manifoldcf-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Karl Wright <daddy...@gmail.com>
Subject Re: SharePoint 2007 Connector - (401)HTTP/1.1 401 Unauthorized
Date Wed, 28 Nov 2012 18:07:08 GMT
Hi Luigi,

There are three requests and responses for each NTLM authentication
sequence.  I need all three for both the curl example and the ManifoldCF
example.  It looks like you have only one for curl, and you have two for
ManifoldCF?

Karl

On Wed, Nov 28, 2012 at 12:38 PM, Luigi D'Addario <
luigi.daddario@googlemail.com> wrote:

> Hi Karl,
>
> with WireShark (if necessary, I have saved all pcapng files...)
> this is the "sniffer" result:
>
> *via direct HTTP *
>
> Hypertext Transfer Protocol
> [truncated] Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
> application/x-shockwave-flash, application/vnd.ms-excel,
> application/vnd.ms-powerpoint, application/msword,
> application/x-ms-application, application/x-ms-xbap, appli
> Accept-Language: it\r\n
> Accept-Encoding: gzip, deflate\r\n
> If-Modified-Since: Mon, 26 Nov 2012 14:11:50 GMT\r\n
> User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET
> CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.0.4506.2152; .NET CLR
> 3.5.30729)\r\n
> Host: vm-shpt2k7\r\n
> Connection: Keep-Alive\r\n
> Authorization: NTLM
> TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAFASgKAAAAD3==\r\n
> NTLM Secure Service Provider
> NTLMSSP identifier: NTLMSSP
> NTLM Message Type: NTLMSSP_NEGOTIATE (0x00000001)
> Calling workstation domain: NULL
> Calling workstation name: NULL
> Version 5.1 (Build 2600); NTLM Current Revision 15
> Major Version: 5
> Minor Version: 1
> Build Number: 2600
> NTLM Current Revision: 15
> Full request URI: http://vm-shpt2k7/KireyRep/default.aspx
>
>
>
>
> *via ManifoldCF interface*
>
> Hypertext Transfer Protocol
> POST /KireyRep/_vti_bin/lists.asmx HTTP/1.1\r\n
> Expert Info (Chat/Sequence): POST /KireyRep/_vti_bin/lists.asmx
> HTTP/1.1\r\n
> Message: POST /KireyRep/_vti_bin/lists.asmx HTTP/1.1\r\n
> Severity level: Chat
> Group: Sequence
> Request Method: POST
> Request URI: /KireyRep/_vti_bin/lists.asmx
> Request Version: HTTP/1.1
> Content-Type: text/xml; charset=utf-8\r\n
> SOAPAction: "
> http://schemas.microsoft.com/sharepoint/soap/GetListCollection"\r\n
> User-Agent: Axis/1.4\r\n
> Content-Length: 335\r\n
> Content length: 335
> Host: vm-shpt2k7\r\n
> Connection: Keep-Alive\r\n
> Full request URI: http://vm-shpt2k7/KireyRep/_vti_bin/lists.asmx
> eXtensible Markup Language
> <?xml
> version="1.0"
> encoding="UTF-8"
> ?>
> <soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> <soapenv:Body>
> <GetListCollection
> xmlns="http://schemas.microsoft.com/sharepoint/soap/"/>
> </soapenv:Body>
> </soapenv:Envelope>
>
>
> Host: vm-shpt2k7\r\n
> [truncated] Authorization: NTLM
> TlRMTVNTUAADAAAAGAAYAEAAAAD2APYAWAAAABQAFABOAQAAGgAaAGIBAAAYABgAfAEAAAAAAACUAQAANQIIIGosOBjiPoRmRMC7SQR6Vu0l+VCVwF4KLRUFGPOa5fIHTQNPiL0BGFEBAQAAAAAAANB3xTKMzc0BJflQlcBeCi0AAAAAAgAcAFMARQBSAFYASQBDAEUAUwAtAEs
> NTLM Secure Service Provider
> NTLMSSP identifier: NTLMSSP
> NTLM Message Type: NTLMSSP_AUTH (0x00000003)
> NTLMv2 Response: 150518f39ae5f2074d034f88bd0118510101000000000000...
> Attribute: NetBIOS domain name: SERVICES-KIREY
> Attribute: NetBIOS computer name: VM-SHPT2K7
> Attribute: DNS domain name: services-kirey.lan
> Attribute: DNS computer name: vm-shpt2k7.services-kirey.lan
> Attribute: DNS tree name: services-kirey.lan
> Domain name: VM-SHPT2K7
> User name: administrator
> Host name: RM-DADDARIOL
> Full request URI: http://vm-shpt2k7/KireyRep/_vti_bin/lists.asmx
>
>
>
>
>
> 2012/11/28 Luigi D'Addario <luigi.daddario@googlemail.com>
>
>> I can try to download it :o]
>>
>> just a few minutes to understand how use it !
>>
>> Thanks Karl !
>>
>> 2012/11/28 Karl Wright <daddywri@gmail.com>
>>
>>> Ok - it is clear that headers are not the issue.
>>>
>>> One remaining possible difference is the form of the user name.  This is
>>> unfortunately transmitted inside the NTLM-encoded WWW-Authenticate header.
>>> Do you have access to WireShark?  That will show the user name/domain name
>>> in the NTLM packets.
>>>
>>> Karl
>>>
>>>
>>>
>>>
>>> On Wed, Nov 28, 2012 at 8:02 AM, Luigi D'Addario <
>>> luigi.daddario@googlemail.com> wrote:
>>>
>>>> Karl,
>>>>
>>>> I forced Curl (hope with exact flags...)
>>>>
>>>> curl* -H "Content-Type:text/xml; charset=utf-8" -A 'Axis/1.4' *--data
>>>> POST --ntlm -u vm-shpt2k7\\administrator
>>>> http://vm-shpt2k7.services-kirey.lan/KireyRep/_vti_bin/MCPermissions.asmx-v
>>>>  Enter host password for user 'vm-shpt2k7\\administrator':
>>>> * About to connect() to vm-shpt2k7.services-kirey.lan port 80 (#0)
>>>> *   Trying 192.168.30.42...
