You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Karl Wright (JIRA)" <ji...@apache.org> on 2012/12/02 21:19:58 UTC
[jira] [Commented] (HTTPCLIENT-1266) Flag issues in NTLM
implementation prevent authentication on some servers
[ https://issues.apache.org/jira/browse/HTTPCLIENT-1266?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13508347#comment-13508347 ]
Karl Wright commented on HTTPCLIENT-1266:
-----------------------------------------
We'll do our best - as you know this is largely driven by customer discovery. ManifoldCF is fortunate that we have a wide variety of customers out there, and we've been able in the past to leverage their infrastructure when problems arise.
If you bring issues to our attention where NTLM is concerned, and especially if you have clients willing to interact with me, there's a good chance we can work out issues and resolve them. The jcifs solution, as you well know, is not ideal because of the licensing. The current HttpComponents implementation is not actually broken very badly - over the weekend I discovered exactly what the issue is, and the fix is trivial. However, I will also take this opportunity to bring the implementation up to a higher level, since Microsoft has now published specifications of sorts on the protocol, so many opaque features are now clearer.
> Flag issues in NTLM implementation prevent authentication on some servers
> -------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1266
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1266
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpAuth
> Affects Versions: 4.2.2
> Reporter: Karl Wright
> Fix For: Future
>
>
> At the ManifoldCF project, we've recently encountered two SharePoint servers (Windows 2008 Server R2) which seem to be configured in a way that the connector cannot authenticate with them using httpcomponents NTLM. It's worth noting that cURL succeeds, so the NTLM setup is apparently reasonable. Furthermore, the mcf patched version of commons-httpclient also fails in exactly the same way, so it looks like a long-standing issue.
> Working through the problem, it appears that the NTLM flags httpclient sends are, in some cases, inconsistent with the data we include. I am working on a httpclient patch, which I hope to be able to exercise in one of the client situations within the next week or two.
> Please see CONNECTORS-572 for details and research results.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org