You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Karl Wright (JIRA)" <ji...@apache.org> on 2013/07/07 12:43:49 UTC

[jira] [Commented] (HTTPCLIENT-1381) NullPointerException during NTLM authentication using null workstation/domain

    [ https://issues.apache.org/jira/browse/HTTPCLIENT-1381?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13701545#comment-13701545 ] 

Karl Wright commented on HTTPCLIENT-1381:
-----------------------------------------

It is unlikely that messages are improperly encoded in ntlm handling
since they were compared directly in wireshark against modern Microsoft
products. So I would hesitate to include anything like that in a commit.

Karl

Sent from my Windows Phone
From: Ricardo Pereira (JIRA)
Sent: 7/6/2013 9:51 PM
To: dev@hc.apache.org
Subject: [jira] [Updated] (HTTPCLIENT-1381) NullPointerException during
NTLM authentication using null workstation/domain

     [ https://issues.apache.org/jira/browse/HTTPCLIENT-1381?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Ricardo Pereira updated HTTPCLIENT-1381:
----------------------------------------

    Attachment: HTTPCLIENT-1381_patch_tests

Attached a patch (for trunk) with some changes to the NTLM tests:
 - Adds a new (failing) test which uses NTLMv2 challenge message;
 - Minor changes to use the same response handler;
 - Renames some classes/methods (adds "Message" to "Type2" and adds
the version);
 - Changes the NTLMv1 challenge message since it was not correctly
Base64 encoded (didn't affect the tests, though).


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org

                
> NullPointerException during NTLM authentication using null workstation/domain
> -----------------------------------------------------------------------------
>
>                 Key: HTTPCLIENT-1381
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1381
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpAuth
>    Affects Versions: Snapshot
>            Reporter: Ricardo Pereira
>             Fix For: 4.2.6, 4.3 Beta3
>
>         Attachments: ClientNtlmProxyAuthentication.java, HTTPCLIENT-1381_patch_tests, wire.log
>
>
> Using NTCredentials with null workstation or null domain leads to a NullPointerException during the NTLM authentication.
> The workaround is to use an empty String for both the workstation and domain.
> Exception stack trace of an attempt to authenticate with null workstation:
> Exception in thread "main" java.lang.NullPointerException
> 	at org.apache.http.impl.auth.NTLMEngineImpl.stripDotSuffix(NTLMEngineImpl.java:186)
> 	at org.apache.http.impl.auth.NTLMEngineImpl.convertHost(NTLMEngineImpl.java:194)
> 	at org.apache.http.impl.auth.NTLMEngineImpl.access$14(NTLMEngineImpl.java:193)
> 	at org.apache.http.impl.auth.NTLMEngineImpl$Type1Message.<init>(NTLMEngineImpl.java:970)
> 	at org.apache.http.impl.auth.NTLMEngineImpl.getType1Message(NTLMEngineImpl.java:139)
> 	at org.apache.http.impl.auth.NTLMEngineImpl.generateType1Msg(NTLMEngineImpl.java:1608)
> 	at org.apache.http.impl.auth.NTLMScheme.authenticate(NTLMScheme.java:129)
> 	at org.apache.http.impl.auth.AuthSchemeBase.authenticate(AuthSchemeBase.java:136)
> 	at org.apache.http.impl.auth.HttpAuthenticator.doAuth(HttpAuthenticator.java:239)
> 	at org.apache.http.impl.auth.HttpAuthenticator.generateAuthResponse(HttpAuthenticator.java:202)
> 	at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:251)
> 	at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:176)
> 	at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:77)
> 	at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:101)
> 	at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
> 	at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:115)
> 	at ClientNtlmProxyAuthentication.main(ClientNtlmProxyAuthentication.java:70)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org