>>>> * connected
>>>> * Connected to vm-shpt2k7.services-kirey.lan (192.168.30.42) port 80
>>>> (#0)
>>>> * Server auth using NTLM with user 'vm-shpt2k7\\administrator'
>>>> > POST /KireyRep/_vti_bin/MCPermissions.asmx HTTP/1.1
>>>> > Authorization: NTLM
>>>> TlRMTVNTUAABAAAAt4II4gAAAAAAAAAAAAAAAAAAAAAFASgKAAAADw==
>>>> > User-Agent: 'Axis/1.4'
>>>> > Host: vm-shpt2k7.services-kirey.lan
>>>> > Accept: */*
>>>> > Content-Type:text/xml; charset=utf-8
>>>> > Content-Length: 0
>>>> >
>>>> < HTTP/1.1 401 Unauthorized
>>>> < Content-Length: 1539
>>>> < Content-Type: text/html
>>>> < Server: Microsoft-IIS/6.0
>>>> < WWW-Authenticate: NTLM
>>>> TlRMTVNTUAACAAAAHAAcADgAAAA1goniUYnNfMy+hpQAAAAAAAAAAMo
>>>>
>>>> AygBUAAAABQLODgAAAA9TAEUAUgBWAEkAQwBFAFMALQBLAEkAUgBFAFkAAgAcAFMARQBSAFYASQBDAEU
>>>>
>>>> AUwAtAEsASQBSAEUAWQABABQAVgBNAC0AUwBIAFAAVAAyAEsANwAEACQAcwBlAHIAdgBpAGMAZQBzAC0
>>>>
>>>> AawBpAHIAZQB5AC4AbABhAG4AAwA6AHYAbQAtAHMAaABwAHQAMgBrADcALgBzAGUAcgB2AGkAYwBlAHM
>>>>
>>>> ALQBrAGkAcgBlAHkALgBsAGEAbgAFACQAcwBlAHIAdgBpAGMAZQBzAC0AawBpAHIAZQB5AC4AbABhAG4
>>>> AAAAAAA==
>>>> < X-Powered-By: ASP.NET
>>>> < MicrosoftSharePointTeamServices: 12.0.0.6421
>>>> < Date: Wed, 28 Nov 2012 12:40:18 GMT
>>>> <
>>>> * Ignoring the response-body
>>>> * Connection #0 to host vm-shpt2k7.services-kirey.lan left intact
>>>> * Issue another request to this URL: '
>>>> http://vm-shpt2k7.services-kirey.lan/Kirey
>>>>  Rep/_vti_bin/MCPermissions.asmx'
>>>> * Re-using existing connection! (#0) with host (nil)
>>>> * Connected to (nil) (192.168.30.42) port 80 (#0)
>>>> * Server auth using NTLM with user 'vm-shpt2k7\\administrator'
>>>> > POST /KireyRep/_vti_bin/MCPermissions.asmx HTTP/1.1
>>>> > Authorization: NTLM
>>>> TlRMTVNTUAADAAAAGAAYAJAAAAAYABgAqAAAABQAFABIAAAAHAAcAFwAAA
>>>>
>>>> AYABgAeAAAABAAEADAAAAANYKI4gUBKAoAAAAPdgBtAC0AcwBoAHAAdAAyAGsANwBcAGEAZABtAGkAbg
>>>>
>>>> BpAHMAdAByAGEAdABvAHIAUgBNAC0ARABBAEQARABBAFIASQBPAEwApiBXIIWvOyYAAAAAAAAAAAAAAA
>>>> AAAAAAekpKepq0vu1Y+wZfAaay7ikzZNFPoIlJqtnh7FssjwbIFk2cTykE6A==
>>>> > User-Agent: 'Axis/1.4'
>>>> > Host: vm-shpt2k7.services-kirey.lan
>>>> > Accept: */*
>>>> > Content-Type:text/xml; charset=utf-8
>>>> > Content-Length: 4
>>>> >
>>>> * upload completely sent off: 4 out of 4 bytes
>>>> < HTTP/1.1 500 Internal Server Error
>>>> < Date: Wed, 28 Nov 2012 12:40:18 GMT
>>>> < Server: Microsoft-IIS/6.0
>>>> < X-Powered-By: ASP.NET
>>>> < MicrosoftSharePointTeamServices: 12.0.0.6421
>>>>  < X-AspNet-Version: 2.0.50727
>>>> < Cache-Control: private
>>>> < Content-Type: application/soap+xml; charset=utf-8
>>>> < Content-Length: 521
>>>> <
>>>> <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="
>>>> http://www.w3.o
>>>> rg/2003/05/soap-envelope" xmlns:xsi="
>>>> http://www.w3.org/2001/XMLSchema-instance"
>>>> xmlns:xsd="http://www.w3.org/2001/XMLSchema
>>>> "><soap:Body><soap:Fault><soap:Code><
>>>> soap:Value>soap:Receiver</soap:Value></soap:Code><soap:Reason><soap:Text
>>>> xml:lan
>>>> g="it">Impossibile elaborare la richiesta. ---&gt; Rilevati dati non
>>>> validi al l
>>>> ivello principale. Riga 1, posizione
>>>> 1.</soap:Text></soap:Reason><soap:Detail />
>>>> </soap:Fault></soap:Body></soap:Envelope>* Connection #0 to host (nil)
>>>> left inta
>>>> ct
>>>> * Closing connection #0
>>>>
>>>>
>>>>
>>>> This the server log:
>>>>
>>>> 2012-11-28 12:46:31 W3SVC662429156 192.168.30.42 POST
>>>> /KireyRep/_vti_bin/MCPermissions.asmx - 80 - 192.168.49.76 'Axis/1.4' 401 1
>>>> 0
>>>> 2012-11-28 12:46:31 W3SVC662429156 192.168.30.42 POST
>>>> /KireyRep/_vti_bin/MCPermissions.asmx - 80 vm-shpt2k7\administrator
>>>> 192.168.49.76 'Axis/1.4' 500 0 0
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> 2012/11/28 Karl Wright <daddywri@gmail.com>
>>>>
>>>>> Ok, here are the key differences as I see it, versus curl:
>>>>>
>>>>> Host: vm-shpt2k7
>>>>> vs
>>>>> Host: vm-shpt2k7.services-kirey.lan
>>>>>
>>>>> Content-Type: application/x-www-form-urlencoded
>>>>> vs
>>>>> Content-Type: text/xml; charset=utf-8
>>>>>
>>>>>
>>>>> User-Agent: curl/7.25.0 (i386-pc-win32) libcurl/7.25.0 OpenSSL/0.9.8u
>>>>> zlib/1.2.6 libssh2/1.4.0
>>>>> vs
>>>>> User-Agent: Axis/1.4
>>>>>
>>>>> and
>>>>> Accept: */*
>>>>>
>>>>> If you can try a curl POST, forcing all of these headers to the
>>>>> ManifoldCF values, and see if it still works, that would be great.
