You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Dave Godbey (JIRA)" <ji...@apache.org> on 2012/08/23 14:15:42 UTC
[jira] [Created] (HTTPCLIENT-1224) NTLM auth fails with redirect.
Eg. Exchange /ews/Exchange.asmx -> /ews/Services.wsdl
Dave Godbey created HTTPCLIENT-1224:
---------------------------------------
Summary: NTLM auth fails with redirect. Eg. Exchange /ews/Exchange.asmx -> /ews/Services.wsdl
Key: HTTPCLIENT-1224
URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1224
Project: HttpComponents HttpClient
Issue Type: Bug
Components: HttpClient
Affects Versions: 4.2.1
Environment: Fedora 15
Reporter: Dave Godbey
Fix For: 4.2.2
When you communicate with a Microsoft Exchange server (eg. EWS), you point to /ews/Exchange.asmx. Exchange replies with a redirect order to ews/Services.wsdl. Client is failing to complete this with following wire log:
executing request: GET /ews/Exchange.asmx HTTP/1.1
to target: https://mail02.ndc.nasa.gov:443
2012/08/22 15:05:41:570 CDT [DEBUG] BasicClientConnectionManager - Get connection for route {s}->https://mail02.ndc.nasa.gov:443
2012/08/22 15:05:41:785 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443
2012/08/22 15:05:42:324 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
2012/08/22 15:05:42:337 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
2012/08/22 15:05:42:337 CDT [DEBUG] RequestTargetAuthentication - Target auth state: UNCHALLENGED
2012/08/22 15:05:42:338 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
2012/08/22 15:05:42:338 CDT [DEBUG] DefaultHttpClient - Attempt 1 to execute request
2012/08/22 15:05:42:338 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
2012/08/22 15:05:42:339 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
2012/08/22 15:05:42:339 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
2012/08/22 15:05:42:340 CDT [DEBUG] headers - >> Connection: Keep-Alive
2012/08/22 15:05:42:340 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
2012/08/22 15:05:42:395 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
2012/08/22 15:05:42:395 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Content-Length: 1656
2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Content-Type: text/html
2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
2012/08/22 15:05:42:396 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate
2012/08/22 15:05:42:396 CDT [DEBUG] headers - << WWW-Authenticate: NTLM
2012/08/22 15:05:42:396 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:41 GMT
2012/08/22 15:05:42:400 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
2012/08/22 15:05:42:401 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
2012/08/22 15:05:42:401 CDT [DEBUG] TargetAuthenticationStrategy - Authentication schemes in the order of preference: [negotiate, Kerberos, NTLM, Digest, Basic]
2012/08/22 15:05:42:409 CDT [DEBUG] SPNegoScheme - Received challenge '' from the auth server
2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Kerberos authentication scheme not available
2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Digest authentication scheme not available
2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Basic authentication scheme not available
2012/08/22 15:05:42:410 CDT [DEBUG] DefaultHttpClient - Selected authentication options: [NEGOTIATE, NTLM]
2012/08/22 15:05:42:411 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
2012/08/22 15:05:42:411 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
2012/08/22 15:05:42:411 CDT [DEBUG] RequestTargetAuthentication - Target auth state: CHALLENGED
2012/08/22 15:05:42:411 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using Negotiate scheme
2012/08/22 15:05:42:412 CDT [DEBUG] SPNegoScheme - init mail02.ndc.nasa.gov:443
2012/08/22 15:05:42:428 CDT [WARN] RequestTargetAuthentication - NEGOTIATE authentication error: No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt))
2012/08/22 15:05:42:428 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using ntlm scheme
2012/08/22 15:05:42:430 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
2012/08/22 15:05:42:431 CDT [DEBUG] DefaultHttpClient - Attempt 2 to execute request
2012/08/22 15:05:42:431 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Connection: Keep-Alive
2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAABAAAANQIIIAYABgAkAAAABAAEACAAAAA2ADgATgBEAEMA
2012/08/22 15:05:42:479 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
2012/08/22 15:05:42:479 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
2012/08/22 15:05:42:479 CDT [DEBUG] headers - << Content-Length: 1539
2012/08/22 15:05:42:479 CDT [DEBUG] headers - << Content-Type: text/html
2012/08/22 15:05:42:480 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
2012/08/22 15:05:42:480 CDT [DEBUG] headers - << WWW-Authenticate: NTLM TlRMTVNTUAACAAAABgAGADgAAAA1AokiF/jsXoLF09YAAAAAAAAAAIwAjAA+AAAABQLODgAAAA9OAEQAQwACAAYATgBEAEMAAQASAE4ARABNAFMAQwBBAFMAMAA3AAQAGABuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgADACwAbgBkAG0AcwBjAGEAcwAwADcALgBuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgAFABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAAAAAA==
2012/08/22 15:05:42:480 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
2012/08/22 15:05:42:480 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
2012/08/22 15:05:42:480 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
2012/08/22 15:05:42:481 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
2012/08/22 15:05:42:481 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed
2012/08/22 15:05:42:481 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
2012/08/22 15:05:42:482 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
2012/08/22 15:05:42:482 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
2012/08/22 15:05:42:491 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
2012/08/22 15:05:42:491 CDT [DEBUG] DefaultHttpClient - Attempt 3 to execute request
2012/08/22 15:05:42:491 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Connection: Keep-Alive
2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAC4ALgAWAAAAAYABgAQAQAADgAOABYBAAAEAAQAJAEAAAAAAAAoAQAANQIIIBHmQ40nLaSFn1s5yZuMSjVu5GMt03gALm3CwkwfZcuQnNpCRGUtYgwBAQAAAAAAAKDzIIKhgM0BbuRjLdN4AC4AAAAAAgAGAE4ARABDAAEAEgBOAEQATQBTAEMAQQBTADAANwAEABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAwAsAG4AZABtAHMAYwBhAHMAMAA3AC4AbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYABQAYAG4AZABjAC4AbgBhAHMAYQAuAGcAbwB2AAAAAABOAEQAQwBkAGcAbwBkAGIAZQB5ADYAOAA=
2012/08/22 15:05:42:548 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 302 Found
2012/08/22 15:05:42:548 CDT [DEBUG] headers - << HTTP/1.1 302 Found
2012/08/22 15:05:42:548 CDT [DEBUG] headers - << Connection: close
2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
2012/08/22 15:05:42:549 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
2012/08/22 15:05:42:549 CDT [DEBUG] headers - << X-AspNet-Version: 2.0.50727
2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Location: /ews/Services.wsdl
2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Cache-Control: private
2012/08/22 15:05:42:550 CDT [DEBUG] headers - << Content-Type: text/html
2012/08/22 15:05:42:551 CDT [DEBUG] DefaultRedirectStrategy - Redirect requested to location '/ews/Services.wsdl'
2012/08/22 15:05:42:558 CDT [DEBUG] DefaultHttpClient - Redirecting to 'https://mail02.ndc.nasa.gov:443/ews/Services.wsdl' via {s}->https://mail02.ndc.nasa.gov:443
2012/08/22 15:05:42:559 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:56462<->198.117.0.46:443 closed
2012/08/22 15:05:42:560 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443
2012/08/22 15:05:42:703 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
2012/08/22 15:05:42:704 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
2012/08/22 15:05:42:704 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
2012/08/22 15:05:42:704 CDT [ERROR] RequestTargetAuthentication - NTLM authentication error: Unexpected state: MSG_TYPE3_GENERATED
2012/08/22 15:05:42:704 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
2012/08/22 15:05:42:705 CDT [DEBUG] DefaultHttpClient - Attempt 4 to execute request
2012/08/22 15:05:42:705 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Services.wsdl HTTP/1.1
2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> GET /ews/Services.wsdl HTTP/1.1
2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> Connection: Keep-Alive
2012/08/22 15:05:42:706 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
2012/08/22 15:05:43:091 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
2012/08/22 15:05:43:092 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Content-Length: 1656
2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Content-Type: text/html
2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
2012/08/22 15:05:43:093 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate
2012/08/22 15:05:43:093 CDT [DEBUG] headers - << WWW-Authenticate: NTLM
2012/08/22 15:05:43:093 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
2012/08/22 15:05:43:093 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
2012/08/22 15:05:43:093 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed
2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - Authentication failed
Source breakpoint: NtlmTest1.java:229
----------------------------------------
HTTP/1.1 401 Unauthorized
Response content length: 1656
2012/08/22 15:05:48:626 CDT [DEBUG] BasicClientConnectionManager - Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl@18b1f8f
2012/08/22 15:05:48:626 CDT [DEBUG] BasicClientConnectionManager - Connection can be kept alive indefinitely
2012/08/22 15:05:48:626 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:56463<->198.117.0.46:443 closed
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org
[jira] [Resolved] (HTTPCLIENT-1224) (regression) NTLM auth not
retried after a redirect over a non-persistent connection
Posted by "Dave Godbey (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HTTPCLIENT-1224?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dave Godbey resolved HTTPCLIENT-1224.
-------------------------------------
Resolution: Fixed
Redirect issue for NTLMv2 is now fixed. Thank you.
