HttpComponents HttpClient
  1. HttpComponents HttpClient
  2. HTTPCLIENT-1107

HttpClient does not retry authentication when multiple challenges are present if the primary one fails

    Details

      Description

      I'm trying to request a page from IIS (6 and 7.5). If the IIS is configured with providers for "negotiate" and "ntlm" then the Negotiate authentication is tried and fails, but it does not then try to use the NTLM authentication which is what I require. If I removed "negotiate" as a provider from IIS and just use NTLM then all works well - but this is not a solution as I don't have control of the web servers.

      Output below...

      [DEBUG] SingleClientConnManager - Get connection for route HttpRoute[{}->http://WIN-HNB91NNAB2G]
      [DEBUG] DefaultClientConnectionOperator - Connecting to WIN-HNB91NNAB2G/147.183.80.134:80
      [DEBUG] RequestAddCookies - CookieSpec selected: best-match
      [DEBUG] DefaultHttpClient - Attempt 1 to execute request
      [DEBUG] DefaultClientConnection - Sending request: GET / HTTP/1.1
      [DEBUG] wire - >> "GET / HTTP/1.1[\r][\n]"
      [DEBUG] wire - >> "Host: WIN-HNB91NNAB2G[\r][\n]"
      [DEBUG] wire - >> "Connection: Keep-Alive[\r][\n]"
      [DEBUG] wire - >> "User-Agent: Apache-HttpClient/4.1 (java 1.5)[\r][\n]"
      [DEBUG] wire - >> "[\r][\n]"
      [DEBUG] headers - >> GET / HTTP/1.1
      [DEBUG] headers - >> Host: WIN-HNB91NNAB2G
      [DEBUG] headers - >> Connection: Keep-Alive
      [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.1 (java 1.5)
      [DEBUG] wire - << "HTTP/1.1 401 Unauthorized[\r][\n]"
      [DEBUG] wire - << "Content-Type: text/html[\r][\n]"
      [DEBUG] wire - << "Server: Microsoft-IIS/7.5[\r][\n]"
      [DEBUG] wire - << "WWW-Authenticate: Negotiate[\r][\n]"
      [DEBUG] wire - << "WWW-Authenticate: NTLM[\r][\n]"
      [DEBUG] wire - << "Date: Fri, 15 Jul 2011 12:15:11 GMT[\r][\n]"
      [DEBUG] wire - << "Content-Length: 58[\r][\n]"
      [DEBUG] wire - << "[\r][\n]"
      [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
      [DEBUG] headers - << HTTP/1.1 401 Unauthorized
      [DEBUG] headers - << Content-Type: text/html
      [DEBUG] headers - << Server: Microsoft-IIS/7.5
      [DEBUG] headers - << WWW-Authenticate: Negotiate
      [DEBUG] headers - << WWW-Authenticate: NTLM
      [DEBUG] headers - << Date: Fri, 15 Jul 2011 12:15:11 GMT
      [DEBUG] headers - << Content-Length: 58
      [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
      [DEBUG] DefaultHttpClient - Target requested authentication
      [DEBUG] DefaultTargetAuthenticationHandler - Authentication schemes in the order of preference: [negotiate, NTLM, Digest, Basic]
      [DEBUG] DefaultTargetAuthenticationHandler - negotiate authentication scheme selected
      [DEBUG] NegotiateScheme - Received challenge '' from the auth server
      [DEBUG] DefaultHttpClient - Authorization challenge processed
      [DEBUG] DefaultHttpClient - Authentication scope: NEGOTIATE <any realm>@win-hnb91nnab2g:80
      [DEBUG] DefaultHttpClient - Found credentials
      [DEBUG] wire - << "You do not have permission to view this directory or page."
      [DEBUG] RequestAddCookies - CookieSpec selected: best-match
      [DEBUG] NegotiateScheme - init WIN-HNB91NNAB2G
      [ERROR] RequestTargetAuthentication - Authentication error: Invalid name provided (Mechanism level: Could not load configuration file C:\WINDOWS\krb5.ini (The system cannot find the file specified))
      [DEBUG] DefaultHttpClient - Attempt 2 to execute request
      [DEBUG] DefaultClientConnection - Sending request: GET / HTTP/1.1
      [DEBUG] wire - >> "GET / HTTP/1.1[\r][\n]"
      [DEBUG] wire - >> "Host: WIN-HNB91NNAB2G[\r][\n]"
      [DEBUG] wire - >> "Connection: Keep-Alive[\r][\n]"
      [DEBUG] wire - >> "User-Agent: Apache-HttpClient/4.1 (java 1.5)[\r][\n]"
      [DEBUG] wire - >> "[\r][\n]"
      [DEBUG] headers - >> GET / HTTP/1.1
      [DEBUG] headers - >> Host: WIN-HNB91NNAB2G
      [DEBUG] headers - >> Connection: Keep-Alive
      [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.1 (java 1.5)
      [DEBUG] wire - << "HTTP/1.1 401 Unauthorized[\r][\n]"
      [DEBUG] wire - << "Content-Type: text/html[\r][\n]"
      [DEBUG] wire - << "Server: Microsoft-IIS/7.5[\r][\n]"
      [DEBUG] wire - << "WWW-Authenticate: Negotiate[\r][\n]"
      [DEBUG] wire - << "WWW-Authenticate: NTLM[\r][\n]"
      [DEBUG] wire - << "Date: Fri, 15 Jul 2011 12:15:11 GMT[\r][\n]"
      [DEBUG] wire - << "Content-Length: 58[\r][\n]"
      [DEBUG] wire - << "[\r][\n]"
      [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
      [DEBUG] headers - << HTTP/1.1 401 Unauthorized
      [DEBUG] headers - << Content-Type: text/html
      [DEBUG] headers - << Server: Microsoft-IIS/7.5
      [DEBUG] headers - << WWW-Authenticate: Negotiate
      [DEBUG] headers - << WWW-Authenticate: NTLM
      [DEBUG] headers - << Date: Fri, 15 Jul 2011 12:15:11 GMT
      [DEBUG] headers - << Content-Length: 58
      [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
      [DEBUG] DefaultHttpClient - Target requested authentication
      [DEBUG] NegotiateScheme - Received challenge '' from the auth server
      [DEBUG] NegotiateScheme - Authentication already attempted
      [DEBUG] DefaultHttpClient - Authorization challenge processed
      [DEBUG] DefaultHttpClient - Authentication scope: NEGOTIATE <any realm>@win-hnb91nnab2g:80
      [DEBUG] DefaultHttpClient - Authentication failed
      [DEBUG] wire - << "You do not have permission to view this directory or page."
      content:You do not have permission to view this directory or page.
      [DEBUG] SingleClientConnManager - Releasing connection org.apache.http.impl.conn.SingleClientConnManager$ConnAdapter@17fa65e