>>>>>
>>>>> Karl
>>>>>
>>>>>
>>>>> On Wed, Nov 28, 2012 at 4:31 AM, Luigi D'Addario <
>>>>> luigi.daddario@googlemail.com> wrote:
>>>>>
>>>>>> Hi Karl,
>>>>>>
>>>>>> meanwhile with apache-manifoldcf-1.1-dev
>>>>>> and log4j.logger.org.apache.http.headers=DEBUG this is the result:
>>>>>>
>>>>>> DEBUG 2012-11-28 10:24:44,578 (Thread-499) - >> POST
>>>>>> /KireyRep/_vti_bin/lists.asmx HTTP/1.1
>>>>>> DEBUG 2012-11-28 10:24:44,578 (Thread-499) - >> Content-Type:
>>>>>> text/xml; charset=utf-8
>>>>>> DEBUG 2012-11-28 10:24:44,578 (Thread-499) - >> SOAPAction: "
>>>>>> http://schemas.microsoft.com/sharepoint/soap/GetListCollection"
>>>>>> DEBUG 2012-11-28 10:24:44,578 (Thread-499) - >> User-Agent: Axis/1.4
>>>>>> DEBUG 2012-11-28 10:24:44,578 (Thread-499) - >> Content-Length: 335
>>>>>> DEBUG 2012-11-28 10:24:44,578 (Thread-499) - >> Host:
>>>>>> vm-shpt2k7.services-kirey.lan
>>>>>> DEBUG 2012-11-28 10:24:44,578 (Thread-499) - >> Connection: Keep-Alive
>>>>>> DEBUG 2012-11-28 10:24:47,703 (Thread-499) - << HTTP/1.1 401
>>>>>> Unauthorized
>>>>>> DEBUG 2012-11-28 10:24:47,703 (Thread-499) - << Content-Length: 1656
>>>>>> DEBUG 2012-11-28 10:24:47,703 (Thread-499) - << Content-Type:
>>>>>> text/html
>>>>>> DEBUG 2012-11-28 10:24:47,718 (Thread-499) - << Server:
>>>>>> Microsoft-IIS/6.0
>>>>>> DEBUG 2012-11-28 10:24:47,718 (Thread-499) - << WWW-Authenticate: NTLM
>>>>>> DEBUG 2012-11-28 10:24:47,718 (Thread-499) - << X-Powered-By: ASP.NET
>>>>>> DEBUG 2012-11-28 10:24:47,718 (Thread-499) - <<
>>>>>> MicrosoftSharePointTeamServices: 12.0.0.6421
>>>>>> DEBUG 2012-11-28 10:24:47,718 (Thread-499) - << Date: Wed, 28 Nov
>>>>>> 2012 09:23:06 GMT
>>>>>> DEBUG 2012-11-28 10:24:47,734 (Thread-499) - >> POST
>>>>>> /KireyRep/_vti_bin/lists.asmx HTTP/1.1
>>>>>> DEBUG 2012-11-28 10:24:47,734 (Thread-499) - >> Content-Type:
>>>>>> text/xml; charset=utf-8
>>>>>> DEBUG 2012-11-28 10:24:47,734 (Thread-499) - >> SOAPAction: "
>>>>>> http://schemas.microsoft.com/sharepoint/soap/GetListCollection"
>>>>>> DEBUG 2012-11-28 10:24:47,734 (Thread-499) - >> User-Agent: Axis/1.4
>>>>>> DEBUG 2012-11-28 10:24:47,734 (Thread-499) - >> Content-Length: 335
>>>>>> DEBUG 2012-11-28 10:24:47,734 (Thread-499) - >> Host:
>>>>>> vm-shpt2k7.services-kirey.lan
>>>>>> DEBUG 2012-11-28 10:24:47,734 (Thread-499) - >> Connection: Keep-Alive
>>>>>> DEBUG 2012-11-28 10:24:47,734 (Thread-499) - >> Authorization: NTLM
>>>>>> TlRMTVNTUAABAAAANQIIIBQAFAA4AAAAGAAYACAAAABSAE0ALQBEAEEARABEAEEAUgBJAE8ATABWAE0ALQBTAEgAUABUADIASwA3AA==
>>>>>> DEBUG 2012-11-28 10:24:47,843 (Thread-499) - << HTTP/1.1 401
>>>>>> Unauthorized
>>>>>> DEBUG 2012-11-28 10:24:47,843 (Thread-499) - << Content-Length: 1539
>>>>>> DEBUG 2012-11-28 10:24:47,843 (Thread-499) - << Content-Type:
>>>>>> text/html
>>>>>> DEBUG 2012-11-28 10:24:47,843 (Thread-499) - << Server:
>>>>>> Microsoft-IIS/6.0
>>>>>> DEBUG 2012-11-28 10:24:47,843 (Thread-499) - << WWW-Authenticate:
>>>>>> NTLM
>>>>>> TlRMTVNTUAACAAAAHAAcADgAAAA1AokihqBaKzZ7OA4AAAAAAAAAAMoAygBUAAAABQLODgAAAA9TAEUAUgBWAEkAQwBFAFMALQBLAEkAUgBFAFkAAgAcAFMARQBSAFYASQBDAEUAUwAtAEsASQBSAEUAWQABABQAVgBNAC0AUwBIAFAAVAAyAEsANwAEACQAcwBlAHIAdgBpAGMAZQBzAC0AawBpAHIAZQB5AC4AbABhAG4AAwA6AHYAbQAtAHMAaABwAHQAMgBrADcALgBzAGUAcgB2AGkAYwBlAHMALQBrAGkAcgBlAHkALgBsAGEAbgAFACQAcwBlAHIAdgBpAGMAZQBzAC0AawBpAHIAZQB5AC4AbABhAG4AAAAAAA==
>>>>>> DEBUG 2012-11-28 10:24:47,843 (Thread-499) - << X-Powered-By: ASP.NET
>>>>>> DEBUG 2012-11-28 10:24:47,843 (Thread-499) - <<
>>>>>> MicrosoftSharePointTeamServices: 12.0.0.6421
>>>>>> DEBUG 2012-11-28 10:24:47,843 (Thread-499) - << Date: Wed, 28 Nov
>>>>>> 2012 09:23:06 GMT
>>>>>> DEBUG 2012-11-28 10:24:47,843 (Thread-499) - >> POST
>>>>>> /KireyRep/_vti_bin/lists.asmx HTTP/1.1
>>>>>> DEBUG 2012-11-28 10:24:47,843 (Thread-499) - >> Content-Type:
>>>>>> text/xml; charset=utf-8
>>>>>> DEBUG 2012-11-28 10:24:47,843 (Thread-499) - >> SOAPAction: "
>>>>>> http://schemas.microsoft.com/sharepoint/soap/GetListCollection"
>>>>>> DEBUG 2012-11-28 10:24:47,843 (Thread-499) - >> User-Agent: Axis/1.4
>>>>>> DEBUG 2012-11-28 10:24:47,843 (Thread-499) - >> Content-Length: 335
>>>>>> DEBUG 2012-11-28 10:24:47,843 (Thread-499) - >> Host:
>>>>>> vm-shpt2k7.services-kirey.lan
>>>>>> DEBUG 2012-11-28 10:24:47,843 (Thread-499) - >> Connection: Keep-Alive
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> 2012/11/28 Karl Wright <daddywri@gmail.com>
>>>>>>
>>>>>>> Hi Luigi (and Robert),
>>>>>>>
>>>>>>> I have a moment now - finally.  So I can try to clarify the goal of
>>>>>>> this exercise.