> (regression) NTLM auth not retried after a redirect over a non-persistent connection
> ------------------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1224
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1224
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient
> Affects Versions: 4.2.1
> Environment: Fedora 15
> Reporter: Dave Godbey
> Labels: NTLM, authentication, redirect
> Fix For: 4.2.2
>
>
> When you communicate with a Microsoft Exchange server (eg. EWS), you point to /ews/Exchange.asmx. Exchange replies with a redirect order to ews/Services.wsdl. Client is failing to complete this with following wire log:
> executing request: GET /ews/Exchange.asmx HTTP/1.1
> to target: https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:41:570 CDT [DEBUG] BasicClientConnectionManager - Get connection for route {s}->https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:41:785 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:324 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:337 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:337 CDT [DEBUG] RequestTargetAuthentication - Target auth state: UNCHALLENGED
> 2012/08/22 15:05:42:338 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:338 CDT [DEBUG] DefaultHttpClient - Attempt 1 to execute request
> 2012/08/22 15:05:42:338 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:339 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:339 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:340 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:340 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:395 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:395 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Content-Length: 1656
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << WWW-Authenticate: NTLM
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:41 GMT
> 2012/08/22 15:05:42:400 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:42:401 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:42:401 CDT [DEBUG] TargetAuthenticationStrategy - Authentication schemes in the order of preference: [negotiate, Kerberos, NTLM, Digest, Basic]
> 2012/08/22 15:05:42:409 CDT [DEBUG] SPNegoScheme - Received challenge '' from the auth server
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Kerberos authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Digest authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Basic authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] DefaultHttpClient - Selected authentication options: [NEGOTIATE, NTLM]
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestTargetAuthentication - Target auth state: CHALLENGED
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using Negotiate scheme
> 2012/08/22 15:05:42:412 CDT [DEBUG] SPNegoScheme - init mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:428 CDT [WARN] RequestTargetAuthentication - NEGOTIATE authentication error: No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt))
> 2012/08/22 15:05:42:428 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using ntlm scheme
> 2012/08/22 15:05:42:430 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:431 CDT [DEBUG] DefaultHttpClient - Attempt 2 to execute request
> 2012/08/22 15:05:42:431 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAABAAAANQIIIAYABgAkAAAABAAEACAAAAA2ADgATgBEAEMA
> 2012/08/22 15:05:42:479 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << Content-Length: 1539
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << WWW-Authenticate: NTLM TlRMTVNTUAACAAAABgAGADgAAAA1AokiF/jsXoLF09YAAAAAAAAAAIwAjAA+AAAABQLODgAAAA9OAEQAQwACAAYATgBEAEMAAQASAE4ARABNAFMAQwBBAFMAMAA3AAQAGABuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgADACwAbgBkAG0AcwBjAGEAcwAwADcALgBuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgAFABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAAAAAA==
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:42:480 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:42:481 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:42:481 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed
> 2012/08/22 15:05:42:481 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:482 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:482 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
> 2012/08/22 15:05:42:491 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:491 CDT [DEBUG] DefaultHttpClient - Attempt 3 to execute request
> 2012/08/22 15:05:42:491 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAC4ALgAWAAAAAYABgAQAQAADgAOABYBAAAEAAQAJAEAAAAAAAAoAQAANQIIIBHmQ40nLaSFn1s5yZuMSjVu5GMt03gALm3CwkwfZcuQnNpCRGUtYgwBAQAAAAAAAKDzIIKhgM0BbuRjLdN4AC4AAAAAAgAGAE4ARABDAAEAEgBOAEQATQBTAEMAQQBTADAANwAEABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAwAsAG4AZABtAHMAYwBhAHMAMAA3AC4AbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYABQAYAG4AZABjAC4AbgBhAHMAYQAuAGcAbwB2AAAAAABOAEQAQwBkAGcAbwBkAGIAZQB5ADYAOAA=
> 2012/08/22 15:05:42:548 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 302 Found
> 2012/08/22 15:05:42:548 CDT [DEBUG] headers - << HTTP/1.1 302 Found
> 2012/08/22 15:05:42:548 CDT [DEBUG] headers - << Connection: close
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << X-AspNet-Version: 2.0.50727
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Location: /ews/Services.wsdl
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Cache-Control: private
> 2012/08/22 15:05:42:550 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:551 CDT [DEBUG] DefaultRedirectStrategy - Redirect requested to location '/ews/Services.wsdl'
> 2012/08/22 15:05:42:558 CDT [DEBUG] DefaultHttpClient - Redirecting to 'https://mail02.ndc.nasa.gov:443/ews/Services.wsdl' via {s}->https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:559 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:56462<->198.117.0.46:443 closed
> 2012/08/22 15:05:42:560 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:703 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
> 2012/08/22 15:05:42:704 CDT [ERROR] RequestTargetAuthentication - NTLM authentication error: Unexpected state: MSG_TYPE3_GENERATED
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:705 CDT [DEBUG] DefaultHttpClient - Attempt 4 to execute request
> 2012/08/22 15:05:42:705 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Services.wsdl HTTP/1.1
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> GET /ews/Services.wsdl HTTP/1.1
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:706 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:43:091 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Content-Length: 1656
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << WWW-Authenticate: NTLM
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:43:093 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - Authentication failed
> Source breakpoint: NtlmTest1.java:229
> ----------------------------------------
> HTTP/1.1 401 Unauthorized
> Response content length: 1656
> 2012/08/22 15:05:48:626 CDT [DEBUG] BasicClientConnectionManager - Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl@18b1f8f
> 2012/08/22 15:05:48:626 CDT [DEBUG] BasicClientConnectionManager - Connection can be kept alive indefinitely
> 2012/08/22 15:05:48:626 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:56463<->198.117.0.46:443 closed
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org
[jira] [Reopened] (HTTPCLIENT-1224) (regression) NTLM auth not
retried after a redirect over a non-persistent connection
Posted by "Dave Godbey (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HTTPCLIENT-1224?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dave Godbey reopened HTTPCLIENT-1224:
-------------------------------------
Still does not work. Got code from here:
svn checkout http://svn.apache.org/repos/asf/httpcomponents/httpcore/branches/4.2.x/httpcore/ httpcore
svn checkout http://svn.apache.org/repos/asf/httpcomponents/httpclient/branches/4.2.x/ httpclient
Incorporated in my test harness, got this for debug output:
executing request: GET /ews/Exchange.asmx HTTP/1.1
to target: https://mail02.ndc.nasa.gov:443
2012/08/31 09:32:08:149 CDT [DEBUG] BasicClientConnectionManager - Get connection for route {s}->https://mail02.ndc.nasa.gov:443
2012/08/31 09:32:08:404 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443
2012/08/31 09:32:09:050 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
2012/08/31 09:32:09:062 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
2012/08/31 09:32:09:062 CDT [DEBUG] RequestTargetAuthentication - Target auth state: UNCHALLENGED
2012/08/31 09:32:09:062 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
2012/08/31 09:32:09:062 CDT [DEBUG] DefaultHttpClient - Attempt 1 to execute request
2012/08/31 09:32:09:063 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
2012/08/31 09:32:09:064 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
2012/08/31 09:32:09:064 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
2012/08/31 09:32:09:064 CDT [DEBUG] headers - >> Connection: Keep-Alive
2012/08/31 09:32:09:064 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.5)
2012/08/31 09:32:09:181 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
2012/08/31 09:32:09:181 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
2012/08/31 09:32:09:181 CDT [DEBUG] headers - << Content-Length: 1656
2012/08/31 09:32:09:181 CDT [DEBUG] headers - << Content-Type: text/html
2012/08/31 09:32:09:181 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
2012/08/31 09:32:09:181 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate
2012/08/31 09:32:09:181 CDT [DEBUG] headers - << WWW-Authenticate: NTLM
2012/08/31 09:32:09:181 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
2012/08/31 09:32:09:182 CDT [DEBUG] headers - << Date: Fri, 31 Aug 2012 14:32:08 GMT
2012/08/31 09:32:09:185 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
2012/08/31 09:32:09:185 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
2012/08/31 09:32:09:186 CDT [DEBUG] TargetAuthenticationStrategy - Authentication schemes in the order of preference: [negotiate, Kerberos, NTLM, Digest, Basic]
2012/08/31 09:32:09:193 CDT [DEBUG] SPNegoScheme - Received challenge '' from the auth server
2012/08/31 09:32:09:194 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Kerberos authentication scheme not available
2012/08/31 09:32:09:195 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Digest authentication scheme not available
2012/08/31 09:32:09:195 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Basic authentication scheme not available
2012/08/31 09:32:09:195 CDT [DEBUG] DefaultHttpClient - Selected authentication options: [NEGOTIATE, NTLM]
2012/08/31 09:32:09:196 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
2012/08/31 09:32:09:196 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
2012/08/31 09:32:09:196 CDT [DEBUG] RequestTargetAuthentication - Target auth state: CHALLENGED
2012/08/31 09:32:09:196 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using Negotiate scheme
2012/08/31 09:32:09:197 CDT [DEBUG] SPNegoScheme - init mail02.ndc.nasa.gov:443
2012/08/31 09:32:09:213 CDT [WARN] RequestTargetAuthentication - NEGOTIATE authentication error: No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt))
2012/08/31 09:32:09:213 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using ntlm scheme
2012/08/31 09:32:09:215 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
2012/08/31 09:32:09:215 CDT [DEBUG] DefaultHttpClient - Attempt 2 to execute request
2012/08/31 09:32:09:215 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
2012/08/31 09:32:09:215 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
2012/08/31 09:32:09:215 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
2012/08/31 09:32:09:216 CDT [DEBUG] headers - >> Connection: Keep-Alive
2012/08/31 09:32:09:216 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.5)
