3rd iteration
HTTP/1.1 302 Found

Connection=3Dclose
Date=3DTue, 21 Aug 2012 15:04:28 GMT
Server=3DMicrosoft-IIS/6.0
X-Powered-By=3DASP.NET
X-AspNet-Version=3D2.0.50727
Location=3D/ews/Services.wsdl
Cache-Control=3Dprivate
Content-Type=3Dtext/html

Got following debug output after this iteration.
Aug 21, 2012 10:05:09 AM org.apache.http.client.protocol.RequestAuthenticat=
ionBase process
SEVERE: NTLM authentication error: Unexpected state: MSG_TYPE3_GENERATED

4th iteration
HTTP/1.1 401 Unauthorized

Content-Length=3D1656
Content-Type=3Dtext/html
Server=3DMicrosoft-IIS/6.0
WWW-Authenticate=3DNegotiate
WWW-Authenticate=3DNTLM
X-Powered-By=3DASP.NET
Date=3DTue, 21 Aug 2012 15:05:09 GMT

I'm not getting my page, although iteration 3 suggests that I'm almost home=
. Anyone have a clue what I might try next?

Thanks,
Dave

-----Original Message-----
From: Godbey, David J. (HQ-LM020)[INDYNE INC] [mailto:david.j.godbey@nasa.g=
ov]=20
Sent: Monday, August 20, 2012 3:59 PM
To: httpclient-users@hc.apache.org
Subject: Can't communicate to Exchange server since authentication upgraded=
 to ntlmv2

I'm a java developer who has built a couple of J2EE components around an Ex=
change server using EWS (JAX-WS). Everything was working swimmingly until l=
ast week when the Exchange server was upgraded. At that point, my EWS servi=
ces went down. I'm still trying to figure out what happened, but my biggest=
 clue is that they upgraded the authentication scheme to NTLMv2. With that =
knowledge, I installed version 4.2 of the client, and I'm just trying to do=
wnload the wsdl file: https://myMailServer/ews/Exchange.asmx<https://mailSe=
rver/ews/Exchange.asmx>.

The errors I got looked a lot like what Pedro Saraiva reported on June 5, h=
ttp://mail-archives.apache.org/mod_mbox/hc-httpclient-users/201206.mbox/%3C=
4FCDE4E1.70701%40maisis.pt%3E

What is the proper way to add HttpResponseInterceptor interceptors? Which o=
ne should work with an NTLMv2 SSL Exchange server? I noticed that the only =
one my code is calling is the ResponseProcessCookies.


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org