You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Erick (Jira)" <ji...@apache.org> on 2021/08/17 00:26:00 UTC
[jira] [Created] (HTTPCLIENT-2170) NTLM Authentication not working
when sending multiple request concurrently
Erick created HTTPCLIENT-2170:
----------------------------------
Summary: NTLM Authentication not working when sending multiple request concurrently
Key: HTTPCLIENT-2170
URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2170
Project: HttpComponents HttpClient
Issue Type: Bug
Components: HttpClient (classic)
Affects Versions: 5.1, 5.0.4
Environment: Java 1.8 and Android
Reporter: Erick
Attachments: NTLMTestSample.zip
We migrated our apache version from 4.5.x to 5.0.4 and we have encountered an authentication error using NTLM.
We are making multiple requests in different threads to a NTLM secured server concurrently such as:
{code:java}
private fun test_Standalone() { val username = "username" val password = "password" val serverName = "localhost"
val requestUrls = arrayOf( "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/0/0/0", "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/63/0/0", "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/16/26166/11433", "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/15/13083/5716", "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/1/0/0", "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/16/26166/11432", "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/14/6541/2858", "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/15/13082/5716", "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/15/13083/5715", "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/16/26166/11431", "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/15/13082/5715", "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/14/6541/2857", "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/16/26165/11434", "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/15/13082/5717" )
for(url in requestUrls) { makeRequestAsync(url, username, password) }}
{code}
Some of the data request succeed but others fail with a *401 Unauthorized.*
**the output looks something like this:
{code:java}
<------[Thread-7] 401 :401 Unauthorized HTTP/1.1
<------[Thread-1] 401 :401 Unauthorized HTTP/1.1
<------[Thread-4] 401 :401 Unauthorized HTTP/1.1
<------[Thread-6] 401 :401 Unauthorized HTTP/1.1
<------[Thread-3] 401 :401 Unauthorized HTTP/1.1
<------[Thread-10] 401 :401 Unauthorized HTTP/1.1
<------[Thread-2] 401 :401 Unauthorized HTTP/1.1
<------[Thread-9] 401 :401 Unauthorized HTTP/1.1
<------[Thread-13] 401 :401 Unauthorized HTTP/1.1
<------[Thread-12] 401 :401 Unauthorized HTTP/1.1
<------[Thread-0] 401 :401 Unauthorized HTTP/1.1
<------[Thread-11] 401 :401 Unauthorized HTTP/1.1
<------[Thread-5] 401 :401 Unauthorized HTTP/1.1
<------[Thread-8] 200 :200 OK HTTP/1.1
{code}
Looking at the logs, it seems that the NTLM handshake fails for some request
**We found that by synchronizing the method [ProtocolExec.execute()|https://github.com/apache/httpcomponents-client/blob/5.0.x/httpclient5/src/main/java/org/apache/hc/client5/http/impl/classic/ProtocolExec.java#L103], all the NTLM authentication requests succeed and we are able to fetch the data successfully.
Attached is some the repro java project that we are using.
The project only needs an NTLM server and credentials to run.
We tested version 5.1 and it was also reproducible.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org