2012/08/31 09:32:09:216 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAABAAAANQIIIAYABgAkAAAABAAEACAAAAA2ADgATgBEAEMA
2012/08/31 09:32:09:324 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
2012/08/31 09:32:09:324 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
2012/08/31 09:32:09:324 CDT [DEBUG] headers - << Content-Length: 1539
2012/08/31 09:32:09:324 CDT [DEBUG] headers - << Content-Type: text/html
2012/08/31 09:32:09:324 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
2012/08/31 09:32:09:324 CDT [DEBUG] headers - << WWW-Authenticate: NTLM TlRMTVNTUAACAAAABgAGADgAAAA1AokieYm16AcbdT4AAAAAAAAAAIwAjAA+AAAABQLODgAAAA9OAEQAQwACAAYATgBEAEMAAQASAE4ARABKAFMAQwBBAFMAMQAyAAQAGABuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgADACwAbgBkAGoAcwBjAGEAcwAxADIALgBuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgAFABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAAAAAA==
2012/08/31 09:32:09:324 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
2012/08/31 09:32:09:324 CDT [DEBUG] headers - << Date: Fri, 31 Aug 2012 14:32:08 GMT
2012/08/31 09:32:09:324 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
2012/08/31 09:32:09:324 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
2012/08/31 09:32:09:324 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed
2012/08/31 09:32:09:325 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
2012/08/31 09:32:09:325 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
2012/08/31 09:32:09:325 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
2012/08/31 09:32:09:331 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
2012/08/31 09:32:09:332 CDT [DEBUG] DefaultHttpClient - Attempt 3 to execute request
2012/08/31 09:32:09:332 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
2012/08/31 09:32:09:332 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
2012/08/31 09:32:09:332 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
2012/08/31 09:32:09:332 CDT [DEBUG] headers - >> Connection: Keep-Alive
2012/08/31 09:32:09:332 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.5)
2012/08/31 09:32:09:332 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAC4ALgAWAAAAAYABgAQAQAAJAAkABYBAAAEAAQAOgEAAAAAAAA+AQAANQIIIFDSBMWxpwmFT8ygtFrBr61NFFxXrsoCJ38Zg9PjkE2xJsCwXxNAcygBAQAAAAAAADD8EmeFh80BTRRcV67KAicAAAAAAgAGAE4ARABDAAEAEgBOAEQASgBTAEMAQQBTADEAMgAEABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAwAsAG4AZABqAHMAYwBhAHMAMQAyAC4AbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYABQAYAG4AZABjAC4AbgBhAHMAYQAuAGcAbwB2AAAAAABOAEQAQwBIAFEALQBOAEEAUwBBAC0ASQBDAEUALQBUAGUAcwB0AGUAcgA2ADgA
2012/08/31 09:32:09:442 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 302 Found
2012/08/31 09:32:09:443 CDT [DEBUG] headers - << HTTP/1.1 302 Found
2012/08/31 09:32:09:443 CDT [DEBUG] headers - << Connection: close
2012/08/31 09:32:09:443 CDT [DEBUG] headers - << Date: Fri, 31 Aug 2012 14:32:09 GMT
2012/08/31 09:32:09:443 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
2012/08/31 09:32:09:443 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
2012/08/31 09:32:09:444 CDT [DEBUG] headers - << X-AspNet-Version: 2.0.50727
2012/08/31 09:32:09:444 CDT [DEBUG] headers - << Location: /ews/Services.wsdl
2012/08/31 09:32:09:444 CDT [DEBUG] headers - << Cache-Control: private
2012/08/31 09:32:09:444 CDT [DEBUG] headers - << Content-Type: text/html
2012/08/31 09:32:09:445 CDT [DEBUG] DefaultRedirectStrategy - Redirect requested to location '/ews/Services.wsdl'
2012/08/31 09:32:09:450 CDT [DEBUG] DefaultHttpClient - Redirecting to 'https://mail02.ndc.nasa.gov:443/ews/Services.wsdl' via {s}->https://mail02.ndc.nasa.gov:443
2012/08/31 09:32:09:451 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:29841<->198.117.1.40:443 closed
2012/08/31 09:32:09:451 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443
2012/08/31 09:32:10:880 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
2012/08/31 09:32:10:881 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
2012/08/31 09:32:10:881 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
2012/08/31 09:32:10:881 CDT [ERROR] RequestTargetAuthentication - NTLM authentication error: Unexpected state: MSG_TYPE3_GENERATED
2012/08/31 09:32:10:882 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
2012/08/31 09:32:10:882 CDT [DEBUG] DefaultHttpClient - Attempt 4 to execute request
2012/08/31 09:32:10:882 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Services.wsdl HTTP/1.1
2012/08/31 09:32:10:882 CDT [DEBUG] headers - >> GET /ews/Services.wsdl HTTP/1.1
2012/08/31 09:32:10:882 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
2012/08/31 09:32:10:883 CDT [DEBUG] headers - >> Connection: Keep-Alive
2012/08/31 09:32:10:883 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.5)
2012/08/31 09:32:10:994 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
2012/08/31 09:32:10:995 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
2012/08/31 09:32:10:995 CDT [DEBUG] headers - << Content-Length: 1656
2012/08/31 09:32:10:995 CDT [DEBUG] headers - << Content-Type: text/html
2012/08/31 09:32:10:995 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
2012/08/31 09:32:10:996 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate
2012/08/31 09:32:10:996 CDT [DEBUG] headers - << WWW-Authenticate: NTLM
2012/08/31 09:32:10:996 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
2012/08/31 09:32:10:996 CDT [DEBUG] headers - << Date: Fri, 31 Aug 2012 14:32:10 GMT
2012/08/31 09:32:10:996 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
2012/08/31 09:32:10:997 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
2012/08/31 09:32:10:997 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed
2012/08/31 09:32:10:997 CDT [DEBUG] DefaultHttpClient - Authentication failed
Source breakpoint: NtlmTest1.java:229
----------------------------------------
HTTP/1.1 401 Unauthorized
Response content length: 1656
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>You are not authorized to view this page</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=Windows-1252">
<STYLE type="text/css">
BODY { font: 8pt/12pt verdana }
H1 { font: 13pt/15pt verdana }
H2 { font: 8pt/12pt verdana }
A:link { color: red }
A:visited { color: maroon }
</STYLE>
</HEAD><BODY><TABLE width=500 border=0 cellspacing=10><TR><TD>
<h1>You are not authorized to view this page</h1>
You do not have permission to view this directory or page using the credentials that you supplied because your Web browser is sending a WWW-Authenticate header field that the Web server is not configured to accept.
<hr>
<p>Please try the following:</p>
<ul>
<li>Contact the Web site administrator if you believe you should be able to view this directory or page.</li>
<li>Click the <a href="javascript:location.reload()">Refresh</a> button to try again with different credentials.</li>
</ul>
<h2>HTTP Error 401.2 - Unauthorized: Access is denied due to server configuration.<br>Internet Information Services (IIS)</h2>
<hr>
<p>Technical Information (for support personnel)</p>
<ul>
<li>Go to <a href="http://go.microsoft.com/fwlink/?linkid=8180">Microsoft Product Support Services</a> and perform a title search for the words <b>HTTP</b> and <b>401</b>.</li>
<li>Open <b>IIS Help</b>, which is accessible in IIS Manager (inetmgr),
and search for topics titled <b>About Security</b>, <b>Authentication</b>, and <b>About Custom Error Messages</b>.</li>
</ul>
</TD></TR></TABLE></BODY></HTML>
2012/08/31 09:32:23:060 CDT [DEBUG] BasicClientConnectionManager - Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl@14b081b
2012/08/31 09:32:23:063 CDT [DEBUG] BasicClientConnectionManager - Connection can be kept alive indefinitely
2012/08/31 09:32:28:777 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:29842<->198.117.1.40:443 closed
> (regression) NTLM auth not retried after a redirect over a non-persistent connection
> ------------------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1224
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1224
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient
> Affects Versions: 4.2.1
> Environment: Fedora 15
> Reporter: Dave Godbey
> Labels: NTLM, authentication, redirect
> Fix For: 4.2.2
>
>
> When you communicate with a Microsoft Exchange server (eg. EWS), you point to /ews/Exchange.asmx. Exchange replies with a redirect order to ews/Services.wsdl. Client is failing to complete this with following wire log:
> executing request: GET /ews/Exchange.asmx HTTP/1.1
> to target: https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:41:570 CDT [DEBUG] BasicClientConnectionManager - Get connection for route {s}->https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:41:785 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:324 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:337 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:337 CDT [DEBUG] RequestTargetAuthentication - Target auth state: UNCHALLENGED
> 2012/08/22 15:05:42:338 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:338 CDT [DEBUG] DefaultHttpClient - Attempt 1 to execute request
> 2012/08/22 15:05:42:338 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:339 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:339 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:340 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:340 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:395 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:395 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Content-Length: 1656
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << WWW-Authenticate: NTLM
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:41 GMT
> 2012/08/22 15:05:42:400 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:42:401 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:42:401 CDT [DEBUG] TargetAuthenticationStrategy - Authentication schemes in the order of preference: [negotiate, Kerberos, NTLM, Digest, Basic]
> 2012/08/22 15:05:42:409 CDT [DEBUG] SPNegoScheme - Received challenge '' from the auth server
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Kerberos authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Digest authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Basic authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] DefaultHttpClient - Selected authentication options: [NEGOTIATE, NTLM]
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestTargetAuthentication - Target auth state: CHALLENGED
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using Negotiate scheme
> 2012/08/22 15:05:42:412 CDT [DEBUG] SPNegoScheme - init mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:428 CDT [WARN] RequestTargetAuthentication - NEGOTIATE authentication error: No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt))
> 2012/08/22 15:05:42:428 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using ntlm scheme
> 2012/08/22 15:05:42:430 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:431 CDT [DEBUG] DefaultHttpClient - Attempt 2 to execute request
> 2012/08/22 15:05:42:431 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAABAAAANQIIIAYABgAkAAAABAAEACAAAAA2ADgATgBEAEMA
> 2012/08/22 15:05:42:479 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << Content-Length: 1539
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << WWW-Authenticate: NTLM TlRMTVNTUAACAAAABgAGADgAAAA1AokiF/jsXoLF09YAAAAAAAAAAIwAjAA+AAAABQLODgAAAA9OAEQAQwACAAYATgBEAEMAAQASAE4ARABNAFMAQwBBAFMAMAA3AAQAGABuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgADACwAbgBkAG0AcwBjAGEAcwAwADcALgBuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgAFABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAAAAAA==
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:42:480 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:42:481 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:42:481 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed
> 2012/08/22 15:05:42:481 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:482 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:482 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
> 2012/08/22 15:05:42:491 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:491 CDT [DEBUG] DefaultHttpClient - Attempt 3 to execute request
> 2012/08/22 15:05:42:491 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAC4ALgAWAAAAAYABgAQAQAADgAOABYBAAAEAAQAJAEAAAAAAAAoAQAANQIIIBHmQ40nLaSFn1s5yZuMSjVu5GMt03gALm3CwkwfZcuQnNpCRGUtYgwBAQAAAAAAAKDzIIKhgM0BbuRjLdN4AC4AAAAAAgAGAE4ARABDAAEAEgBOAEQATQBTAEMAQQBTADAANwAEABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAwAsAG4AZABtAHMAYwBhAHMAMAA3AC4AbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYABQAYAG4AZABjAC4AbgBhAHMAYQAuAGcAbwB2AAAAAABOAEQAQwBkAGcAbwBkAGIAZQB5ADYAOAA=
> 2012/08/22 15:05:42:548 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 302 Found
> 2012/08/22 15:05:42:548 CDT [DEBUG] headers - << HTTP/1.1 302 Found
> 2012/08/22 15:05:42:548 CDT [DEBUG] headers - << Connection: close
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << X-AspNet-Version: 2.0.50727
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Location: /ews/Services.wsdl
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Cache-Control: private
> 2012/08/22 15:05:42:550 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:551 CDT [DEBUG] DefaultRedirectStrategy - Redirect requested to location '/ews/Services.wsdl'
> 2012/08/22 15:05:42:558 CDT [DEBUG] DefaultHttpClient - Redirecting to 'https://mail02.ndc.nasa.gov:443/ews/Services.wsdl' via {s}->https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:559 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:56462<->198.117.0.46:443 closed
> 2012/08/22 15:05:42:560 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:703 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
> 2012/08/22 15:05:42:704 CDT [ERROR] RequestTargetAuthentication - NTLM authentication error: Unexpected state: MSG_TYPE3_GENERATED
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:705 CDT [DEBUG] DefaultHttpClient - Attempt 4 to execute request
> 2012/08/22 15:05:42:705 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Services.wsdl HTTP/1.1
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> GET /ews/Services.wsdl HTTP/1.1
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:706 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:43:091 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Content-Length: 1656
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << WWW-Authenticate: NTLM
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:43:093 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - Authentication failed
> Source breakpoint: NtlmTest1.java:229
> ----------------------------------------
> HTTP/1.1 401 Unauthorized
> Response content length: 1656
> 2012/08/22 15:05:48:626 CDT [DEBUG] BasicClientConnectionManager - Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl@18b1f8f
> 2012/08/22 15:05:48:626 CDT [DEBUG] BasicClientConnectionManager - Connection can be kept alive indefinitely
> 2012/08/22 15:05:48:626 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:56463<->198.117.0.46:443 closed
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org
[jira] [Updated] (HTTPCLIENT-1224) (regression) NTLM auth not
retried after a redirect over a non-persistent connection
Posted by "Oleg Kalnichevski (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HTTPCLIENT-1224?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Oleg Kalnichevski updated HTTPCLIENT-1224:
------------------------------------------
Summary: (regression) NTLM auth not retried after a redirect over a non-persistent connection (was: NTLM auth fails with redirect. Eg. Exchange /ews/Exchange.asmx -> /ews/Services.wsdl)
> (regression) NTLM auth not retried after a redirect over a non-persistent connection
> ------------------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1224
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1224
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient
> Affects Versions: 4.2.1
> Environment: Fedora 15
> Reporter: Dave Godbey
> Labels: NTLM, authentication, redirect
> Fix For: 4.2.2
>
>
> When you communicate with a Microsoft Exchange server (eg. EWS), you point to /ews/Exchange.asmx. Exchange replies with a redirect order to ews/Services.wsdl. Client is failing to complete this with following wire log:
> executing request: GET /ews/Exchange.asmx HTTP/1.1
> to target: https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:41:570 CDT [DEBUG] BasicClientConnectionManager - Get connection for route {s}->https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:41:785 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:324 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:337 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:337 CDT [DEBUG] RequestTargetAuthentication - Target auth state: UNCHALLENGED
> 2012/08/22 15:05:42:338 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:338 CDT [DEBUG] DefaultHttpClient - Attempt 1 to execute request
> 2012/08/22 15:05:42:338 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:339 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:339 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:340 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:340 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:395 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:395 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Content-Length: 1656
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << WWW-Authenticate: NTLM
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:41 GMT
> 2012/08/22 15:05:42:400 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:42:401 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:42:401 CDT [DEBUG] TargetAuthenticationStrategy - Authentication schemes in the order of preference: [negotiate, Kerberos, NTLM, Digest, Basic]
> 2012/08/22 15:05:42:409 CDT [DEBUG] SPNegoScheme - Received challenge '' from the auth server
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Kerberos authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Digest authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Basic authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] DefaultHttpClient - Selected authentication options: [NEGOTIATE, NTLM]
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestTargetAuthentication - Target auth state: CHALLENGED
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using Negotiate scheme
> 2012/08/22 15:05:42:412 CDT [DEBUG] SPNegoScheme - init mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:428 CDT [WARN] RequestTargetAuthentication - NEGOTIATE authentication error: No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt))
> 2012/08/22 15:05:42:428 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using ntlm scheme
> 2012/08/22 15:05:42:430 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:431 CDT [DEBUG] DefaultHttpClient - Attempt 2 to execute request
> 2012/08/22 15:05:42:431 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAABAAAANQIIIAYABgAkAAAABAAEACAAAAA2ADgATgBEAEMA
> 2012/08/22 15:05:42:479 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << Content-Length: 1539
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << WWW-Authenticate: NTLM TlRMTVNTUAACAAAABgAGADgAAAA1AokiF/jsXoLF09YAAAAAAAAAAIwAjAA+AAAABQLODgAAAA9OAEQAQwACAAYATgBEAEMAAQASAE4ARABNAFMAQwBBAFMAMAA3AAQAGABuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgADACwAbgBkAG0AcwBjAGEAcwAwADcALgBuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgAFABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAAAAAA==
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:42:480 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:42:481 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:42:481 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed
> 2012/08/22 15:05:42:481 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:482 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:482 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
> 2012/08/22 15:05:42:491 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:491 CDT [DEBUG] DefaultHttpClient - Attempt 3 to execute request
> 2012/08/22 15:05:42:491 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAC4ALgAWAAAAAYABgAQAQAADgAOABYBAAAEAAQAJAEAAAAAAAAoAQAANQIIIBHmQ40nLaSFn1s5yZuMSjVu5GMt03gALm3CwkwfZcuQnNpCRGUtYgwBAQAAAAAAAKDzIIKhgM0BbuRjLdN4AC4AAAAAAgAGAE4ARABDAAEAEgBOAEQATQBTAEMAQQBTADAANwAEABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAwAsAG4AZABtAHMAYwBhAHMAMAA3AC4AbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYABQAYAG4AZABjAC4AbgBhAHMAYQAuAGcAbwB2AAAAAABOAEQAQwBkAGcAbwBkAGIAZQB5ADYAOAA=
> 2012/08/22 15:05:42:548 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 302 Found
> 2012/08/22 15:05:42:548 CDT [DEBUG] headers - << HTTP/1.1 302 Found
> 2012/08/22 15:05:42:548 CDT [DEBUG] headers - << Connection: close
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << X-AspNet-Version: 2.0.50727
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Location: /ews/Services.wsdl
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Cache-Control: private
> 2012/08/22 15:05:42:550 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:551 CDT [DEBUG] DefaultRedirectStrategy - Redirect requested to location '/ews/Services.wsdl'
> 2012/08/22 15:05:42:558 CDT [DEBUG] DefaultHttpClient - Redirecting to 'https://mail02.ndc.nasa.gov:443/ews/Services.wsdl' via {s}->https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:559 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:56462<->198.117.0.46:443 closed
> 2012/08/22 15:05:42:560 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:703 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
> 2012/08/22 15:05:42:704 CDT [ERROR] RequestTargetAuthentication - NTLM authentication error: Unexpected state: MSG_TYPE3_GENERATED
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:705 CDT [DEBUG] DefaultHttpClient - Attempt 4 to execute request
> 2012/08/22 15:05:42:705 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Services.wsdl HTTP/1.1
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> GET /ews/Services.wsdl HTTP/1.1
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:706 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:43:091 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Content-Length: 1656
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << WWW-Authenticate: NTLM
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:43:093 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - Authentication failed
> Source breakpoint: NtlmTest1.java:229
> ----------------------------------------
> HTTP/1.1 401 Unauthorized
> Response content length: 1656
> 2012/08/22 15:05:48:626 CDT [DEBUG] BasicClientConnectionManager - Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl@18b1f8f
> 2012/08/22 15:05:48:626 CDT [DEBUG] BasicClientConnectionManager - Connection can be kept alive indefinitely
> 2012/08/22 15:05:48:626 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:56463<->198.117.0.46:443 closed
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org
[jira] [Commented] (HTTPCLIENT-1224) (regression) NTLM auth not
retried after a redirect over a non-persistent connection
Posted by "Oleg Kalnichevski (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HTTPCLIENT-1224?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13440622#comment-13440622 ]
Oleg Kalnichevski commented on HTTPCLIENT-1224:
-----------------------------------------------
Dave,
I committed some changes to the 4.2.x branch which I think should fix the problem [1]. I cannot verify the fix, though, as I do not have a NTLM capable web server at my disposal. Could you please get the latest SVN snapshot off the 4.2.x branch [2], re-run the test and attach the wire log of the session to this ticket?