      1. post_endless_authentication_loop.txt
        7.00 MB
        Ian Beaumont
      2. working_get_request.txt
        155 kB
        Ian Beaumont

        Issue Links

          Activity

          Hide
          Oleg Kalnichevski added a comment -

          Unfortunately a proper solution to this issue will require a fair amount of code refactoring and deprecation of the AuthenticationHandler interface.

          Oleg

          Show
          Oleg Kalnichevski added a comment - Unfortunately a proper solution to this issue will require a fair amount of code refactoring and deprecation of the AuthenticationHandler interface. Oleg
          Hide
          David Waite added a comment -

          Oleg, can you give more details on your envisioned approach?

          I've been working on this for my own needs, but my approaches keep having issues due to the authentication schemes being split into processChallenge and authenticate, which are called in very different parts of the code.

          One approach I thought of is to create every challenged scheme from the response and attempt to authenticate in order for making the headers out - but this will make an array of AuthState objects, which will break ClientContext.TARGET_AUTH_STATE (and the proxy equivalent).

          Show
          David Waite added a comment - Oleg, can you give more details on your envisioned approach? I've been working on this for my own needs, but my approaches keep having issues due to the authentication schemes being split into processChallenge and authenticate, which are called in very different parts of the code. One approach I thought of is to create every challenged scheme from the response and attempt to authenticate in order for making the headers out - but this will make an array of AuthState objects, which will break ClientContext.TARGET_AUTH_STATE (and the proxy equivalent).
          Hide
          Oleg Kalnichevski added a comment -

          David,

          Luckily AuthState is a class and not an interface, so we can simply deprecate the #setAuthScheme(AuthScheme) method in favor of new #setAuthSchemes(List<AuthScheme>) method without breaking API compatibility. Yes, the approach you outlined sounds feasible. Another possibility might be to move all authentication logic into the auth handler. The product of the handler's work would be a Header containing the final auth response to one of the available chanllenges instead of a list of AtuhScheme objects.

          I intend to fix this problem the first thing after the coming ALPHA releases of HttpCore 4.2 and HttpAsyncClient and 4.0 are done with, but do feel free to take over.

          Oleg

          Show
          Oleg Kalnichevski added a comment - David, Luckily AuthState is a class and not an interface, so we can simply deprecate the #setAuthScheme(AuthScheme) method in favor of new #setAuthSchemes(List<AuthScheme>) method without breaking API compatibility. Yes, the approach you outlined sounds feasible. Another possibility might be to move all authentication logic into the auth handler. The product of the handler's work would be a Header containing the final auth response to one of the available chanllenges instead of a list of AtuhScheme objects. I intend to fix this problem the first thing after the coming ALPHA releases of HttpCore 4.2 and HttpAsyncClient and 4.0 are done with, but do feel free to take over. Oleg
          Hide
          Oleg Kalnichevski added a comment -

          The auth scheme fall-back mechanism should now work as expected. Could you please try out the latest SVN snapshot and let me know the results?

          Oleg

          Show
          Oleg Kalnichevski added a comment - The auth scheme fall-back mechanism should now work as expected. Could you please try out the latest SVN snapshot and let me know the results? Oleg
          Hide
          HAOUAS added a comment -

          Hi everyone,

          I have the same issue on my program and I am currently testing the Version 4.2 Alpha1.

          Could you tell me please if the code sample showed in http://hc.apache.org/httpcomponents-client-ga/ntlm.html
          is still intended to work with the fix ?

          thx

          Show
          HAOUAS added a comment - Hi everyone, I have the same issue on my program and I am currently testing the Version 4.2 Alpha1. Could you tell me please if the code sample showed in http://hc.apache.org/httpcomponents-client-ga/ntlm.html is still intended to work with the fix ? thx
          Hide
          Oleg Kalnichevski added a comment -

          > Could you tell me please if the code sample showed in http://hc.apache.org/httpcomponents-client-ga/ntlm.html
          > is still intended to work with the fix ?

          Yes, it is.

          Please note, though, JIRA is not a bulletin board. It is an issue tracker. Please post all your HttpClient related questions to the user mailing list instead [1].