>>>>>>>
>>>>>>> I have verified that the NTLM implementation in both httpcomponents
>>>>>>> and in the mcf version of commons-httpclient should not have been
>>>>>>> invalidated by anything Microsoft has done recently, at least based on what
>>>>>>> I can find on the net.  You have both successfully authenticated using
>>>>>>> cURL, so that means that your IIS setup is largely correct.  All that is
>>>>>>> left is the exact contents of various headers.  The headers that have been
>>>>>>> a problem in the past have been User-Agent and Host, but I would try to
>>>>>>> make all the changeable headers the same as what ManifoldCF is sending.
>>>>>>> Hopefully it will then fail in the same way with curl, and we can then
>>>>>>> figure out what header is causing the problem.  Specifically, I'd expect it
>>>>>>> to be one of: User-agent, Accept, Host, Content-type.
>>>>>>>
>>>>>>> Thanks,
>>>>>>> Karl
>>>>>>>
>>>>>>>
>>>>>>> On Tue, Nov 27, 2012 at 12:15 PM, Luigi D'Addario <
>>>>>>> luigi.daddario@googlemail.com> wrote:
>>>>>>>
>>>>>>>> Ok, I check how turn on wire debubbing and repet all test.
>>>>>>>> But thank you just now.
>>>>>>>>
>>>>>>>> Luigi
>>>>>>>>
>>>>>>>>
>>>>>>>> 2012/11/27 Karl Wright <daddywri@gmail.com>
>>>>>>>>
>>>>>>>>> Curl with POST then works.
>>>>>>>>>
>>>>>>>>> So the next step is to turn on wire debugging.  See
>>>>>>>>> https://cwiki.apache.org/confluence/display/CONNECTORS/Debugging+Connections.
>>>>>>>>>
>>>>>>>>> Repeat the connection attempt with ManifoldCF, and send me the
>>>>>>>>> output.  I want to verify that the headers (apart from the NTLM
>>>>>>>>> www-authenticate headers) are the same.
>>>>>>>>>
>>>>>>>>> Thanks!
>>>>>>>>> Karl
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Tue, Nov 27, 2012 at 11:54 AM, Luigi D'Addario <
>>>>>>>>> luigi.daddario@googlemail.com> wrote:
>>>>>>>>>
>>>>>>>>>> Thanks :o]
>>>>>>>>>>
>>>>>>>>>> *HTTP/1.1 401 Unauthorized* +  *HTTP/1.1 500 Internal Server
>>>>>>>>>> Error*
>>>>>>>>>>
>>>>>>>>>> curl --data POST --ntlm -u vm-shpt2k7\\administrator
>>>>>>>>>> http://vm-shpt2k7/KireyRep/_vti_bin/MCPermissions.asmx -v
>>>>>>>>>>  Enter host password for user 'vm-shpt2k7\\administrator':
>>>>>>>>>> * About to connect() to vm-shpt2k7 port 80 (#0)
>>>>>>>>>> *   Trying 192.168.30.42...
>>>>>>>>>> * connected
>>>>>>>>>> * Connected to vm-shpt2k7 (192.168.30.42) port 80 (#0)
>>>>>>>>>> * Server auth using NTLM with user 'vm-shpt2k7\\administrator'
>>>>>>>>>> > POST /KireyRep/_vti_bin/MCPermissions.asmx HTTP/1.1
>>>>>>>>>> > Authorization: NTLM
>>>>>>>>>> TlRMTVNTUAABAAAAt4II4gAAAAAAAAAAAAAAAAAAAAAFASgKAAAADw==
>>>>>>>>>> > User-Agent: curl/7.25.0 (i386-pc-win32) libcurl/7.25.0
>>>>>>>>>> OpenSSL/0.9.8u zlib/1.2
>>>>>>>>>> .6 libssh2/1.4.0
>>>>>>>>>> > Host: vm-shpt2k7
>>>>>>>>>> > Accept: */*
>>>>>>>>>> > Content-Length: 0
>>>>>>>>>> > Content-Type: application/x-www-form-urlencoded
>>>>>>>>>> >
>>>>>>>>>> < *HTTP/1.1 401 Unauthorized*
>>>>>>>>>> < Content-Length: 1539
>>>>>>>>>> < Content-Type: text/html
>>>>>>>>>> < Server: Microsoft-IIS/6.0
>>>>>>>>>> < WWW-Authenticate: NTLM
>>>>>>>>>> TlRMTVNTUAACAAAAHAAcADgAAAA1goniAo2Exi/3+LAAAAAAAAAAAMo
>>>>>>>>>>
>>>>>>>>>> AygBUAAAABQLODgAAAA9TAEUAUgBWAEkAQwBFAFMALQBLAEkAUgBFAFkAAgAcAFMARQBSAFYASQBDAEU
>>>>>>>>>>
>>>>>>>>>> AUwAtAEsASQBSAEUAWQABABQAVgBNAC0AUwBIAFAAVAAyAEsANwAEACQAcwBlAHIAdgBpAGMAZQBzAC0
>>>>>>>>>>
>>>>>>>>>> AawBpAHIAZQB5AC4AbABhAG4AAwA6AHYAbQAtAHMAaABwAHQAMgBrADcALgBzAGUAcgB2AGkAYwBlAHM
>>>>>>>>>>
>>>>>>>>>> ALQBrAGkAcgBlAHkALgBsAGEAbgAFACQAcwBlAHIAdgBpAGMAZQBzAC0AawBpAHIAZQB5AC4AbABhAG4
>>>>>>>>>> AAAAAAA==
>>>>>>>>>> < X-Powered-By: ASP.NET
>>>>>>>>>> < MicrosoftSharePointTeamServices: 12.0.0.6421
>>>>>>>>>> < Date: Tue, 27 Nov 2012 16:44:14 GMT
>>>>>>>>>> <
>>>>>>>>>> * Ignoring the response-body
>>>>>>>>>> * Connection #0 to host vm-shpt2k7 left intact
>>>>>>>>>> * Issue another request to this URL: '
>>>>>>>>>> http://vm-shpt2k7/KireyRep/_vti_bin/MCPermissions.asmx'
>>>>>>>>>> * Re-using existing connection! (#0) with host (nil)
>>>>>>>>>> * Connected to (nil) (192.168.30.42) port 80 (#0)
>>>>>>>>>> * Server auth using NTLM with user 'vm-shpt2k7\\administrator'
>>>>>>>>>> > POST /KireyRep/_vti_bin/MCPermissions.asmx HTTP/1.1
>>>>>>>>>> > Authorization: NTLM
>>>>>>>>>> TlRMTVNTUAADAAAAGAAYAJAAAAAYABgAqAAAABQAFABIAAAAHAAcAFwAAA
>>>>>>>>>>
>>>>>>>>>> AYABgAeAAAABAAEADAAAAANYKI4gUBKAoAAAAPdgBtAC0AcwBoAHAAdAAyAGsANwBcAGEAZABtAGkAbg