Oleg
[1] http://svn.apache.org/viewvc?rev=1376672&view=rev
[2] https://svn.apache.org/repos/asf/httpcomponents/httpclient/branches/4.2.x/
> (regression) NTLM auth not retried after a redirect over a non-persistent connection
> ------------------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1224
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1224
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient
> Affects Versions: 4.2.1
> Environment: Fedora 15
> Reporter: Dave Godbey
> Labels: NTLM, authentication, redirect
> Fix For: 4.2.2
>
>
> When you communicate with a Microsoft Exchange server (eg. EWS), you point to /ews/Exchange.asmx. Exchange replies with a redirect order to ews/Services.wsdl. Client is failing to complete this with following wire log:
> executing request: GET /ews/Exchange.asmx HTTP/1.1
> to target: https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:41:570 CDT [DEBUG] BasicClientConnectionManager - Get connection for route {s}->https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:41:785 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:324 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:337 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:337 CDT [DEBUG] RequestTargetAuthentication - Target auth state: UNCHALLENGED
> 2012/08/22 15:05:42:338 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:338 CDT [DEBUG] DefaultHttpClient - Attempt 1 to execute request
> 2012/08/22 15:05:42:338 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:339 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:339 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:340 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:340 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:395 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:395 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Content-Length: 1656
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << WWW-Authenticate: NTLM
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:41 GMT
> 2012/08/22 15:05:42:400 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:42:401 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:42:401 CDT [DEBUG] TargetAuthenticationStrategy - Authentication schemes in the order of preference: [negotiate, Kerberos, NTLM, Digest, Basic]
> 2012/08/22 15:05:42:409 CDT [DEBUG] SPNegoScheme - Received challenge '' from the auth server
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Kerberos authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Digest authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Basic authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] DefaultHttpClient - Selected authentication options: [NEGOTIATE, NTLM]
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestTargetAuthentication - Target auth state: CHALLENGED
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using Negotiate scheme
> 2012/08/22 15:05:42:412 CDT [DEBUG] SPNegoScheme - init mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:428 CDT [WARN] RequestTargetAuthentication - NEGOTIATE authentication error: No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt))
> 2012/08/22 15:05:42:428 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using ntlm scheme
> 2012/08/22 15:05:42:430 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:431 CDT [DEBUG] DefaultHttpClient - Attempt 2 to execute request
> 2012/08/22 15:05:42:431 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAABAAAANQIIIAYABgAkAAAABAAEACAAAAA2ADgATgBEAEMA
> 2012/08/22 15:05:42:479 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << Content-Length: 1539
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << WWW-Authenticate: NTLM TlRMTVNTUAACAAAABgAGADgAAAA1AokiF/jsXoLF09YAAAAAAAAAAIwAjAA+AAAABQLODgAAAA9OAEQAQwACAAYATgBEAEMAAQASAE4ARABNAFMAQwBBAFMAMAA3AAQAGABuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgADACwAbgBkAG0AcwBjAGEAcwAwADcALgBuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgAFABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAAAAAA==
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:42:480 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:42:481 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:42:481 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed
> 2012/08/22 15:05:42:481 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:482 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:482 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
> 2012/08/22 15:05:42:491 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:491 CDT [DEBUG] DefaultHttpClient - Attempt 3 to execute request
> 2012/08/22 15:05:42:491 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAC4ALgAWAAAAAYABgAQAQAADgAOABYBAAAEAAQAJAEAAAAAAAAoAQAANQIIIBHmQ40nLaSFn1s5yZuMSjVu5GMt03gALm3CwkwfZcuQnNpCRGUtYgwBAQAAAAAAAKDzIIKhgM0BbuRjLdN4AC4AAAAAAgAGAE4ARABDAAEAEgBOAEQATQBTAEMAQQBTADAANwAEABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAwAsAG4AZABtAHMAYwBhAHMAMAA3AC4AbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYABQAYAG4AZABjAC4AbgBhAHMAYQAuAGcAbwB2AAAAAABOAEQAQwBkAGcAbwBkAGIAZQB5ADYAOAA=
> 2012/08/22 15:05:42:548 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 302 Found
> 2012/08/22 15:05:42:548 CDT [DEBUG] headers - << HTTP/1.1 302 Found
> 2012/08/22 15:05:42:548 CDT [DEBUG] headers - << Connection: close
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << X-AspNet-Version: 2.0.50727
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Location: /ews/Services.wsdl
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Cache-Control: private
> 2012/08/22 15:05:42:550 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:551 CDT [DEBUG] DefaultRedirectStrategy - Redirect requested to location '/ews/Services.wsdl'
> 2012/08/22 15:05:42:558 CDT [DEBUG] DefaultHttpClient - Redirecting to 'https://mail02.ndc.nasa.gov:443/ews/Services.wsdl' via {s}->https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:559 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:56462<->198.117.0.46:443 closed
> 2012/08/22 15:05:42:560 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:703 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
> 2012/08/22 15:05:42:704 CDT [ERROR] RequestTargetAuthentication - NTLM authentication error: Unexpected state: MSG_TYPE3_GENERATED
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:705 CDT [DEBUG] DefaultHttpClient - Attempt 4 to execute request
> 2012/08/22 15:05:42:705 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Services.wsdl HTTP/1.1
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> GET /ews/Services.wsdl HTTP/1.1
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:706 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:43:091 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Content-Length: 1656
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << WWW-Authenticate: NTLM
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:43:093 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - Authentication failed
> Source breakpoint: NtlmTest1.java:229
> ----------------------------------------
> HTTP/1.1 401 Unauthorized
> Response content length: 1656
> 2012/08/22 15:05:48:626 CDT [DEBUG] BasicClientConnectionManager - Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl@18b1f8f
> 2012/08/22 15:05:48:626 CDT [DEBUG] BasicClientConnectionManager - Connection can be kept alive indefinitely
> 2012/08/22 15:05:48:626 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:56463<->198.117.0.46:443 closed
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org
[jira] [Commented] (HTTPCLIENT-1224) (regression) NTLM auth not
retried after a redirect over a non-persistent connection
Posted by "Oleg Kalnichevski (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HTTPCLIENT-1224?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13446191#comment-13446191 ]
Oleg Kalnichevski commented on HTTPCLIENT-1224:
-----------------------------------------------
Dave,
I fairly confident the problem should have been fixed. I suspect you are not using the latest code. I added a number of additional log statements [1] that I cannot see in the log even though they should be there. Could you please let me know what revision are you using and check the classdpath of your application for older versions of HttpClient.
Oleg
[1] http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/client/HttpAuthenticator.java?r1=1376672&r2=1376671&pathrev=1376672
> (regression) NTLM auth not retried after a redirect over a non-persistent connection
> ------------------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1224
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1224
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient
> Affects Versions: 4.2.1
> Environment: Fedora 15
> Reporter: Dave Godbey
> Labels: NTLM, authentication, redirect
> Fix For: 4.2.2
>
>
> When you communicate with a Microsoft Exchange server (eg. EWS), you point to /ews/Exchange.asmx. Exchange replies with a redirect order to ews/Services.wsdl. Client is failing to complete this with following wire log:
> executing request: GET /ews/Exchange.asmx HTTP/1.1
> to target: https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:41:570 CDT [DEBUG] BasicClientConnectionManager - Get connection for route {s}->https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:41:785 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:324 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:337 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:337 CDT [DEBUG] RequestTargetAuthentication - Target auth state: UNCHALLENGED
> 2012/08/22 15:05:42:338 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:338 CDT [DEBUG] DefaultHttpClient - Attempt 1 to execute request
> 2012/08/22 15:05:42:338 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:339 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:339 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:340 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:340 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:395 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:395 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Content-Length: 1656
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << WWW-Authenticate: NTLM
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:41 GMT
> 2012/08/22 15:05:42:400 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:42:401 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:42:401 CDT [DEBUG] TargetAuthenticationStrategy - Authentication schemes in the order of preference: [negotiate, Kerberos, NTLM, Digest, Basic]
> 2012/08/22 15:05:42:409 CDT [DEBUG] SPNegoScheme - Received challenge '' from the auth server
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Kerberos authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Digest authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Basic authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] DefaultHttpClient - Selected authentication options: [NEGOTIATE, NTLM]
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestTargetAuthentication - Target auth state: CHALLENGED
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using Negotiate scheme
> 2012/08/22 15:05:42:412 CDT [DEBUG] SPNegoScheme - init mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:428 CDT [WARN] RequestTargetAuthentication - NEGOTIATE authentication error: No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt))
> 2012/08/22 15:05:42:428 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using ntlm scheme
> 2012/08/22 15:05:42:430 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:431 CDT [DEBUG] DefaultHttpClient - Attempt 2 to execute request
> 2012/08/22 15:05:42:431 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAABAAAANQIIIAYABgAkAAAABAAEACAAAAA2ADgATgBEAEMA
> 2012/08/22 15:05:42:479 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << Content-Length: 1539
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << WWW-Authenticate: NTLM TlRMTVNTUAACAAAABgAGADgAAAA1AokiF/jsXoLF09YAAAAAAAAAAIwAjAA+AAAABQLODgAAAA9OAEQAQwACAAYATgBEAEMAAQASAE4ARABNAFMAQwBBAFMAMAA3AAQAGABuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgADACwAbgBkAG0AcwBjAGEAcwAwADcALgBuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgAFABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAAAAAA==
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:42:480 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:42:481 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:42:481 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed
> 2012/08/22 15:05:42:481 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:482 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:482 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
> 2012/08/22 15:05:42:491 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:491 CDT [DEBUG] DefaultHttpClient - Attempt 3 to execute request
> 2012/08/22 15:05:42:491 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAC4ALgAWAAAAAYABgAQAQAADgAOABYBAAAEAAQAJAEAAAAAAAAoAQAANQIIIBHmQ40nLaSFn1s5yZuMSjVu5GMt03gALm3CwkwfZcuQnNpCRGUtYgwBAQAAAAAAAKDzIIKhgM0BbuRjLdN4AC4AAAAAAgAGAE4ARABDAAEAEgBOAEQATQBTAEMAQQBTADAANwAEABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAwAsAG4AZABtAHMAYwBhAHMAMAA3AC4AbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYABQAYAG4AZABjAC4AbgBhAHMAYQAuAGcAbwB2AAAAAABOAEQAQwBkAGcAbwBkAGIAZQB5ADYAOAA=
> 2012/08/22 15:05:42:548 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 302 Found
> 2012/08/22 15:05:42:548 CDT [DEBUG] headers - << HTTP/1.1 302 Found
> 2012/08/22 15:05:42:548 CDT [DEBUG] headers - << Connection: close
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << X-AspNet-Version: 2.0.50727
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Location: /ews/Services.wsdl
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Cache-Control: private
> 2012/08/22 15:05:42:550 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:551 CDT [DEBUG] DefaultRedirectStrategy - Redirect requested to location '/ews/Services.wsdl'
> 2012/08/22 15:05:42:558 CDT [DEBUG] DefaultHttpClient - Redirecting to 'https://mail02.ndc.nasa.gov:443/ews/Services.wsdl' via {s}->https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:559 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:56462<->198.117.0.46:443 closed
> 2012/08/22 15:05:42:560 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:703 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
> 2012/08/22 15:05:42:704 CDT [ERROR] RequestTargetAuthentication - NTLM authentication error: Unexpected state: MSG_TYPE3_GENERATED
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:705 CDT [DEBUG] DefaultHttpClient - Attempt 4 to execute request
> 2012/08/22 15:05:42:705 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Services.wsdl HTTP/1.1
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> GET /ews/Services.wsdl HTTP/1.1
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:706 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:43:091 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Content-Length: 1656
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << WWW-Authenticate: NTLM
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:43:093 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - Authentication failed
> Source breakpoint: NtlmTest1.java:229
> ----------------------------------------
> HTTP/1.1 401 Unauthorized
> Response content length: 1656
> 2012/08/22 15:05:48:626 CDT [DEBUG] BasicClientConnectionManager - Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl@18b1f8f
> 2012/08/22 15:05:48:626 CDT [DEBUG] BasicClientConnectionManager - Connection can be kept alive indefinitely
> 2012/08/22 15:05:48:626 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:56463<->198.117.0.46:443 closed
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org
[jira] [Closed] (HTTPCLIENT-1224) (regression) NTLM auth not
retried after a redirect over a non-persistent connection
Posted by "Dave Godbey (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HTTPCLIENT-1224?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dave Godbey closed HTTPCLIENT-1224.