          Oleg

          [1] http://hc.apache.org/mail-lists.html

          Show
          Oleg Kalnichevski added a comment - > Could you tell me please if the code sample showed in http://hc.apache.org/httpcomponents-client-ga/ntlm.html > is still intended to work with the fix ? Yes, it is. Please note, though, JIRA is not a bulletin board. It is an issue tracker. Please post all your HttpClient related questions to the user mailing list instead [1] . Oleg [1] http://hc.apache.org/mail-lists.html
          Hide
          Ian Beaumont added a comment -

          I've tested my original problem against Version 4.2 Alpha1 and it appears fixed now.
          Thank you Oleg!

          Show
          Ian Beaumont added a comment - I've tested my original problem against Version 4.2 Alpha1 and it appears fixed now. Thank you Oleg!
          Hide
          Oleg Kalnichevski added a comment -

          @Ian

          Glad to hear that. Would it be a big deal for you to generate a header wire + context log [1] of the session for me to take a look at, though?

          Oleg

          [1] http://hc.apache.org/httpcomponents-client-ga/logging.html

          Show
          Oleg Kalnichevski added a comment - @Ian Glad to hear that. Would it be a big deal for you to generate a header wire + context log [1] of the session for me to take a look at, though? Oleg [1] http://hc.apache.org/httpcomponents-client-ga/logging.html
          Hide
          Ian Beaumont added a comment -

          Here you go...(let me know if you need something different).

          authSchemes[basic, digest, ntlm, negotiate]
          [DEBUG] PoolingClientConnectionManager - Connection request: [route: {}->http://WIN2008-CAT][total kept alive: 0; route allocated: 0 of 2; total allocated: 0 of 20]
          [DEBUG] PoolingClientConnectionManager - Connection leased: [id: 0][route: {}->http://WIN2008-CAT][total kept alive: 0; route allocated: 1 of 2; total allocated: 1 of 20]
          [DEBUG] DefaultClientConnectionOperator - Connecting to WIN2008-CAT:80
          [DEBUG] RequestAddCookies - CookieSpec selected: best-match
          [DEBUG] RequestAuthCache - Auth cache not set in the context
          [DEBUG] RequestTargetAuthentication - Target auth state: UNCHALLENGED
          [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
          [DEBUG] DefaultHttpClient - Attempt 1 to execute request
          [DEBUG] DefaultClientConnection - Sending request: GET / HTTP/1.1
          [DEBUG] wire - >> "GET / HTTP/1.1[\r][\n]"
          [DEBUG] wire - >> "Host: WIN2008-CAT[\r][\n]"
          [DEBUG] wire - >> "Connection: Keep-Alive[\r][\n]"
          [DEBUG] wire - >> "User-Agent: Apache-HttpClient/4.2-alpha1 (java 1.5)[\r][\n]"
          [DEBUG] wire - >> "[\r][\n]"
          [DEBUG] headers - >> GET / HTTP/1.1
          [DEBUG] headers - >> Host: WIN2008-CAT
          [DEBUG] headers - >> Connection: Keep-Alive
          [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2-alpha1 (java 1.5)
          [DEBUG] wire - << "HTTP/1.1 401 Unauthorized[\r][\n]"
          [DEBUG] wire - << "Content-Type: text/html[\r][\n]"
          [DEBUG] wire - << "Server: Microsoft-IIS/7.0[\r][\n]"
          [DEBUG] wire - << "WWW-Authenticate: Negotiate[\r][\n]"
          [DEBUG] wire - << "WWW-Authenticate: NTLM[\r][\n]"
          [DEBUG] wire - << "X-Powered-By: ASP.NET[\r][\n]"
          [DEBUG] wire - << "Date: Tue, 08 Nov 2011 13:01:06 GMT[\r][\n]"
          [DEBUG] wire - << "Content-Length: 1293[\r][\n]"
          [DEBUG] wire - << "[\r][\n]"
          [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
          [DEBUG] headers - << HTTP/1.1 401 Unauthorized
          [DEBUG] headers - << Content-Type: text/html
          [DEBUG] headers - << Server: Microsoft-IIS/7.0
          [DEBUG] headers - << WWW-Authenticate: Negotiate
          [DEBUG] headers - << WWW-Authenticate: NTLM
          [DEBUG] headers - << X-Powered-By: ASP.NET
          [DEBUG] headers - << Date: Tue, 08 Nov 2011 13:01:06 GMT
          [DEBUG] headers - << Content-Length: 1293
          [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
          [DEBUG] DefaultHttpClient - WIN2008-CAT:80 requested authentication
          [DEBUG] TargetAuthenticationStrategy - Authentication schemes in the order of preference: [negotiate, NTLM, Digest, Basic]
          [DEBUG] NegotiateScheme - Received challenge '' from the auth server
          [DEBUG] TargetAuthenticationStrategy - Challenge for Digest authentication scheme not available
          [DEBUG] TargetAuthenticationStrategy - Challenge for Basic authentication scheme not available
          [DEBUG] wire - << "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">[\r][\n]"
          [DEBUG] wire - << "<html xmlns="http://www.w3.org/1999/xhtml">[\r][\n]"
          [DEBUG] wire - << "<head>[\r][\n]"
          [DEBUG] wire - << "<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>[\r][\n]"
          [DEBUG] wire - << "<title>401 - Unauthorized: Access is denied due to invalid credentials.</title>[\r][\n]"
          [DEBUG] wire - << "<style type="text/css">[\r][\n]"
          [DEBUG] wire - << "<!--[\r][\n]"
          [DEBUG] wire - << "body

