Mailing-List: contact httpclient-users-help@hc.apache.org; run by ezmlm
Precedence: bulk
Reply-To: "HttpClient User Discussion" <httpclient-users@hc.apache.org>
Received-SPF: softfail (nike.apache.org: transitioning domain of
 catchmayya@gmail.com does not designate 162.253.133.43 as permitted sender)
Date: Sun, 5 Oct 2014 23:04:20 -0700 (MST)
From: chandra <catchmayya@gmail.com>
To: httpclient-users@hc.apache.org
Message-ID: <1412575460178-24527.post@n7.nabble.com>
Subject: Issue with BASIC Scheme in HttpClient 4.3.2
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi,

   I am porting code from 3.1 to 4.3.2 of httpclient. I am some queries
regarding usage of BasicScheme :

 In 3.1 version of Commons httpclient here is the code i am trying to port
  
AuthScope proxyAuthScope = new AuthScope(host,ANY_PORT,domain);
NTCredentials proxyCredentials = new
NTCredentials("username","password","",domain);
client.getState().setProxyCredentials(proxyAuthScope, proxyCredentials);
client.executeMethod(new GetMethod(url.toString()))

The above piece of code is working fine for BASIC and NTLM authentication
scheme.

After porting the code to 4.3.2:

AuthScope proxyAuthScope = new AuthScope(host,port,domain) ;
NTCredentials proxyCredentials = new NTCredentials( "admin1",
"admin1","",domain);
CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(proxyAuthScope,proxyCredentials);
CloseableHttpClient httpClient = HttpClientBuilder.create()
                                               .setProxy(new HttpHost(host,
port))
                                              
.setDefaultCredentialsProvider(credentialsProvider)
                                               .build();
httpClient.execute(httpGet)

The above piece of code is working fine for NTLM Proxy Authentication but
during BASIC authentication even though we supply the correct username and
password credentials we are getting 407 Proxy Authentication error
repetedly. So on debugging the httpclient source code we found a  difference
in the funtionality between BasicScheme of 3.1 and 4.3.2.

Difference:
In 3.1 -> Even though we supply NTCredentials with domain name to BASIC
Scheme it will considers only username and Password from the credentialstore
and sends the authentication string.

In 4.3.2 -> If we supply NTCredentials with domain name to BASIC Scheme it
will also consider the domain name along with username and password to
construct the authentication string .

Code snippet from 4.3.2 version of BASIC Scheme that constructs the
authentication string:

final StringBuilder tmp = new StringBuilder();
        tmp.append(credentials.getUserPrincipal().getName());
        tmp.append(":");
        tmp.append((credentials.getPassword() == null) ? "null" :
credentials.getPassword());

For Example if we set the NTCredentials as 

NTCredentials("admin","pass","","dev");

then the Authentication String is sent with 
username: dev/admin
password:pass
But server is expecting basic authentication with username:admin and
password :pass

Is this a bug in the HttpClient 4.3.2 ?
If so how can we overcome this ?

 
--
View this message in context: http://httpcomponents.10934.n7.nabble.com/Issue-with-BASIC-Scheme-in-HttpClient-4-3-2-tp24527.html
Sent from the HttpClient-User mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org