-----------------------------------
Fixed.
> (regression) NTLM auth not retried after a redirect over a non-persistent connection
> ------------------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1224
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1224
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient
> Affects Versions: 4.2.1
> Environment: Fedora 15
> Reporter: Dave Godbey
> Labels: NTLM, authentication, redirect
> Fix For: 4.2.2
>
>
> When you communicate with a Microsoft Exchange server (eg. EWS), you point to /ews/Exchange.asmx. Exchange replies with a redirect order to ews/Services.wsdl. Client is failing to complete this with following wire log:
> executing request: GET /ews/Exchange.asmx HTTP/1.1
> to target: https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:41:570 CDT [DEBUG] BasicClientConnectionManager - Get connection for route {s}->https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:41:785 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:324 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:337 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:337 CDT [DEBUG] RequestTargetAuthentication - Target auth state: UNCHALLENGED
> 2012/08/22 15:05:42:338 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:338 CDT [DEBUG] DefaultHttpClient - Attempt 1 to execute request
> 2012/08/22 15:05:42:338 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:339 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:339 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:340 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:340 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:395 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:395 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Content-Length: 1656
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << WWW-Authenticate: NTLM
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:41 GMT
> 2012/08/22 15:05:42:400 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:42:401 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:42:401 CDT [DEBUG] TargetAuthenticationStrategy - Authentication schemes in the order of preference: [negotiate, Kerberos, NTLM, Digest, Basic]
> 2012/08/22 15:05:42:409 CDT [DEBUG] SPNegoScheme - Received challenge '' from the auth server
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Kerberos authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Digest authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Basic authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] DefaultHttpClient - Selected authentication options: [NEGOTIATE, NTLM]
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestTargetAuthentication - Target auth state: CHALLENGED
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using Negotiate scheme
> 2012/08/22 15:05:42:412 CDT [DEBUG] SPNegoScheme - init mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:428 CDT [WARN] RequestTargetAuthentication - NEGOTIATE authentication error: No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt))
> 2012/08/22 15:05:42:428 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using ntlm scheme
> 2012/08/22 15:05:42:430 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:431 CDT [DEBUG] DefaultHttpClient - Attempt 2 to execute request
> 2012/08/22 15:05:42:431 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAABAAAANQIIIAYABgAkAAAABAAEACAAAAA2ADgATgBEAEMA
> 2012/08/22 15:05:42:479 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << Content-Length: 1539
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << WWW-Authenticate: NTLM TlRMTVNTUAACAAAABgAGADgAAAA1AokiF/jsXoLF09YAAAAAAAAAAIwAjAA+AAAABQLODgAAAA9OAEQAQwACAAYATgBEAEMAAQASAE4ARABNAFMAQwBBAFMAMAA3AAQAGABuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgADACwAbgBkAG0AcwBjAGEAcwAwADcALgBuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgAFABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAAAAAA==
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:42:480 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:42:481 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:42:481 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed
> 2012/08/22 15:05:42:481 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:482 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:482 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
> 2012/08/22 15:05:42:491 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:491 CDT [DEBUG] DefaultHttpClient - Attempt 3 to execute request
> 2012/08/22 15:05:42:491 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAC4ALgAWAAAAAYABgAQAQAADgAOABYBAAAEAAQAJAEAAAAAAAAoAQAANQIIIBHmQ40nLaSFn1s5yZuMSjVu5GMt03gALm3CwkwfZcuQnNpCRGUtYgwBAQAAAAAAAKDzIIKhgM0BbuRjLdN4AC4AAAAAAgAGAE4ARABDAAEAEgBOAEQATQBTAEMAQQBTADAANwAEABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAwAsAG4AZABtAHMAYwBhAHMAMAA3AC4AbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYABQAYAG4AZABjAC4AbgBhAHMAYQAuAGcAbwB2AAAAAABOAEQAQwBkAGcAbwBkAGIAZQB5ADYAOAA=
> 2012/08/22 15:05:42:548 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 302 Found
> 2012/08/22 15:05:42:548 CDT [DEBUG] headers - << HTTP/1.1 302 Found
> 2012/08/22 15:05:42:548 CDT [DEBUG] headers - << Connection: close
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << X-AspNet-Version: 2.0.50727
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Location: /ews/Services.wsdl
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Cache-Control: private
> 2012/08/22 15:05:42:550 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:551 CDT [DEBUG] DefaultRedirectStrategy - Redirect requested to location '/ews/Services.wsdl'
> 2012/08/22 15:05:42:558 CDT [DEBUG] DefaultHttpClient - Redirecting to 'https://mail02.ndc.nasa.gov:443/ews/Services.wsdl' via {s}->https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:559 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:56462<->198.117.0.46:443 closed
> 2012/08/22 15:05:42:560 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:703 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
> 2012/08/22 15:05:42:704 CDT [ERROR] RequestTargetAuthentication - NTLM authentication error: Unexpected state: MSG_TYPE3_GENERATED
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:705 CDT [DEBUG] DefaultHttpClient - Attempt 4 to execute request
> 2012/08/22 15:05:42:705 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Services.wsdl HTTP/1.1
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> GET /ews/Services.wsdl HTTP/1.1
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:706 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:43:091 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Content-Length: 1656
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << WWW-Authenticate: NTLM
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:43:093 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - Authentication failed
> Source breakpoint: NtlmTest1.java:229
> ----------------------------------------
> HTTP/1.1 401 Unauthorized
> Response content length: 1656
> 2012/08/22 15:05:48:626 CDT [DEBUG] BasicClientConnectionManager - Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl@18b1f8f
> 2012/08/22 15:05:48:626 CDT [DEBUG] BasicClientConnectionManager - Connection can be kept alive indefinitely
> 2012/08/22 15:05:48:626 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:56463<->198.117.0.46:443 closed
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org
[jira] [Comment Edited] (HTTPCLIENT-1224) (regression) NTLM auth
not retried after a redirect over a non-persistent connection
Posted by "Oleg Kalnichevski (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HTTPCLIENT-1224?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13446191#comment-13446191 ]
Oleg Kalnichevski edited comment on HTTPCLIENT-1224 at 9/1/12 5:13 AM:
-----------------------------------------------------------------------
Dave,
I am fairly confident the problem should have been fixed. I suspect you are not using the latest code. I added a number of additional log statements [1] that I cannot see in the log even though they should be there. Could you please let me know what revision are you using and check the classdpath of your application for older versions of HttpClient.
Oleg
[1] http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/client/HttpAuthenticator.java?r1=1376672&r2=1376671&pathrev=1376672
was (Author: olegk):
Dave,
I fairly confident the problem should have been fixed. I suspect you are not using the latest code. I added a number of additional log statements [1] that I cannot see in the log even though they should be there. Could you please let me know what revision are you using and check the classdpath of your application for older versions of HttpClient.