          {margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}

          [\r][\n]"
          [DEBUG] wire - << "fieldset

          {padding:0 15px 10px 15px;}

          [\r][\n]"
          [DEBUG] wire - << "h1

          {font-size:2.4em;margin:0;color:#FFF;}

          [\r][\n]"
          [DEBUG] wire - << "h2

          {font-size:1.7em;margin:0;color:#CC0000;}

          [\r][\n]"
          [DEBUG] wire - << "h3

          {font-size:1.2em;margin:10px 0 0 0;color:#000000;}

          [\r][\n]"
          [DEBUG] wire - << "#header

          {width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;[\r][\n]" [DEBUG] wire - << "background-color:#555555;}

          [\r][\n]"
          [DEBUG] wire - << "#content

          {margin:0 0 0 2%;position:relative;}

          [\r][\n]"
          [DEBUG] wire - << ".content-container

          {background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}

          [\r][\n]"
          [DEBUG] wire - << "-->[\r][\n]"
          [DEBUG] wire - << "</style>[\r][\n]"
          [DEBUG] wire - << "</head>[\r][\n]"
          [DEBUG] wire - << "<body>[\r][\n]"
          [DEBUG] wire - << "<div id="header"><h1>Server Error</h1></div>[\r][\n]"
          [DEBUG] wire - << "<div id="content">[\r][\n]"
          [DEBUG] wire - << " <div class="content-container"><fieldset>[\r][\n]"
          [DEBUG] wire - << " <h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2>[\r][\n]"
          [DEBUG] wire - << " <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>[\r][\n]"
          [DEBUG] wire - << " </fieldset></div>[\r][\n]"
          [DEBUG] wire - << "</div>[\r][\n]"
          [DEBUG] wire - << "</body>[\r][\n]"
          [DEBUG] wire - << "</html>[\r][\n]"
          [DEBUG] RequestAddCookies - CookieSpec selected: best-match
          [DEBUG] RequestAuthCache - Auth cache not set in the context
          [DEBUG] RequestTargetAuthentication - Target auth state: CHALLENGED
          [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using Negotiate scheme
          [DEBUG] NegotiateScheme - init WIN2008-CAT
          [WARN] RequestTargetAuthentication - NEGOTIATE authentication error: Invalid name provided (Mechanism level: Could not load configuration file C:\WINDOWS\krb5.ini (The system cannot find the file specified))
          [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using ntlm scheme
          [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
          [DEBUG] DefaultHttpClient - Attempt 2 to execute request
          [DEBUG] DefaultClientConnection - Sending request: GET / HTTP/1.1
          [DEBUG] wire - >> "GET / HTTP/1.1[\r][\n]"
          [DEBUG] wire - >> "Host: WIN2008-CAT[\r][\n]"
          [DEBUG] wire - >> "Connection: Keep-Alive[\r][\n]"
          [DEBUG] wire - >> "User-Agent: Apache-HttpClient/4.2-alpha1 (java 1.5)[\r][\n]"
          [DEBUG] wire - >> "Authorization: NTLM TlRMTVNTUAABAAAANQIIIAYABgA2AAAAFgAWACAAAABJAEEATgAtAEwAQQBQAFQATwBQADIAUwBXAEcA[\r][\n]"
          [DEBUG] wire - >> "[\r][\n]"
          [DEBUG] headers - >> GET / HTTP/1.1
          [DEBUG] headers - >> Host: WIN2008-CAT
          [DEBUG] headers - >> Connection: Keep-Alive
          [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2-alpha1 (java 1.5)
          [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAABAAAANQIIIAYABgA2AAAAFgAWACAAAABJAEEATgAtAEwAQQBQAFQATwBQADIAUwBXAEcA
          [DEBUG] wire - << "HTTP/1.1 401 Unauthorized[\r][\n]"
          [DEBUG] wire - << "Content-Type: text/html[\r][\n]"
          [DEBUG] wire - << "Server: Microsoft-IIS/7.0[\r][\n]"
          [DEBUG] wire - << "WWW-Authenticate: NTLM TlRMTVNTUAACAAAABgAGADgAAAA1Aoki96Eu6J7t1joAAAAAAAAAAJgAmAA+AAAABgByFwAAAA9TAFcARwACAAYAUwBXAEcAAQAWAFcASQBOADIAMAAwADgALQBDAEEAVAAEABgAUwBXAEcALgBDAEQAQwAuAFIATwBPAFQAAwAwAFcASQBOADIAMAAwADgALQBDAEEAVAAuAFMAVwBHAC4AQwBEAEMALgBSAE8ATwBUAAUAEABjAGQAYwAuAHIAbwBvAHQABwAIAOKwfHoWnswBAAAAAA==[\r][\n]"
          [DEBUG] wire - << "WWW-Authenticate: Negotiate[\r][\n]"
          [DEBUG] wire - << "X-Powered-By: ASP.NET[\r][\n]"
          [DEBUG] wire - << "Date: Tue, 08 Nov 2011 13:01:06 GMT[\r][\n]"
          [DEBUG] wire - << "Content-Length: 1293[\r][\n]"
          [DEBUG] wire - << "[\r][\n]"
          [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized
          [DEBUG] headers - << HTTP/1.1 401 Unauthorized
          [DEBUG] headers - << Content-Type: text/html
          [DEBUG] headers - << Server: Microsoft-IIS/7.0
          [DEBUG] headers - << WWW-Authenticate: NTLM TlRMTVNTUAACAAAABgAGADgAAAA1Aoki96Eu6J7t1joAAAAAAAAAAJgAmAA+AAAABgByFwAAAA9TAFcARwACAAYAUwBXAEcAAQAWAFcASQBOADIAMAAwADgALQBDAEEAVAAEABgAUwBXAEcALgBDAEQAQwAuAFIATwBPAFQAAwAwAFcASQBOADIAMAAwADgALQBDAEEAVAAuAFMAVwBHAC4AQwBEAEMALgBSAE8ATwBUAAUAEABjAGQAYwAuAHIAbwBvAHQABwAIAOKwfHoWnswBAAAAAA==
          [DEBUG] headers - << WWW-Authenticate: Negotiate
          [DEBUG] headers - << X-Powered-By: ASP.NET
          [DEBUG] headers - << Date: Tue, 08 Nov 2011 13:01:06 GMT
          [DEBUG] headers - << Content-Length: 1293
          [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
          [DEBUG] DefaultHttpClient - WIN2008-CAT:80 requested authentication
          [DEBUG] DefaultHttpClient - Authorization challenge processed
          [DEBUG] wire - << "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">[\r][\n]"
          [DEBUG] wire - << "<html xmlns="http://www.w3.org/1999/xhtml">[\r][\n]"
          [DEBUG] wire - << "<head>[\r][\n]"
          [DEBUG] wire - << "<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>[\r][\n]"
          [DEBUG] wire - << "<title>401 - Unauthorized: Access is denied due to invalid credentials.</title>[\r][\n]"
          [DEBUG] wire - << "<style type="text/css">[\r][\n]"
          [DEBUG] wire - << "<!--[\r][\n]"
          [DEBUG] wire - << "body

