You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Karl Wright (JIRA)" <ji...@apache.org> on 2013/07/07 12:43:49 UTC
[jira] [Commented] (HTTPCLIENT-1381) NullPointerException during
NTLM authentication using null workstation/domain
[ https://issues.apache.org/jira/browse/HTTPCLIENT-1381?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13701545#comment-13701545 ]
Karl Wright commented on HTTPCLIENT-1381:
-----------------------------------------
It is unlikely that messages are improperly encoded in ntlm handling
since they were compared directly in wireshark against modern Microsoft
products. So I would hesitate to include anything like that in a commit.
Karl
Sent from my Windows Phone
From: Ricardo Pereira (JIRA)
Sent: 7/6/2013 9:51 PM
To: dev@hc.apache.org
Subject: [jira] [Updated] (HTTPCLIENT-1381) NullPointerException during
NTLM authentication using null workstation/domain
[ https://issues.apache.org/jira/browse/HTTPCLIENT-1381?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ricardo Pereira updated HTTPCLIENT-1381:
----------------------------------------
Attachment: HTTPCLIENT-1381_patch_tests
Attached a patch (for trunk) with some changes to the NTLM tests:
- Adds a new (failing) test which uses NTLMv2 challenge message;
- Minor changes to use the same response handler;
- Renames some classes/methods (adds "Message" to "Type2" and adds
the version);
- Changes the NTLMv1 challenge message since it was not correctly
Base64 encoded (didn't affect the tests, though).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org
> NullPointerException during NTLM authentication using null workstation/domain
> -----------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1381
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1381
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpAuth
> Affects Versions: Snapshot
> Reporter: Ricardo Pereira
> Fix For: 4.2.6, 4.3 Beta3
>
> Attachments: ClientNtlmProxyAuthentication.java, HTTPCLIENT-1381_patch_tests, wire.log
>
>
> Using NTCredentials with null workstation or null domain leads to a NullPointerException during the NTLM authentication.
> The workaround is to use an empty String for both the workstation and domain.
> Exception stack trace of an attempt to authenticate with null workstation:
> Exception in thread "main" java.lang.NullPointerException
> at org.apache.http.impl.auth.NTLMEngineImpl.stripDotSuffix(NTLMEngineImpl.java:186)
> at org.apache.http.impl.auth.NTLMEngineImpl.convertHost(NTLMEngineImpl.java:194)
> at org.apache.http.impl.auth.NTLMEngineImpl.access$14(NTLMEngineImpl.java:193)
> at org.apache.http.impl.auth.NTLMEngineImpl$Type1Message.<init>(NTLMEngineImpl.java:970)
> at org.apache.http.impl.auth.NTLMEngineImpl.getType1Message(NTLMEngineImpl.java:139)
> at org.apache.http.impl.auth.NTLMEngineImpl.generateType1Msg(NTLMEngineImpl.java:1608)
> at org.apache.http.impl.auth.NTLMScheme.authenticate(NTLMScheme.java:129)
> at org.apache.http.impl.auth.AuthSchemeBase.authenticate(AuthSchemeBase.java:136)
> at org.apache.http.impl.auth.HttpAuthenticator.doAuth(HttpAuthenticator.java:239)
> at org.apache.http.impl.auth.HttpAuthenticator.generateAuthResponse(HttpAuthenticator.java:202)
> at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:251)
> at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:176)
> at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:77)
> at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:101)
> at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
> at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:115)
> at ClientNtlmProxyAuthentication.main(ClientNtlmProxyAuthentication.java:70)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org