>>>>>>>>>>
>>>>>>>>>> BpAHMAdAByAGEAdABvAHIAUgBNAC0ARABBAEQARABBAFIASQBPAEwA/F/Dh4QXrhYAAAAAAAAAAAAAAA
>>>>>>>>>> AAAAAADC8nQrN/CSjOrtwdcX5eneq+k+ZoTa0H5pip2sZd+GXoCE/Z+1QHfg==
>>>>>>>>>> > User-Agent: curl/7.25.0 (i386-pc-win32) libcurl/7.25.0
>>>>>>>>>> OpenSSL/0.9.8u zlib/1.2
>>>>>>>>>> .6 libssh2/1.4.0
>>>>>>>>>> > Host: vm-shpt2k7
>>>>>>>>>> > Accept: */*
>>>>>>>>>> > Content-Length: 4
>>>>>>>>>> > Content-Type: application/x-www-form-urlencoded
>>>>>>>>>> >
>>>>>>>>>> * upload completely sent off: 4 out of 4 bytes
>>>>>>>>>> < *HTTP/1.1 500 Internal Server Error*
>>>>>>>>>> < Date: Tue, 27 Nov 2012 16:44:15 GMT
>>>>>>>>>> < Server: Microsoft-IIS/6.0
>>>>>>>>>> < X-Powered-By: ASP.NET
>>>>>>>>>> < MicrosoftSharePointTeamServices: 12.0.0.6421
>>>>>>>>>>  < X-AspNet-Version: 2.0.50727
>>>>>>>>>> < Cache-Control: private
>>>>>>>>>> < Content-Type: application/soap+xml; charset=utf-8
>>>>>>>>>> < Content-Length: 521
>>>>>>>>>> <
>>>>>>>>>> <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="
>>>>>>>>>> http://www.w3.o
>>>>>>>>>> rg/2003/05/soap-envelope" xmlns:xsi="
>>>>>>>>>> http://www.w3.org/2001/XMLSchema-instance"
>>>>>>>>>> xmlns:xsd="http://www.w3.org/2001/XMLSchema
>>>>>>>>>> "><soap:Body><soap:Fault><soap:Code><
>>>>>>>>>> soap:Value>soap:Receiver</soap:Value></soap:Code><soap:Reason><soap:Text
>>>>>>>>>> xml:lan
>>>>>>>>>> g="it">Impossibile elaborare la richiesta. ---&gt; Rilevati dati
>>>>>>>>>> non validi al l
>>>>>>>>>> ivello principale. Riga 1, posizione
>>>>>>>>>> 1.</soap:Text></soap:Reason><soap:Detail />
>>>>>>>>>> </soap:Fault></soap:Body></soap:Envelope>* Connection #0 to host
>>>>>>>>>> (nil) left inta
>>>>>>>>>> ct
>>>>>>>>>> * Closing connection #0
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> And from server log:
>>>>>>>>>>
>>>>>>>>>> 2012-11-27 16:44:14 W3SVC662429156 192.168.30.42 *POST */KireyRep/_vti_bin/MCPermissions.asmx
>>>>>>>>>> - 80 - 192.168.49.65
>>>>>>>>>> curl/7.25.0+(i386-pc-win32)+libcurl/7.25.0+OpenSSL/0.9.8u+zlib/1.2.6+libssh2/1.4.0
>>>>>>>>>> *401* 1 0
>>>>>>>>>> 2012-11-27 16:44:14 W3SVC662429156 192.168.30.42 *POST */KireyRep/_vti_bin/MCPermissions.asmx
>>>>>>>>>> - 80 vm-shpt2k7\Administrator 192.168.49.65
>>>>>>>>>> curl/7.25.0+(i386-pc-win32)+libcurl/7.25.0+OpenSSL/0.9.8u+zlib/1.2.6+libssh2/1.4.0
>>>>>>>>>> *500* 0 0
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> 2012/11/27 Karl Wright <daddywri@gmail.com>
>>>>>>>>>>
>>>>>>>>>>> You need to use the --data option, not -X.
>>>>>>>>>>>
>>>>>>>>>>> Karl
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On Tue, Nov 27, 2012 at 11:37 AM, Luigi D'Addario <
>>>>>>>>>>> luigi.daddario@googlemail.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Karl,
>>>>>>>>>>>>
>>>>>>>>>>>> via curl in POST i get a  HTTP/1.1 *411 Length Required*
>>>>>>>>>>>> *
>>>>>>>>>>>> *
>>>>>>>>>>>> It meand that POST is blocked ?
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> curl -X POST --ntlm -u vm-shpt2k7\\administrator http://vm-s
>>>>>>>>>>>> hpt2k7/KireyRep/_vti_bin/MCPermissions.asmx -v
>>>>>>>>>>>> Enter host password for user 'vm-shpt2k7\\administrator':
>>>>>>>>>>>> * About to connect() to vm-shpt2k7 port 80 (#0)
>>>>>>>>>>>> *   Trying 192.168.30.42...
>>>>>>>>>>>> * connected
>>>>>>>>>>>> * Connected to vm-shpt2k7 (192.168.30.42) port 80 (#0)
>>>>>>>>>>>> * Server auth using NTLM with user 'vm-shpt2k7\\administrator'
>>>>>>>>>>>> > POST /KireyRep/_vti_bin/MCPermissions.asmx HTTP/1.1
>>>>>>>>>>>>  > Authorization: NTLM
>>>>>>>>>>>> TlRMTVNTUAABAAAAt4II4gAAAAAAAAAAAAAAAAAAAAAFASgKAAAADw==
>>>>>>>>>>>> > User-Agent: curl/7.25.0 (i386-pc-win32) libcurl/7.25.0
>>>>>>>>>>>> OpenSSL/0.9.8u zlib/1.2
>>>>>>>>>>>> .6 libssh2/1.4.0
>>>>>>>>>>>> > Host: vm-shpt2k7
>>>>>>>>>>>> > Accept: */*
>>>>>>>>>>>> >
>>>>>>>>>>>> < HTTP/1.1 *411 Length Required*
>>>>>>>>>>>> < Content-Type: text/html
>>>>>>>>>>>> < Date: Tue, 27 Nov 2012 16:32:06 GMT
>>>>>>>>>>>> < Connection: close
>>>>>>>>>>>>  < Content-Length: 24
>>>>>>>>>>>> <
>>>>>>>>>>>> <h1>Length Required</h1>* Closing connection #0
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> 2012/11/27 Karl Wright <daddywri@gmail.com>
>>>>>>>>>>>>
>>>>>>>>>>>>> Just on a whim, can you try POST with curl also?  It is
>>>>>>>>>>>>> possible that POSTs are blocked in some way.
>>>>>>>>>>>>>
>>>>>>>>>>>>> If that doesn't work, then your security settings are
>>>>>>>>>>>>> prohibiting post.