          {margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}

          [\r][\n]"
          [DEBUG] wire - << "fieldset

          {padding:0 15px 10px 15px;}

          [\r][\n]"
          [DEBUG] wire - << "h1

          {font-size:2.4em;margin:0;color:#FFF;}

          [\r][\n]"
          [DEBUG] wire - << "h2

          {font-size:1.7em;margin:0;color:#CC0000;}

          [\r][\n]"
          [DEBUG] wire - << "h3

          {font-size:1.2em;margin:10px 0 0 0;color:#000000;}

          [\r][\n]"
          [DEBUG] wire - << "#header

          {width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;[\r][\n]" [DEBUG] wire - << "background-color:#555555;}

          [\r][\n]"
          [DEBUG] wire - << "#content

          {margin:0 0 0 2%;position:relative;}

          [\r][\n]"
          [DEBUG] wire - << ".content-container

          {background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}

          [\r][\n]"
          [DEBUG] wire - << "-->[\r][\n]"
          [DEBUG] wire - << "</style>[\r][\n]"
          [DEBUG] wire - << "</head>[\r][\n]"
          [DEBUG] wire - << "<body>[\r][\n]"
          [DEBUG] wire - << "<div id="header"><h1>Server Error</h1></div>[\r][\n]"
          [DEBUG] wire - << "<div id="content">[\r][\n]"
          [DEBUG] wire - << " <div class="content-container"><fieldset>[\r][\n]"
          [DEBUG] wire - << " <h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2>[\r][\n]"
          [DEBUG] wire - << " <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>[\r][\n]"
          [DEBUG] wire - << " </fieldset></div>[\r][\n]"
          [DEBUG] wire - << "</div>[\r][\n]"
          [DEBUG] wire - << "</body>[\r][\n]"
          [DEBUG] wire - << "</html>[\r][\n]"
          [DEBUG] RequestAddCookies - CookieSpec selected: best-match
          [DEBUG] RequestAuthCache - Auth cache not set in the context
          [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE
          [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
          [DEBUG] DefaultHttpClient - Attempt 3 to execute request
          [DEBUG] DefaultClientConnection - Sending request: GET / HTTP/1.1
          [DEBUG] wire - >> "GET / HTTP/1.1[\r][\n]"
          [DEBUG] wire - >> "Host: WIN2008-CAT[\r][\n]"
          [DEBUG] wire - >> "Connection: Keep-Alive[\r][\n]"
          [DEBUG] wire - >> "User-Agent: Apache-HttpClient/4.2-alpha1 (java 1.5)[\r][\n]"
          [DEBUG] wire - >> "Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAADEAMQAWAAAAAYABgAcAQAAEgASACIBAAAWABYANAEAAAAAAABKAQAANQIIIKG3pGkmvtI0sFFa6CS+/yvXTfdr4+0L7pYPHxK1BocwDzJXBXTd4mMBAQAAAAAAAMBXzaEWnswB1033a+PtC+4AAAAAAgAGAFMAVwBHAAEAFgBXAEkATgAyADAAMAA4AC0AQwBBAFQABAAYAFMAVwBHAC4AQwBEAEMALgBSAE8ATwBUAAMAMABXAEkATgAyADAAMAA4AC0AQwBBAFQALgBTAFcARwAuAEMARABDAC4AUgBPAE8AVAAFABAAYwBkAGMALgByAG8AbwB0AAcACADisHx6Fp7MAQAAAABTAFcARwBJAEIAZQBhAHUAbQBvAG4AdABJAEEATgAtAEwAQQBQAFQATwBQADIA[\r][\n]"
          [DEBUG] wire - >> "[\r][\n]"
          [DEBUG] headers - >> GET / HTTP/1.1
          [DEBUG] headers - >> Host: WIN2008-CAT
          [DEBUG] headers - >> Connection: Keep-Alive
          [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2-alpha1 (java 1.5)
          [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAADEAMQAWAAAAAYABgAcAQAAEgASACIBAAAWABYANAEAAAAAAABKAQAANQIIIKG3pGkmvtI0sFFa6CS+/yvXTfdr4+0L7pYPHxK1BocwDzJXBXTd4mMBAQAAAAAAAMBXzaEWnswB1033a+PtC+4AAAAAAgAGAFMAVwBHAAEAFgBXAEkATgAyADAAMAA4AC0AQwBBAFQABAAYAFMAVwBHAC4AQwBEAEMALgBSAE8ATwBUAAMAMABXAEkATgAyADAAMAA4AC0AQwBBAFQALgBTAFcARwAuAEMARABDAC4AUgBPAE8AVAAFABAAYwBkAGMALgByAG8AbwB0AAcACADisHx6Fp7MAQAAAABTAFcARwBJAEIAZQBhAHUAbQBvAG4AdABJAEEATgAtAEwAQQBQAFQATwBQADIA
          [DEBUG] wire - << "HTTP/1.1 200 OK[\r][\n]"
          [DEBUG] wire - << "Content-Type: text/html[\r][\n]"
          [DEBUG] wire - << "Last-Modified: Thu, 17 Feb 2011 16:49:40 GMT[\r][\n]"
          [DEBUG] wire - << "Accept-Ranges: bytes[\r][\n]"
          [DEBUG] wire - << "ETag: "d9919dabc2cecb1:0"[\r][\n]"
          [DEBUG] wire - << "Server: Microsoft-IIS/7.0[\r][\n]"
          [DEBUG] wire - << "X-Powered-By: ASP.NET[\r][\n]"
          [DEBUG] wire - << "Date: Tue, 08 Nov 2011 13:01:06 GMT[\r][\n]"
          [DEBUG] wire - << "Content-Length: 689[\r][\n]"
          [DEBUG] wire - << "[\r][\n]"
          [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 200 OK
          [DEBUG] headers - << HTTP/1.1 200 OK
          [DEBUG] headers - << Content-Type: text/html
          [DEBUG] headers - << Last-Modified: Thu, 17 Feb 2011 16:49:40 GMT
          [DEBUG] headers - << Accept-Ranges: bytes
          [DEBUG] headers - << ETag: "d9919dabc2cecb1:0"
          [DEBUG] headers - << Server: Microsoft-IIS/7.0
          [DEBUG] headers - << X-Powered-By: ASP.NET
          [DEBUG] headers - << Date: Tue, 08 Nov 2011 13:01:06 GMT
          [DEBUG] headers - << Content-Length: 689
          [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely
          [DEBUG] wire - << "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">[\r][\n]"
          [DEBUG] wire - << "<html xmlns="http://www.w3.org/1999/xhtml">[\r][\n]"
          [DEBUG] wire - << "<head>[\r][\n]"
          [DEBUG] wire - << "<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />[\r][\n]"
          [DEBUG] wire - << "<title>IIS7</title>[\r][\n]"
          [DEBUG] wire - << "<style type="text/css">[\r][\n]"
          [DEBUG] wire - << "<!--[\r][\n]"
          [DEBUG] wire - << "body

