You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Oleg Kalnichevski (JIRA)" <ji...@apache.org> on 2013/02/01 16:52:17 UTC
[jira] [Commented] (HTTPCLIENT-1315) NTLM or digest authentication
using a local user on a domain host doesn't work
[ https://issues.apache.org/jira/browse/HTTPCLIENT-1315?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13568817#comment-13568817 ]
Oleg Kalnichevski commented on HTTPCLIENT-1315:
-----------------------------------------------
Are you sure DIGEST is affected as well? If you are, please attach a _complete_ wire / context of the session that exhibits the problem. As far as NTLM is concerned only Karl is qualified to deal with the issue. I hope he will get around to having a look at it.
Oleg
> NTLM or digest authentication using a local user on a domain host doesn't work
> ------------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1315
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1315
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpAuth, HttpClient
> Affects Versions: 4.2.3
> Environment: using httpclient to connect to a Windows Server 2008 R2 standard host running IIS 7.5
> Reporter: Mihai David
> Priority: Minor
> Labels: NTLM, authentication, digest, domain, workgroup
>
> The default AuthScheme cannot authenticate local users if the host is included in a domain. Authetication with domain users or local users if the host is in a workgroup works fine.
> If using ntlm or digest authentication:
> - Authentication with a domain user works fine
> - Authentication with a local user if the host is in a workgroup works fine
> - Authentication with a local user (e.g. Administrator) if the host is in a domain returns 401 - Unauthorized. (Note: this works with JCIFS implementation)
> To reproduce:
> //using local user returns "401 - Unauthorized" if the host is part of a domain
> NTCredentials creds = new NTCredentials("Administrator", "password", "myworkstation", "HOSTNAME");
> //domain user works fine:
> //NTCredentials creds = new NTCredentials("USERNAME", "password", "myworkstation", "DOMAIN");
> DefaultHttpClient httpclient = new DefaultHttpClient();
> httpclient.getCredentialsProvider().setCredentials(AuthScope.ANY, creds);
> HttpHost target = new HttpHost("xx.xx.xx.xx", 81, "http");
> HttpContext localContext = new BasicHttpContext();
> HttpGet httpget = new HttpGet("/Orchestrator2012/Orchestrator.svc/Jobs");
> List<String> authpref = new ArrayList<String>();
> authpref.add(AuthPolicy.NTLM);
> httpclient.getParams().setParameter(AuthPNames.TARGET_AUTH_PREF, authpref);
> HttpResponse response1 = httpclient.execute(target, httpget, localContext);
> HttpEntity entity1 = response1.getEntity();
> The code works if I use jcifs-1.3.17 to create an NTLMEngine like in the example: http://hc.apache.org/httpcomponents-client-ga/ntlm.html
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org