>>>>>>>>>>>>>
>>>>>>>>>>>>> If that DOES work, then I'd like you to download a ManifoldCF
>>>>>>>>>>>>> 1.1-dev image from
>>>>>>>>>>>>> http://people.apache.org/~kwright/apache-manifoldcf-1.1-dev ,
>>>>>>>>>>>>> and try that.  This uses httpcomponents rather than our special
>>>>>>>>>>>>> commons-httpclient version.
>>>>>>>>>>>>>
>>>>>>>>>>>>> If none of this helps, getting a packet capture of both a curl
>>>>>>>>>>>>> POST and the comparable ManifoldCF attempt may well show us what the key
>>>>>>>>>>>>> issue is.  It's possible that there is a header or something your IIS is
>>>>>>>>>>>>> rejecting, for instance.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Thanks,
>>>>>>>>>>>>> Karl
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Tue, Nov 27, 2012 at 11:06 AM, Luigi D'Addario <
>>>>>>>>>>>>> luigi.daddario@googlemail.com> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Karl,
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I tried many credential combination .. always 401 ..
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> From server log,
>>>>>>>>>>>>>> with ManifoldCF UI interface (in POST), 401 error:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> #Software: Microsoft Internet Information Services 6.0
>>>>>>>>>>>>>> #Version: 1.0
>>>>>>>>>>>>>> #Date: 2012-11-27 15:38:37
>>>>>>>>>>>>>> #Fields: date time s-sitename s-ip cs-method cs-uri-stem
>>>>>>>>>>>>>> cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus
>>>>>>>>>>>>>> sc-win32-status
>>>>>>>>>>>>>> 2012-11-27 15:38:37 W3SVC662429156 192.168.30.42 *POST*/KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Axis/1.4
>>>>>>>>>>>>>> *401* 2 2148074254
>>>>>>>>>>>>>> 2012-11-27 15:38:37 W3SVC662429156 192.168.30.42 *POST */KireyRep/_vti_bin/lists.asmx
>>>>>>>>>>>>>> - 80 - 192.168.49.62 Axis/1.4 *401* 1 0
>>>>>>>>>>>>>> 2012-11-27 15:38:37 W3SVC662429156 192.168.30.42 *POST */KireyRep/_vti_bin/lists.asmx
>>>>>>>>>>>>>> - 80 - 192.168.49.62 Axis/1.4 *401* 1 2148074252
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> With direct call via http (
>>>>>>>>>>>>>> http://vm-shpt2k7/KireyRep/_vti_bin/lists.asmx), (in GET):
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> 2012-11-27 15:43:48 W3SVC662429156 192.168.30.42 GET
>>>>>>>>>>>>>> /KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62
>>>>>>>>>>>>>> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729)
>>>>>>>>>>>>>> *401* 2 2148074254
>>>>>>>>>>>>>> 2012-11-27 15:43:48 W3SVC662429156 192.168.30.42 GET
>>>>>>>>>>>>>> /KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62
>>>>>>>>>>>>>> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729)
>>>>>>>>>>>>>> *401 *1 0
>>>>>>>>>>>>>> 2012-11-27 15:43:48 W3SVC662429156 192.168.30.42 GET
>>>>>>>>>>>>>> /KireyRep/_vti_bin/lists.asmx - 80 vm-shpt2k7\administrator 192.168.49.62
>>>>>>>>>>>>>> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729)
>>>>>>>>>>>>>> *200* 0 0
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> It's quite a conundrum ...
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> 2012/11/27 Karl Wright <daddywri@gmail.com>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Ok, can you try a fully-qualified domain name, rather than
>>>>>>>>>>>>>>> the abbreviated one you have given, for the credentials?  Also, you might
>>>>>>>>>>>>>>> want to look at the server-side event logs for the reason for the
>>>>>>>>>>>>>>> authentication failure.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Thanks,
>>>>>>>>>>>>>>> Karl
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> On Tue, Nov 27, 2012 at 9:04 AM, Luigi D'Addario <
>>>>>>>>>>>>>>> luigi.daddario@googlemail.com> wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> well,
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> on SharePoint Server:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> *NTAuthenticationProviders="NTLM"*
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> *
>>>>>>>>>>>>>>>> *
>>>>>>>>>>>>>>>> on ManifoldCF UI interface, error:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Parameters: serverLocation=/KireyRep
>>>>>>>>>>>>>>>> serverPort=80
>>>>>>>>>>>>>>>> serverVersion=3.0
>>>>>>>>>>>>>>>> userName=VM-SHPT2K7\Administrator
>>>>>>>>>>>>>>>> serverProtocol=http
>>>>>>>>>>>>>>>> serverName=vm-shpt2k7.services-kirey.lan
>>>>>>>>>>>>>>>> password=********
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Connection status:Crawl user did not authenticate
>>>>>>>>>>>>>>>> properly, or has insufficient permissions to access
>>>>>>>>>>>>>>>> http://vm-shpt2k7.services-kirey.lan/KireyRep: *(401)HTTP/1.1
>>>>>>>>>>>>>>>> 401 Unauthorized*
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> on manifoldcf.log
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> *no error trace !*
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> 2012/11/27 Karl Wright <daddywri@gmail.com>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Hi Luigi,
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> The "Negotiate" is clearly part of the problem; please
>>>>>>>>>>>>>>>>> leave that out.
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> The log entries you mention are indeed harmless warnings
>>>>>>>>>>>>>>>>> that we don't have an Italian localization yet.
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> When you view the connection in the UI, what do you see
>>>>>>>>>>>>>>>>> now?
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Karl
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> On Tue, Nov 27, 2012 at 8:25 AM, Luigi D'Addario <
>>>>>>>>>>>>>>>>> luigi.daddario@googlemail.com> wrote:
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> hi Karl,
>>>>>>>>>>>>>>>>>> thanks for your reply.
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> *(1) Are you sure that your SharePoint IIS is not
>>>>>>>>>>>>>>>>>> configured to use*
>>>>>>>>>>>>>>>>>> *Kerberos auth?*
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> On Sharepoint Server, in the MetaBase.xml  i have
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> <IIsWebVirtualDir Location ="/LM/W3SVC/662429156/Root"
>>>>>>>>>>>>>>>>>>  AccessFlags="AccessExecute | AccessRead | AccessWrite |
>>>>>>>>>>>>>>>>>> AccessScript"
>>>>>>>>>>>>>>>>>> AppFriendlyName="Root"
>>>>>>>>>>>>>>>>>>  AppIsolated="2"
>>>>>>>>>>>>>>>>>> AppPoolId="SharePoint - 80"
>>>>>>>>>>>>>>>>>> AppRoot="/LM/W3SVC/662429156/Root"
>>>>>>>>>>>>>>>>>>  AuthFlags="*AuthNTLM*"
>>>>>>>>>>>>>>>>>> ContentIndexed="FALSE"
>>>>>>>>>>>>>>>>>> DefaultLogonDomain="services-kirey.lan"
>>>>>>>>>>>>>>>>>>  DoDynamicCompression="TRUE"
>>>>>>>>>>>>>>>>>> DoStaticCompression="TRUE"
>>>>>>>>>>>>>>>>>>  HttpCustomHeaders="X-Powered-By: ASP.NET
>>>>>>>>>>>>>>>>>> MicrosoftSharePointTeamServices: 12.0.0.6421"
>>>>>>>>>>>>>>>>>>  *NTAuthenticationProviders="Negotiate,NTLM"*
>>>>>>>>>>>>>>>>>> Path="C:\Inetpub\wwwroot\wss\VirtualDirectories\80"
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Ok, i have first "Negotiate", but  if I force only NTLM  (
>>>>>>>>>>>>>>>>>> *NTAuthenticationProviders="NTLM"*), manifoldcf.log *not
>>>>>>>>>>>>>>>>>> recorder any messages* !!