          {[\r][\n]" [DEBUG] wire - << "[0x9]color:#000000;[\r][\n]" [DEBUG] wire - << "[0x9]background-color:#B3B3B3;[\r][\n]" [DEBUG] wire - << "[0x9]margin:0;[\r][\n]" [DEBUG] wire - << "}

          [\r][\n]"
          [DEBUG] wire - << "[\r][\n]"
          [DEBUG] wire - << "#container

          {[\r][\n]" [DEBUG] wire - << "[0x9]margin-left:auto;[\r][\n]" [DEBUG] wire - << "[0x9]margin-right:auto;[\r][\n]" [DEBUG] wire - << "[0x9]text-align:center;[\r][\n]" [DEBUG] wire - << "[0x9]}

          [\r][\n]"
          [DEBUG] wire - << "[\r][\n]"
          [DEBUG] wire - << "a img

          {[\r][\n]" [DEBUG] wire - << "[0x9]border:none;[\r][\n]" [DEBUG] wire - << "}

          [\r][\n]"
          [DEBUG] wire - << "[\r][\n]"
          [DEBUG] wire - << "-->[\r][\n]"
          [DEBUG] wire - << "</style>[\r][\n]"
          [DEBUG] wire - << "</head>[\r][\n]"
          [DEBUG] wire - << "<body>[\r][\n]"
          [DEBUG] wire - << "<div id="container">[\r][\n]"
          [DEBUG] wire - << "<a href="http://go.microsoft.com/fwlink/?linkid=66138&clcid=0x409"><img src="welcome.png" alt="IIS7" width="571" height="411" /></a>[\r][\n]"
          content:<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
          [DEBUG] wire - << "</div>[\r][\n]"
          <html xmlns="http://www.w3.org/1999/xhtml">
          [DEBUG] wire - << "</body>[\r][\n]"
          <head>
          [DEBUG] wire - << "</html>"
          <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
          <title>IIS7</title>
          <style type="text/css">
          <!--
          body

          { color:#000000; background-color:#B3B3B3; margin:0; }

          [DEBUG] PoolingClientConnectionManager - Connection [id: 0][route: {}->http://WIN2008-CAT][state: XXX/YYYYYYYYYY] can be kept alive indefinitely
          #container

          { margin-left:auto; margin-right:auto; text-align:center; }

          a img

          { border:none; }

          [DEBUG] PoolingClientConnectionManager - Connection released: [id: 0][route: {}->http://WIN2008-CAT][state: XXX/YYYYYYYYYY][total kept alive: 1; route allocated: 1 of 2; total allocated: 1 of 20]
          -->
          </style>
          </head>
          <body>
          <div id="container">
          <a href="http://go.microsoft.com/fwlink/?linkid=66138&clcid=0x409"><img src="welcome.png" alt="IIS7" width="571" height="411" /></a>
          </div>
          </body>
          </html>