Oleg
[1] http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/client/HttpAuthenticator.java?r1=1376672&r2=1376671&pathrev=1376672
> (regression) NTLM auth not retried after a redirect over a non-persistent connection
> ------------------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1224
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1224
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient
> Affects Versions: 4.2.1
> Environment: Fedora 15
> Reporter: Dave Godbey
> Labels: NTLM, authentication, redirect
> Fix For: 4.2.2
>
>
> When you communicate with a Microsoft Exchange server (eg. EWS), you point to /ews/Exchange.asmx. Exchange replies with a redirect order to ews/Services.wsdl. Client is failing to complete this with following wire log:
> executing request: GET /ews/Exchange.asmx HTTP/1.1
> to target: https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:41:570 CDT [DEBUG] BasicClientConnectionManager - Get connection for route {s}->https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:41:785 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:324 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:337 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:337 CDT [DEBUG] RequestTargetAuthentication - Target auth state: UNCHALLENGED
> 2012/08/22 15:05:42:338 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:338 CDT [DEBUG] DefaultHttpClient - Attempt 1 to execute request
> 2012/08/22 15:05:42:338 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:339 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:339 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:340 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:340 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:395 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:395 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Content-Length: 1656
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << WWW-Authenticate: NTLM
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:41 GMT
> 2012/08/22 15:05:42:400 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:42:401 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:42:401 CDT [DEBUG] TargetAuthenticationStrategy - Authentication schemes in the order of preference: [negotiate, Kerberos, NTLM, Digest, Basic]
> 2012/08/22 15:05:42:409 CDT [DEBUG] SPNegoScheme - Received challenge '' from the auth server
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Kerberos authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Digest authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Basic authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] DefaultHttpClient - Selected authentication options: [NEGOTIATE, NTLM]
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestTargetAuthentication - Target auth state: CHALLENGED
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using Negotiate scheme
> 2012/08/22 15:05:42:412 CDT [DEBUG] SPNegoScheme - init mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:428 CDT [WARN] RequestTargetAuthentication - NEGOTIATE authentication error: No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt))
> 2012/08/22 15:05:42:428 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using ntlm scheme
> 2012/08/22 15:05:42:430 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:431 CDT [DEBUG] DefaultHttpClient - Attempt 2 to execute request
> 2012/08/22 15:05:42:431 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAABAAAANQIIIAYABgAkAAAABAAEACAAAAA2ADgATgBEAEMA
> 2012/08/22 15:05:42:479 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << Content-Length: 1539
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << WWW-Authenticate: NTLM TlRMTVNTUAACAAAABgAGADgAAAA1AokiF/jsXoLF09YAAAAAAAAAAIwAjAA+AAAABQLODgAAAA9OAEQAQwACAAYATgBEAEMAAQASAE4ARABNAFMAQwBBAFMAMAA3AAQAGABuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgADACwAbgBkAG0AcwBjAGEAcwAwADcALgBuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgAFABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAAAAAA==
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:42:480 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:42:481 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:42:481 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed
> 2012/08/22 15:05:42:481 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:482 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:482 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
> 2012/08/22 15:05:42:491 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:491 CDT [DEBUG] DefaultHttpClient - Attempt 3 to execute request
> 2012/08/22 15:05:42:491 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAC4ALgAWAAAAAYABgAQAQAADgAOABYBAAAEAAQAJAEAAAAAAAAoAQAANQIIIBHmQ40nLaSFn1s5yZuMSjVu5GMt03gALm3CwkwfZcuQnNpCRGUtYgwBAQAAAAAAAKDzIIKhgM0BbuRjLdN4AC4AAAAAAgAGAE4ARABDAAEAEgBOAEQATQBTAEMAQQBTADAANwAEABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAwAsAG4AZABtAHMAYwBhAHMAMAA3AC4AbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYABQAYAG4AZABjAC4AbgBhAHMAYQAuAGcAbwB2AAAAAABOAEQAQwBkAGcAbwBkAGIAZQB5ADYAOAA=
> 2012/08/22 15:05:42:548 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 302 Found
> 2012/08/22 15:05:42:548 CDT [DEBUG] headers - << HTTP/1.1 302 Found
> 2012/08/22 15:05:42:548 CDT [DEBUG] headers - << Connection: close
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << X-AspNet-Version: 2.0.50727
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Location: /ews/Services.wsdl
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Cache-Control: private
> 2012/08/22 15:05:42:550 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:551 CDT [DEBUG] DefaultRedirectStrategy - Redirect requested to location '/ews/Services.wsdl'
> 2012/08/22 15:05:42:558 CDT [DEBUG] DefaultHttpClient - Redirecting to 'https://mail02.ndc.nasa.gov:443/ews/Services.wsdl' via {s}->https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:559 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:56462<->198.117.0.46:443 closed
> 2012/08/22 15:05:42:560 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:703 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
> 2012/08/22 15:05:42:704 CDT [ERROR] RequestTargetAuthentication - NTLM authentication error: Unexpected state: MSG_TYPE3_GENERATED
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:705 CDT [DEBUG] DefaultHttpClient - Attempt 4 to execute request
> 2012/08/22 15:05:42:705 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Services.wsdl HTTP/1.1
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> GET /ews/Services.wsdl HTTP/1.1
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:706 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:43:091 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Content-Length: 1656
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << WWW-Authenticate: NTLM
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:43:093 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - Authentication failed
> Source breakpoint: NtlmTest1.java:229
> ----------------------------------------
> HTTP/1.1 401 Unauthorized
> Response content length: 1656
> 2012/08/22 15:05:48:626 CDT [DEBUG] BasicClientConnectionManager - Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl@18b1f8f
> 2012/08/22 15:05:48:626 CDT [DEBUG] BasicClientConnectionManager - Connection can be kept alive indefinitely
> 2012/08/22 15:05:48:626 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:56463<->198.117.0.46:443 closed
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org
[jira] [Commented] (HTTPCLIENT-1224) (regression) NTLM auth not
retried after a redirect over a non-persistent connection
Posted by "Oleg Kalnichevski (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HTTPCLIENT-1224?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13451404#comment-13451404 ]
Oleg Kalnichevski commented on HTTPCLIENT-1224:
-----------------------------------------------
Dave,
Without additional input I'll have no other choice but to close the issue as resolved.
Oleg
> (regression) NTLM auth not retried after a redirect over a non-persistent connection
> ------------------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1224
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1224
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient
> Affects Versions: 4.2.1
> Environment: Fedora 15
> Reporter: Dave Godbey
> Labels: NTLM, authentication, redirect
> Fix For: 4.2.2
>
>
> When you communicate with a Microsoft Exchange server (eg. EWS), you point to /ews/Exchange.asmx. Exchange replies with a redirect order to ews/Services.wsdl. Client is failing to complete this with following wire log:
> executing request: GET /ews/Exchange.asmx HTTP/1.1
> to target: https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:41:570 CDT [DEBUG] BasicClientConnectionManager - Get connection for route {s}->https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:41:785 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:324 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:337 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:337 CDT [DEBUG] RequestTargetAuthentication - Target auth state: UNCHALLENGED
> 2012/08/22 15:05:42:338 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:338 CDT [DEBUG] DefaultHttpClient - Attempt 1 to execute request
> 2012/08/22 15:05:42:338 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:339 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:339 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:340 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:340 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:395 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:395 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Content-Length: 1656
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << WWW-Authenticate: NTLM
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:41 GMT
> 2012/08/22 15:05:42:400 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:42:401 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:42:401 CDT [DEBUG] TargetAuthenticationStrategy - Authentication schemes in the order of preference: [negotiate, Kerberos, NTLM, Digest, Basic]
> 2012/08/22 15:05:42:409 CDT [DEBUG] SPNegoScheme - Received challenge '' from the auth server
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Kerberos authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Digest authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Basic authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] DefaultHttpClient - Selected authentication options: [NEGOTIATE, NTLM]
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestTargetAuthentication - Target auth state: CHALLENGED
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using Negotiate scheme
> 2012/08/22 15:05:42:412 CDT [DEBUG] SPNegoScheme - init mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:428 CDT [WARN] RequestTargetAuthentication - NEGOTIATE authentication error: No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt))
> 2012/08/22 15:05:42:428 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using ntlm scheme
> 2012/08/22 15:05:42:430 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:431 CDT [DEBUG] DefaultHttpClient - Attempt 2 to execute request
> 2012/08/22 15:05:42:431 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAABAAAANQIIIAYABgAkAAAABAAEACAAAAA2ADgATgBEAEMA
> 2012/08/22 15:05:42:479 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << Content-Length: 1539
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << WWW-Authenticate: NTLM TlRMTVNTUAACAAAABgAGADgAAAA1AokiF/jsXoLF09YAAAAAAAAAAIwAjAA+AAAABQLODgAAAA9OAEQAQwACAAYATgBEAEMAAQASAE4ARABNAFMAQwBBAFMAMAA3AAQAGABuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgADACwAbgBkAG0AcwBjAGEAcwAwADcALgBuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgAFABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAAAAAA==
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:42:480 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:42:481 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:42:481 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed
> 2012/08/22 15:05:42:481 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:482 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:482 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
> 2012/08/22 15:05:42:491 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:491 CDT [DEBUG] DefaultHttpClient - Attempt 3 to execute request
> 2012/08/22 15:05:42:491 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAC4ALgAWAAAAAYABgAQAQAADgAOABYBAAAEAAQAJAEAAAAAAAAoAQAANQIIIBHmQ40nLaSFn1s5yZuMSjVu5GMt03gALm3CwkwfZcuQnNpCRGUtYgwBAQAAAAAAAKDzIIKhgM0BbuRjLdN4AC4AAAAAAgAGAE4ARABDAAEAEgBOAEQATQBTAEMAQQBTADAANwAEABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAwAsAG4AZABtAHMAYwBhAHMAMAA3AC4AbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYABQAYAG4AZABjAC4AbgBhAHMAYQAuAGcAbwB2AAAAAABOAEQAQwBkAGcAbwBkAGIAZQB5ADYAOAA=
> 2012/08/22 15:05:42:548 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 302 Found
> 2012/08/22 15:05:42:548 CDT [DEBUG] headers - << HTTP/1.1 302 Found
> 2012/08/22 15:05:42:548 CDT [DEBUG] headers - << Connection: close
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << X-AspNet-Version: 2.0.50727
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Location: /ews/Services.wsdl
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Cache-Control: private
> 2012/08/22 15:05:42:550 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:551 CDT [DEBUG] DefaultRedirectStrategy - Redirect requested to location '/ews/Services.wsdl'
> 2012/08/22 15:05:42:558 CDT [DEBUG] DefaultHttpClient - Redirecting to 'https://mail02.ndc.nasa.gov:443/ews/Services.wsdl' via {s}->https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:559 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:56462<->198.117.0.46:443 closed
> 2012/08/22 15:05:42:560 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:703 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
> 2012/08/22 15:05:42:704 CDT [ERROR] RequestTargetAuthentication - NTLM authentication error: Unexpected state: MSG_TYPE3_GENERATED
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:705 CDT [DEBUG] DefaultHttpClient - Attempt 4 to execute request
> 2012/08/22 15:05:42:705 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Services.wsdl HTTP/1.1
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> GET /ews/Services.wsdl HTTP/1.1
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:706 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:43:091 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Content-Length: 1656
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << WWW-Authenticate: NTLM
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:43:093 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - Authentication failed
> Source breakpoint: NtlmTest1.java:229
> ----------------------------------------
> HTTP/1.1 401 Unauthorized
> Response content length: 1656
> 2012/08/22 15:05:48:626 CDT [DEBUG] BasicClientConnectionManager - Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl@18b1f8f
> 2012/08/22 15:05:48:626 CDT [DEBUG] BasicClientConnectionManager - Connection can be kept alive indefinitely
> 2012/08/22 15:05:48:626 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:56463<->198.117.0.46:443 closed
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org
[jira] [Commented] (HTTPCLIENT-1224) (regression) NTLM auth not
retried after a redirect over a non-persistent connection
Posted by "Dave Godbey (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HTTPCLIENT-1224?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13453037#comment-13453037 ]
Dave Godbey commented on HTTPCLIENT-1224:
-----------------------------------------
I tested the changes, and the redirect problem for ntlmv2 has been fixed. This ticket is ready to close.