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> With a simply asp script running on my Sharepoint Server
>>>>>>>>>>>>>>>>>> page i tried to get authentication mode via http and this is the result:
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> with *NTAuthenticationProviders="NTLM":*
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> *User Id = VM-SHPT2K7\Administrator The user was logged
>>>>>>>>>>>>>>>>>> in using the NTLM authentication method.*
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> with *NTAuthenticationProviders="Negotiate,NTLM":*
>>>>>>>>>>>>>>>>>> *
>>>>>>>>>>>>>>>>>> *
>>>>>>>>>>>>>>>>>> *User Id = VM-SHPT2K7\Administrator The Negotiate method
>>>>>>>>>>>>>>>>>> was used!
>>>>>>>>>>>>>>>>>> The user was logged on using NTLM*
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> In  manifoldcf.log i founded this error but i think is
>>>>>>>>>>>>>>>>>> not related with 401:
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> ERROR 2012-11-27 10:56:49,828 (qtp17632942-166) - Missing
>>>>>>>>>>>>>>>>>> resource bundle
>>>>>>>>>>>>>>>>>> 'org.apache.manifoldcf.crawler.connectors.sharepoint.common' for locale
>>>>>>>>>>>>>>>>>> 'it': Can't find bundle for base name
>>>>>>>>>>>>>>>>>> org.apache.manifoldcf.crawler.connectors.sharepoint.common, locale it;
>>>>>>>>>>>>>>>>>> trying it
>>>>>>>>>>>>>>>>>> java.util.MissingResourceException: Can't find bundle for
>>>>>>>>>>>>>>>>>> base name org.apache.manifoldcf.crawler.connectors.sharepoint.common,
>>>>>>>>>>>>>>>>>> locale it
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> 2012/11/27 Karl Wright <daddywri@gmail.com>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> Hi Luigi,
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> The warning is coming from the part of
>>>>>>>>>>>>>>>>>>> commons-httpclient that is
>>>>>>>>>>>>>>>>>>> trying to set up communication with your SharePoint
>>>>>>>>>>>>>>>>>>> instance.  It
>>>>>>>>>>>>>>>>>>> thinks it needs to use SPNEGO to figure out the
>>>>>>>>>>>>>>>>>>> authentication
>>>>>>>>>>>>>>>>>>> mechanism, and it seems to be trying to load kerberos 5
>>>>>>>>>>>>>>>>>>> configuration
>>>>>>>>>>>>>>>>>>> information, which means that  it thinks Kerberos is the
>>>>>>>>>>>>>>>>>>> authentication mechanism of choice.
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> (1) Are you sure that your SharePoint IIS is not
>>>>>>>>>>>>>>>>>>> configured to use
>>>>>>>>>>>>>>>>>>> Kerberos auth?
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> (2) What command-line arguments are you giving to the
>>>>>>>>>>>>>>>>>>> JVM that is
>>>>>>>>>>>>>>>>>>> running ManifoldCF?
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> Karl
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> On Tue, Nov 27, 2012 at 7:44 AM, Luigi D'Addario
>>>>>>>>>>>>>>>>>>> <luigi.daddario@googlemail.com> wrote:
>>>>>>>>>>>>>>>>>>> > Hello,
>>>>>>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>>>>>> > I have installed apache-manifoldcf-1.0.1 on my Windows
>>>>>>>>>>>>>>>>>>> XP and
>>>>>>>>>>>>>>>>>>> > apache-manifoldcf-sharepoint-2007-plugin on my
>>>>>>>>>>>>>>>>>>> SharePoint 2007 server.
>>>>>>>>>>>>>>>>>>> >  (a virtual machine).
>>>>>>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>>>>>> > I can see the Permissions Page when I enter
>>>>>>>>>>>>>>>>>>> > http://xxxxx:xxxxx
>>>>>>>>>>>>>>>>>>> /sub_directory/_vti_bin/MCPermissions.asmx
>>>>>>>>>>>>>>>>>>> > in my browser.
>>>>>>>>>>>>>>>>>>> > When I try to make a "SharePoint Services 3.0 (2007)"
>>>>>>>>>>>>>>>>>>> > connection to my SharePoint 2007 server in the
>>>>>>>>>>>>>>>>>>> ManifoldCF
>>>>>>>>>>>>>>>>>>> > interface I get this error:
>>>>>>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>>>>>> > Crawl user did not authenticate properly, or has
>>>>>>>>>>>>>>>>>>> insufficient permissions to
>>>>>>>>>>>>>>>>>>> > accesshttp://vm-shpt2k7/KireyRep: (401)HTTP/1.1 401
>>>>>>>>>>>>>>>>>>> Unauthorized
>>>>>>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>>>>>> > Via curl i get first a 401 and then a 200 status:
>>>>>>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>>>>>> > curl --ntlm -u vm-shpt2k7\\administrator
>>>>>>>>>>>>>>>>>>> > http://vm-shpt2k7/KireyRep/_vti_bin/MCPermissions.asmx-v
>>>>>>>>>>>>>>>>>>> > Enter host password for user
>>>>>>>>>>>>>>>>>>> 'vm-shpt2k7\\administrator':
>>>>>>>>>>>>>>>>>>> > * About to connect() to vm-shpt2k7 port 80 (#0)
>>>>>>>>>>>>>>>>>>> > *   Trying 192.168.30.42...
