You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by bu...@apache.org on 2003/05/16 19:53:03 UTC
DO NOT REPLY [Bug 19969] -
Problems with redirect when NTLM authentication is used
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=19969>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=19969
Problems with redirect when NTLM authentication is used
olegk@apache.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|Problems with ---GetMethod |Problems with redirect when
| |NTLM authentication is used
------- Additional Comments From olegk@apache.org 2003-05-16 17:53 -------
Omar,
We still can't rule out a bug in the HttpClient that has been causing this
problem, however, the server also clearly plays a part in it. Have a look for
yourself: with the 25022003 build the server responds with 200 status code,
whereas with the 15052003 build it responds with 203 status code (redirect) and
'connection: close' header.
25 Feb
10:30:37:171 EDT [DEBUG] wire - ->> "GET /script/action=GetValue&NAME& HTTP/1.1"
[\r\n]
10:30:37:202 EDT [DEBUG] wire - -<< "HTTP/1.1 401 Access Denied" [\r\n]
10:30:37:218 EDT [DEBUG] wire - -<< "WWW-Authenticate: NTLM" [\r\n]
10:30:37:218 EDT [DEBUG] wire - -<< "Connection: close" [\r\n]
10:30:40:139 EDT [DEBUG] wire - ->> "GET /script/action=GetValue&NAME& HTTP/1.1"
[\r\n]
10:30:44:764 EDT [DEBUG] wire - ->> "Authorization: *******" [\r\n]
10:30:44:764 EDT [DEBUG] wire - -<< "HTTP/1.1 401 Access Denied" [\r\n]
10:30:44:780 EDT [DEBUG] wire - -<< "WWW-Authenticate: NTLM *******" [\r\n]
10:30:47:968 EDT [DEBUG] wire - ->> "GET /script/action=GetValue&NAME& HTTP/1.1"
[\r\n]
10:30:47:999 EDT [DEBUG] wire - ->> "Authorization: NTLM *******" [\r\n]
10:30:48:421 EDT [DEBUG] wire - -<< "HTTP/1.1 200 OK
10:30:52:452 EDT [DEBUG] wire - -<< "Connection: close
Build 11 May
18:37:41:124 EDT [DEBUG] wire - ->> "GET /script/action=GetValue&NAME&
HTTP/1.1[\r][\n]"
18:37:41:170 EDT [DEBUG] wire - -<< "HTTP/1.1 401 Access Denied[\r][\n]"
18:37:41:217 EDT [DEBUG] wire - -<< "WWW-Authenticate: NTLM[\r][\n]"
18:37:41:233 EDT [DEBUG] wire - -<< "Connection: close[\r][\n]"
18:37:57:420 EDT [DEBUG] wire - ->> "GET /script/action=GetValue&NAME&
HTTP/1.1[\r][\n]"
18:37:57:467 EDT [DEBUG] wire - ->> "Authorization: NTLM *******[\r][\n]"
18:37:57:483 EDT [DEBUG] wire - -<< "HTTP/1.1 401 Access Denied[\r][\n]"
18:37:57:561 EDT [DEBUG] wire - -<< "WWW-Authenticate: NTLM *******[\r][\n]"
18:38:12:577 EDT [DEBUG] wire - ->> "GET /script/action=GetValue&NAME&
HTTP/1.1[\r][\n]"
18:38:12:639 EDT [DEBUG] wire - ->> "Authorization: NTLM ******[\r][\n]"
18:38:19:795 EDT [DEBUG] wire - -<< "HTTP/1.1 302 Object Moved[\r][\n]"
18:38:19:889 EDT [DEBUG] wire - -<< "Location:
http://somar:80/script/func=login&NextURL=http://somar:80/script/action=GetValue&NAME&
[\r][\n]"
18:38:19:952 EDT [DEBUG] wire - ->> "GET
/Livelink/livelink.exe?func=LL.getlogin&NextURL=%2FLivelink%2Flivelink%2Eexe%3Ffunc%3Dll%26objId%3D15491%26vernum%3D1%26objAction%3DcsiGetProperties%26%26CSI_DocName%26
HTTP/1.1[\r][\n]"
18:38:20:030 EDT [DEBUG] wire - ->> "Authorization: NTLM ******[\r][\n]"
18:38:26:405 EDT [DEBUG] wire - -<< "HTTP/1.1 401 Access Denied[\r][\n]"
18:38:26:452 EDT [DEBUG] wire - -<< "WWW-Authenticate: NTLM[\r][\n]"
This is kind of weird. Cookies also looks quite fishy to me. I can't tell more
without having some additional input from you regarding the use of cookies in
your application.
Adrian,
What we have to look into is why HttpClient can't re-authenticate correctly
after having received a redirect to another URL along with 'connection: close'
header. Does HttpClient handle things right? If you remember I was concerned
about using the complete NTLM challenge as an authentication realm key. Can it
be the reason?
Cheers
Oleg