> (regression) NTLM auth not retried after a redirect over a non-persistent connection
> ------------------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1224
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1224
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient
> Affects Versions: 4.2.1
> Environment: Fedora 15
> Reporter: Dave Godbey
> Labels: NTLM, authentication, redirect
> Fix For: 4.2.2
>
>
> When you communicate with a Microsoft Exchange server (eg. EWS), you point to /ews/Exchange.asmx. Exchange replies with a redirect order to ews/Services.wsdl. Client is failing to complete this with following wire log:
> executing request: GET /ews/Exchange.asmx HTTP/1.1
> to target: https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:41:570 CDT [DEBUG] BasicClientConnectionManager - Get connection for route {s}->https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:41:785 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:324 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:337 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:337 CDT [DEBUG] RequestTargetAuthentication - Target auth state: UNCHALLENGED
> 2012/08/22 15:05:42:338 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:338 CDT [DEBUG] DefaultHttpClient - Attempt 1 to execute request
> 2012/08/22 15:05:42:338 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:339 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:339 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:340 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:340 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:395 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:395 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Content-Length: 1656
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << WWW-Authenticate: NTLM
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:396 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:41 GMT
> 2012/08/22 15:05:42:400 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:42:401 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:42:401 CDT [DEBUG] TargetAuthenticationStrategy - Authentication schemes in the order of preference: [negotiate, Kerberos, NTLM, Digest, Basic]
> 2012/08/22 15:05:42:409 CDT [DEBUG] SPNegoScheme - Received challenge '' from the auth server
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Kerberos authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Digest authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] TargetAuthenticationStrategy - Challenge for Basic authentication scheme not available
> 2012/08/22 15:05:42:410 CDT [DEBUG] DefaultHttpClient - Selected authentication options: [NEGOTIATE, NTLM]
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestTargetAuthentication - Target auth state: CHALLENGED
> 2012/08/22 15:05:42:411 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using Negotiate scheme
> 2012/08/22 15:05:42:412 CDT [DEBUG] SPNegoScheme - init mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:428 CDT [WARN] RequestTargetAuthentication - NEGOTIATE authentication error: No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt))
> 2012/08/22 15:05:42:428 CDT [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using ntlm scheme
> 2012/08/22 15:05:42:430 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:431 CDT [DEBUG] DefaultHttpClient - Attempt 2 to execute request
> 2012/08/22 15:05:42:431 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:431 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAABAAAANQIIIAYABgAkAAAABAAEACAAAAA2ADgATgBEAEMA
> 2012/08/22 15:05:42:479 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << Content-Length: 1539
> 2012/08/22 15:05:42:479 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << WWW-Authenticate: NTLM TlRMTVNTUAACAAAABgAGADgAAAA1AokiF/jsXoLF09YAAAAAAAAAAIwAjAA+AAAABQLODgAAAA9OAEQAQwACAAYATgBEAEMAAQASAE4ARABNAFMAQwBBAFMAMAA3AAQAGABuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgADACwAbgBkAG0AcwBjAGEAcwAwADcALgBuAGQAYwAuAG4AYQBzAGEALgBnAG8AdgAFABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAAAAAA==
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:480 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:42:480 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:42:481 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:42:481 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed
> 2012/08/22 15:05:42:481 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:482 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:482 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
> 2012/08/22 15:05:42:491 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:491 CDT [DEBUG] DefaultHttpClient - Attempt 3 to execute request
> 2012/08/22 15:05:42:491 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> GET /ews/Exchange.asmx HTTP/1.1
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:42:491 CDT [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAC4ALgAWAAAAAYABgAQAQAADgAOABYBAAAEAAQAJAEAAAAAAAAoAQAANQIIIBHmQ40nLaSFn1s5yZuMSjVu5GMt03gALm3CwkwfZcuQnNpCRGUtYgwBAQAAAAAAAKDzIIKhgM0BbuRjLdN4AC4AAAAAAgAGAE4ARABDAAEAEgBOAEQATQBTAEMAQQBTADAANwAEABgAbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYAAwAsAG4AZABtAHMAYwBhAHMAMAA3AC4AbgBkAGMALgBuAGEAcwBhAC4AZwBvAHYABQAYAG4AZABjAC4AbgBhAHMAYQAuAGcAbwB2AAAAAABOAEQAQwBkAGcAbwBkAGIAZQB5ADYAOAA=
> 2012/08/22 15:05:42:548 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 302 Found
> 2012/08/22 15:05:42:548 CDT [DEBUG] headers - << HTTP/1.1 302 Found
> 2012/08/22 15:05:42:548 CDT [DEBUG] headers - << Connection: close
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << X-AspNet-Version: 2.0.50727
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Location: /ews/Services.wsdl
> 2012/08/22 15:05:42:549 CDT [DEBUG] headers - << Cache-Control: private
> 2012/08/22 15:05:42:550 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:42:551 CDT [DEBUG] DefaultRedirectStrategy - Redirect requested to location '/ews/Services.wsdl'
> 2012/08/22 15:05:42:558 CDT [DEBUG] DefaultHttpClient - Redirecting to 'https://mail02.ndc.nasa.gov:443/ews/Services.wsdl' via {s}->https://mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:559 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:56462<->198.117.0.46:443 closed
> 2012/08/22 15:05:42:560 CDT [DEBUG] DefaultClientConnectionOperator - Connecting to mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:703 CDT [DEBUG] RequestAddCookies - CookieSpec selected: best-match
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestAuthCache - Auth cache not set in the context
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
> 2012/08/22 15:05:42:704 CDT [ERROR] RequestTargetAuthentication - NTLM authentication error: Unexpected state: MSG_TYPE3_GENERATED
> 2012/08/22 15:05:42:704 CDT [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
> 2012/08/22 15:05:42:705 CDT [DEBUG] DefaultHttpClient - Attempt 4 to execute request
> 2012/08/22 15:05:42:705 CDT [DEBUG] DefaultClientConnection - Sending request: GET /ews/Services.wsdl HTTP/1.1
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> GET /ews/Services.wsdl HTTP/1.1
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> Host: mail02.ndc.nasa.gov:443
> 2012/08/22 15:05:42:705 CDT [DEBUG] headers - >> Connection: Keep-Alive
> 2012/08/22 15:05:42:706 CDT [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012/08/22 15:05:43:091 CDT [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << HTTP/1.1 401 Unauthorized
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Content-Length: 1656
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Content-Type: text/html
> 2012/08/22 15:05:43:092 CDT [DEBUG] headers - << Server: Microsoft-IIS/6.0
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << WWW-Authenticate: Negotiate
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << WWW-Authenticate: NTLM
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << X-Powered-By: ASP.NET
> 2012/08/22 15:05:43:093 CDT [DEBUG] headers - << Date: Wed, 22 Aug 2012 20:05:42 GMT
> 2012/08/22 15:05:43:093 CDT [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - mail02.ndc.nasa.gov:443 requested authentication
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - Authorization challenge processed
> 2012/08/22 15:05:43:094 CDT [DEBUG] DefaultHttpClient - Authentication failed
> Source breakpoint: NtlmTest1.java:229
> ----------------------------------------
> HTTP/1.1 401 Unauthorized
> Response content length: 1656
> 2012/08/22 15:05:48:626 CDT [DEBUG] BasicClientConnectionManager - Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl@18b1f8f
> 2012/08/22 15:05:48:626 CDT [DEBUG] BasicClientConnectionManager - Connection can be kept alive indefinitely
> 2012/08/22 15:05:48:626 CDT [DEBUG] DefaultClientConnection - Connection 0.0.0.0:56463<->198.117.0.46:443 closed
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org