You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Malcolm Smith (JIRA)" <ji...@apache.org> on 2014/03/31 14:40:14 UTC
[jira] [Created] (HTTPCLIENT-1491) Enable provision of Service
Principal Name to InitializeSecurityContext
Malcolm Smith created HTTPCLIENT-1491:
-----------------------------------------
Summary: Enable provision of Service Principal Name to InitializeSecurityContext
Key: HTTPCLIENT-1491
URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1491
Project: HttpComponents HttpClient
Issue Type: Improvement
Components: HttpClient
Affects Versions: 4.4 Alpha1
Environment: Windows 7
Reporter: Malcolm Smith
Fix For: Future
Attachments: auth.win.patch
I have found when using the org.apache.http.impl.auth.win patch for Kerberos authentication in our corporate environment the InitializeSecurityContext *pszTargetName parameter must be set to the service principal name (http://msdn.microsoft.com/en-us/library/windows/desktop/ms721625(v=vs.85).aspx#_security_service_principal_name_gly) for the Kerberos handshake to succeed.
This patch allows the service principal name to be provided to the WindowsNegotiateScheme constructor via the Factory classes.
I am unsure if this is required or correct for NTLM.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org