You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Carina Lansing (JIRA)" <ji...@apache.org> on 2014/01/10 00:25:51 UTC

[jira] [Created] (HTTPCLIENT-1446) Proxy authentication Error - NTLM authentication error: Unexpected state: MSG_TYPE3_GENERATED in Http Client 4.3.1

Carina Lansing created HTTPCLIENT-1446:
------------------------------------------

             Summary: Proxy authentication Error - NTLM authentication error: Unexpected state: MSG_TYPE3_GENERATED in Http Client 4.3.1
                 Key: HTTPCLIENT-1446
                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1446
             Project: HttpComponents HttpClient
          Issue Type: Bug
          Components: HttpClient
    Affects Versions: 4.3.1
         Environment: Windows 7
            Reporter: Carina Lansing


We are using httpclient 4.3.1, trying to connect to a website that requires basic authentication through an NTLM v2 proxy.  It appears that the proxy authentication is successfully negotiated, but then when trying to process the challenge from the target web site in the next pass, the NTLMScheme is throwing this exception at line  147?  We are instantiating our http client via the snippet shown below.  Attached is a debug trace of the HttpGet  operation.
-----------------------------------------------------------------------------------
    ConnectionConfig connectionConfig = ConnectionConfig.custom()
        .setMalformedInputAction(CodingErrorAction.IGNORE)
        .setUnmappableInputAction(CodingErrorAction.IGNORE)
        .setCharset(Consts.UTF_8)
        .setMessageConstraints(MessageConstraints.DEFAULT)

        .build();
    
    this.connManager = new PoolingHttpClientConnectionManager();

    // Configure the connection manager to use connection configuration
    this.connManager.setDefaultConnectionConfig(connectionConfig);

    // Configure total max or per route limits for persistent connections
    // that can be kept in the pool or leased by the connection manager.
    this.connManager.setMaxTotal(30);
    this.connManager.setDefaultMaxPerRoute(30);

    // Create global request configuration
    this.defaultRequestConfig = RequestConfig.custom()
        .setCookieSpec(CookieSpecs.BEST_MATCH)
        .setExpectContinueEnabled(true)
        .setStaleConnectionCheckEnabled(true)
        .setTargetPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC))
        .setProxyPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC, AuthSchemes.NTLM))
        .build();
.....
    // Set the route planner with our Proxy Selector which should auto-determine the proxy settings
    SystemDefaultRoutePlanner routePlanner = new SystemDefaultRoutePlanner(ProxyConfig.getProxySelector());

    // Use custom credentials provider to set credentials for server and proxy
    CredentialsProvider credentialsProvider = new BasicCredentialsProvider();     

    // Set credentials for velo server
    credentialsProvider.setCredentials(
        new AuthScope(this.server, this.port), // velo server and port (i.e., akuna.labworks.org:80)
        new UsernamePasswordCredentials(username, password));

    // Set credentials for proxy
    if(ProxyConfig.getHost() != null && ProxyConfig.getProxyUsername() != null) {
      // basic scheme
      credentialsProvider.setCredentials(
          new AuthScope(ProxyConfig.getHost(), ProxyConfig.getPort(), new BasicScheme().getSchemeName()),
          new UsernamePasswordCredentials(ProxyConfig.getProxyUsername(), ProxyConfig.getProxyPassword()));       

      // NTLM scheme
      credentialsProvider.setCredentials(
          new AuthScope(ProxyConfig.getHost(), ProxyConfig.getPort(), AuthScope.ANY_REALM, new NTLMScheme().getSchemeName()),
          new NTCredentials(ProxyConfig.getProxyUsername(), ProxyConfig.getProxyPassword(),
              ProxyConfig.getClientMachine(), ProxyConfig.getClientDomain()));  
    }
    
    // Configure for https
    SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext,
        SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
    
    // Create an HttpClient with the given custom dependencies and configuration.
    CloseableHttpClient httpclient = HttpClients.custom()
        .setConnectionManager(this.connManager)
        .setDefaultCredentialsProvider(credentialsProvider)
        //         .setProxy(new HttpHost("myproxy", 8080)) // don't need to set proxy since routePlanner should do it
        .setRoutePlanner(routePlanner)
        .setDefaultRequestConfig(this.defaultRequestConfig)
        .setSSLSocketFactory(sslsf)
        .build();




--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org