>>>>>>>>>>>>>>>>>>> > * connected
>>>>>>>>>>>>>>>>>>> > * Connected to vm-shpt2k7 (192.168.30.42) port 80 (#0)
>>>>>>>>>>>>>>>>>>> > * Server auth using NTLM with user
>>>>>>>>>>>>>>>>>>> 'vm-shpt2k7\\administrator'
>>>>>>>>>>>>>>>>>>> >> GET /KireyRep/_vti_bin/MCPermissions.asmx HTTP/1.1
>>>>>>>>>>>>>>>>>>> >> Authorization: NTLM
>>>>>>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>>>>>>> TlRMTVNTUAABAAAAt4II4gAAAAAAAAAAAAAAAAAAAAAFASgKAAAADw==
>>>>>>>>>>>>>>>>>>> >> User-Agent: curl/7.25.0 (i386-pc-win32)
>>>>>>>>>>>>>>>>>>> libcurl/7.25.0 OpenSSL/0.9.8u
>>>>>>>>>>>>>>>>>>> >> zlib/1.2
>>>>>>>>>>>>>>>>>>> > .6 libssh2/1.4.0
>>>>>>>>>>>>>>>>>>> >> Host: vm-shpt2k7
>>>>>>>>>>>>>>>>>>> >> Accept: */*
>>>>>>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>>>>>>> > < HTTP/1.1 401 Unauthorized
>>>>>>>>>>>>>>>>>>> > < Content-Length: 1539
>>>>>>>>>>>>>>>>>>> > < Content-Type: text/html
>>>>>>>>>>>>>>>>>>> > < Server: Microsoft-IIS/6.0
>>>>>>>>>>>>>>>>>>> > < WWW-Authenticate: NTLM
>>>>>>>>>>>>>>>>>>> > TlRMTVNTUAACAAAAHAAcADgAAAA1goniwKcRCkDsTOwAAAAAAAAAAMo
>>>>>>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>>>>>> AygBUAAAABQLODgAAAA9TAEUAUgBWAEkAQwBFAFMALQBLAEkAUgBFAFkAAgAcAFMARQBSAFYASQBDAEU
>>>>>>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>>>>>> AUwAtAEsASQBSAEUAWQABABQAVgBNAC0AUwBIAFAAVAAyAEsANwAEACQAcwBlAHIAdgBpAGMAZQBzAC0
>>>>>>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>>>>>> AawBpAHIAZQB5AC4AbABhAG4AAwA6AHYAbQAtAHMAaABwAHQAMgBrADcALgBzAGUAcgB2AGkAYwBlAHM
>>>>>>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>>>>>> ALQBrAGkAcgBlAHkALgBsAGEAbgAFACQAcwBlAHIAdgBpAGMAZQBzAC0AawBpAHIAZQB5AC4AbABhAG4
>>>>>>>>>>>>>>>>>>> > AAAAAAA==
>>>>>>>>>>>>>>>>>>> > < X-Powered-By: ASP.NET
>>>>>>>>>>>>>>>>>>> > < MicrosoftSharePointTeamServices: 12.0.0.6421
>>>>>>>>>>>>>>>>>>> > < Date: Mon, 26 Nov 2012 21:47:30 GMT
>>>>>>>>>>>>>>>>>>> > <
>>>>>>>>>>>>>>>>>>> > * Ignoring the response-body
>>>>>>>>>>>>>>>>>>> > * Connection #0 to host vm-shpt2k7 left intact
>>>>>>>>>>>>>>>>>>> > * Issue another request to this URL:
>>>>>>>>>>>>>>>>>>> > 'http://vm-shpt2k7/KireyRep/_vti_bin/MCPerm
>>>>>>>>>>>>>>>>>>> > issions.asmx'
>>>>>>>>>>>>>>>>>>> > * Re-using existing connection! (#0) with host (nil)
>>>>>>>>>>>>>>>>>>> > * Connected to (nil) (192.168.30.42) port 80 (#0)
>>>>>>>>>>>>>>>>>>> > * Server auth using NTLM with user
>>>>>>>>>>>>>>>>>>> 'vm-shpt2k7\\administrator'
>>>>>>>>>>>>>>>>>>> >> GET /KireyRep/_vti_bin/MCPermissions.asmx HTTP/1.1
>>>>>>>>>>>>>>>>>>> >> Authorization: NTLM
>>>>>>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>>>>>>> TlRMTVNTUAADAAAAGAAYAJAAAAAYABgAqAAAABQAFABIAAAAHAAcAFwAAA
>>>>>>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>>>>>> AYABgAeAAAABAAEADAAAAANYKI4gUBKAoAAAAPdgBtAC0AcwBoAHAAdAAyAGsANwBcAGEAZABtAGkAbg
>>>>>>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>>>>>> BpAHMAdAByAGEAdABvAHIAUgBNAC0ARABBAEQARABBAFIASQBPAEwAVl9uuLABbMoAAAAAAAAAAAAAAA
>>>>>>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>>>>>> AAAAAAfxlYG/e4ds0BnEroh9Mto5NQBerxGktFfG5BOyKSh9Uth1nGuYbB3Q==
>>>>>>>>>>>>>>>>>>> >> User-Agent: curl/7.25.0 (i386-pc-win32)
>>>>>>>>>>>>>>>>>>> libcurl/7.25.0 OpenSSL/0.9.8u
>>>>>>>>>>>>>>>>>>> >> zlib/1.2
>>>>>>>>>>>>>>>>>>> > .6 libssh2/1.4.0
>>>>>>>>>>>>>>>>>>> >> Host: vm-shpt2k7
>>>>>>>>>>>>>>>>>>> >> Accept: */*
>>>>>>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>>>>>>> > < HTTP/1.1 200 OK
>>>>>>>>>>>>>>>>>>> > < Date: Mon, 26 Nov 2012 21:47:32 GMT
>>>>>>>>>>>>>>>>>>> > < Server: Microsoft-IIS/6.0
>>>>>>>>>>>>>>>>>>> > < X-Powered-By: ASP.NET
>>>>>>>>>>>>>>>>>>> > < MicrosoftSharePointTeamServices: 12.0.0.6421
>>>>>>>>>>>>>>>>>>> > < X-AspNet-Version: 2.0.50727
>>>>>>>>>>>>>>>>>>> > < Set-Cookie: WSS_KeepSessionAuthenticated=80; path=/
>>>>>>>>>>>>>>>>>>> > < Cache-Control: private, max-age=0
>>>>>>>>>>>>>>>>>>> > < Content-Type: text/html; charset=utf-8
>>>>>>>>>>>>>>>>>>> > < Content-Length: 3253
>>>>>>>>>>>>>>>>>>> > <
>>>>>>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>>>>>> > On virtual machine, IIS is using NTLM authentication,
>>>>>>>>>>>>>>>>>>> but in manifoldcf.log
>>>>>>>>>>>>>>>>>>> > I get this warning:
>>>>>>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>>>>>> > WARN 2012-11-27 12:17:47,375 (Thread-6885) - NEGOTIATE
>>>>>>>>>>>>>>>>>>> authentication error:
>>>>>>>>>>>>>>>>>>> > Invalid name provided (Mechanism level: Could not load
>>>>>>>>>>>>>>>>>>> configuration file
>>>>>>>>>>>>>>>>>>> > C:\WINDOWS\krb5.ini (Impossibile trovare il file
>>>>>>>>>>>>>>>>>>> specificato))
>>>>>>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>>>>>> > Any idea ?
>>>>>>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>>>>>> > Thanks
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>

Mime
View raw message