          Show
          Ian Beaumont added a comment - Here you go...(let me know if you need something different). authSchemes [basic, digest, ntlm, negotiate] [DEBUG] PoolingClientConnectionManager - Connection request: [route: {}->http://WIN2008-CAT] [total kept alive: 0; route allocated: 0 of 2; total allocated: 0 of 20] [DEBUG] PoolingClientConnectionManager - Connection leased: [id: 0] [route: {}->http://WIN2008-CAT] [total kept alive: 0; route allocated: 1 of 2; total allocated: 1 of 20] [DEBUG] DefaultClientConnectionOperator - Connecting to WIN2008-CAT:80 [DEBUG] RequestAddCookies - CookieSpec selected: best-match [DEBUG] RequestAuthCache - Auth cache not set in the context [DEBUG] RequestTargetAuthentication - Target auth state: UNCHALLENGED [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED [DEBUG] DefaultHttpClient - Attempt 1 to execute request [DEBUG] DefaultClientConnection - Sending request: GET / HTTP/1.1 [DEBUG] wire - >> "GET / HTTP/1.1 [\r] [\n] " [DEBUG] wire - >> "Host: WIN2008-CAT [\r] [\n] " [DEBUG] wire - >> "Connection: Keep-Alive [\r] [\n] " [DEBUG] wire - >> "User-Agent: Apache-HttpClient/4.2-alpha1 (java 1.5) [\r] [\n] " [DEBUG] wire - >> " [\r] [\n] " [DEBUG] headers - >> GET / HTTP/1.1 [DEBUG] headers - >> Host: WIN2008-CAT [DEBUG] headers - >> Connection: Keep-Alive [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2-alpha1 (java 1.5) [DEBUG] wire - << "HTTP/1.1 401 Unauthorized [\r] [\n] " [DEBUG] wire - << "Content-Type: text/html [\r] [\n] " [DEBUG] wire - << "Server: Microsoft-IIS/7.0 [\r] [\n] " [DEBUG] wire - << "WWW-Authenticate: Negotiate [\r] [\n] " [DEBUG] wire - << "WWW-Authenticate: NTLM [\r] [\n] " [DEBUG] wire - << "X-Powered-By: ASP.NET [\r] [\n] " [DEBUG] wire - << "Date: Tue, 08 Nov 2011 13:01:06 GMT [\r] [\n] " [DEBUG] wire - << "Content-Length: 1293 [\r] [\n] " [DEBUG] wire - << " [\r] [\n] " [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized [DEBUG] headers - << HTTP/1.1 401 Unauthorized [DEBUG] headers - << Content-Type: text/html [DEBUG] headers - << Server: Microsoft-IIS/7.0 [DEBUG] headers - << WWW-Authenticate: Negotiate [DEBUG] headers - << WWW-Authenticate: NTLM [DEBUG] headers - << X-Powered-By: ASP.NET [DEBUG] headers - << Date: Tue, 08 Nov 2011 13:01:06 GMT [DEBUG] headers - << Content-Length: 1293 [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely [DEBUG] DefaultHttpClient - WIN2008-CAT:80 requested authentication [DEBUG] TargetAuthenticationStrategy - Authentication schemes in the order of preference: [negotiate, NTLM, Digest, Basic] [DEBUG] NegotiateScheme - Received challenge '' from the auth server [DEBUG] TargetAuthenticationStrategy - Challenge for Digest authentication scheme not available [DEBUG] TargetAuthenticationStrategy - Challenge for Basic authentication scheme not available [DEBUG] wire - << "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> [\r] [\n] " [DEBUG] wire - << "<html xmlns="http://www.w3.org/1999/xhtml"> [\r] [\n] " [DEBUG] wire - << "<head> [\r] [\n] " [DEBUG] wire - << "<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> [\r] [\n] " [DEBUG] wire - << "<title>401 - Unauthorized: Access is denied due to invalid credentials.</title> [\r] [\n] " [DEBUG] wire - << "<style type="text/css"> [\r] [\n] " [DEBUG] wire - << "<!-- [\r] [\n] " [DEBUG] wire - << "body {margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} [\r] [\n] " [DEBUG] wire - << "fieldset {padding:0 15px 10px 15px;} [\r] [\n] " [DEBUG] wire - << "h1 {font-size:2.4em;margin:0;color:#FFF;} [\r] [\n] " [DEBUG] wire - << "h2 {font-size:1.7em;margin:0;color:#CC0000;} [\r] [\n] " [DEBUG] wire - << "h3 {font-size:1.2em;margin:10px 0 0 0;color:#000000;} [\r] [\n] " [DEBUG] wire - << "#header {width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;[\r][\n]" [DEBUG] wire - << "background-color:#555555;} [\r] [\n] " [DEBUG] wire - << "#content {margin:0 0 0 2%;position:relative;} [\r] [\n] " [DEBUG] wire - << ".content-container {background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} [\r] [\n] " [DEBUG] wire - << "--> [\r] [\n] " [DEBUG] wire - << "</style> [\r] [\n] " [DEBUG] wire - << "</head> [\r] [\n] " [DEBUG] wire - << "<body> [\r] [\n] " [DEBUG] wire - << "<div id="header"><h1>Server Error</h1></div> [\r] [\n] " [DEBUG] wire - << "<div id="content"> [\r] [\n] " [DEBUG] wire - << " <div class="content-container"><fieldset> [\r] [\n] " [DEBUG] wire - << " <h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2> [\r] [\n] " [DEBUG] wire - << " <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> [\r] [\n] " [DEBUG] wire - << " </fieldset></div> [\r] [\n] " [DEBUG] wire - << "</div> [\r] [\n] " [DEBUG] wire - << "</body> [\r] [\n] " [DEBUG] wire - << "</html> [\r] [\n] " [DEBUG] RequestAddCookies - CookieSpec selected: best-match [DEBUG] RequestAuthCache - Auth cache not set in the context [DEBUG] RequestTargetAuthentication - Target auth state: CHALLENGED [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using Negotiate scheme [DEBUG] NegotiateScheme - init WIN2008-CAT [WARN] RequestTargetAuthentication - NEGOTIATE authentication error: Invalid name provided (Mechanism level: Could not load configuration file C:\WINDOWS\krb5.ini (The system cannot find the file specified)) [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using ntlm scheme [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED [DEBUG] DefaultHttpClient - Attempt 2 to execute request [DEBUG] DefaultClientConnection - Sending request: GET / HTTP/1.1 [DEBUG] wire - >> "GET / HTTP/1.1 [\r] [\n] " [DEBUG] wire - >> "Host: WIN2008-CAT [\r] [\n] " [DEBUG] wire - >> "Connection: Keep-Alive [\r] [\n] " [DEBUG] wire - >> "User-Agent: Apache-HttpClient/4.2-alpha1 (java 1.5) [\r] [\n] " [DEBUG] wire - >> "Authorization: NTLM TlRMTVNTUAABAAAANQIIIAYABgA2AAAAFgAWACAAAABJAEEATgAtAEwAQQBQAFQATwBQADIAUwBXAEcA [\r] [\n] " [DEBUG] wire - >> " [\r] [\n] " [DEBUG] headers - >> GET / HTTP/1.1 [DEBUG] headers - >> Host: WIN2008-CAT [DEBUG] headers - >> Connection: Keep-Alive [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2-alpha1 (java 1.5) [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAABAAAANQIIIAYABgA2AAAAFgAWACAAAABJAEEATgAtAEwAQQBQAFQATwBQADIAUwBXAEcA [DEBUG] wire - << "HTTP/1.1 401 Unauthorized [\r] [\n] " [DEBUG] wire - << "Content-Type: text/html [\r] [\n] " [DEBUG] wire - << "Server: Microsoft-IIS/7.0 [\r] [\n] " [DEBUG] wire - << "WWW-Authenticate: NTLM TlRMTVNTUAACAAAABgAGADgAAAA1Aoki96Eu6J7t1joAAAAAAAAAAJgAmAA+AAAABgByFwAAAA9TAFcARwACAAYAUwBXAEcAAQAWAFcASQBOADIAMAAwADgALQBDAEEAVAAEABgAUwBXAEcALgBDAEQAQwAuAFIATwBPAFQAAwAwAFcASQBOADIAMAAwADgALQBDAEEAVAAuAFMAVwBHAC4AQwBEAEMALgBSAE8ATwBUAAUAEABjAGQAYwAuAHIAbwBvAHQABwAIAOKwfHoWnswBAAAAAA== [\r] [\n] " [DEBUG] wire - << "WWW-Authenticate: Negotiate [\r] [\n] " [DEBUG] wire - << "X-Powered-By: ASP.NET [\r] [\n] " [DEBUG] wire - << "Date: Tue, 08 Nov 2011 13:01:06 GMT [\r] [\n] " [DEBUG] wire - << "Content-Length: 1293 [\r] [\n] " [DEBUG] wire - << " [\r] [\n] " [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 401 Unauthorized [DEBUG] headers - << HTTP/1.1 401 Unauthorized [DEBUG] headers - << Content-Type: text/html [DEBUG] headers - << Server: Microsoft-IIS/7.0 [DEBUG] headers - << WWW-Authenticate: NTLM TlRMTVNTUAACAAAABgAGADgAAAA1Aoki96Eu6J7t1joAAAAAAAAAAJgAmAA+AAAABgByFwAAAA9TAFcARwACAAYAUwBXAEcAAQAWAFcASQBOADIAMAAwADgALQBDAEEAVAAEABgAUwBXAEcALgBDAEQAQwAuAFIATwBPAFQAAwAwAFcASQBOADIAMAAwADgALQBDAEEAVAAuAFMAVwBHAC4AQwBEAEMALgBSAE8ATwBUAAUAEABjAGQAYwAuAHIAbwBvAHQABwAIAOKwfHoWnswBAAAAAA== [DEBUG] headers - << WWW-Authenticate: Negotiate [DEBUG] headers - << X-Powered-By: ASP.NET [DEBUG] headers - << Date: Tue, 08 Nov 2011 13:01:06 GMT [DEBUG] headers - << Content-Length: 1293 [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely [DEBUG] DefaultHttpClient - WIN2008-CAT:80 requested authentication [DEBUG] DefaultHttpClient - Authorization challenge processed [DEBUG] wire - << "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> [\r] [\n] " [DEBUG] wire - << "<html xmlns="http://www.w3.org/1999/xhtml"> [\r] [\n] " [DEBUG] wire - << "<head> [\r] [\n] " [DEBUG] wire - << "<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> [\r] [\n] " [DEBUG] wire - << "<title>401 - Unauthorized: Access is denied due to invalid credentials.</title> [\r] [\n] " [DEBUG] wire - << "<style type="text/css"> [\r] [\n] " [DEBUG] wire - << "<!-- [\r] [\n] " [DEBUG] wire - << "body {margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} [\r] [\n] " [DEBUG] wire - << "fieldset {padding:0 15px 10px 15px;} [\r] [\n] " [DEBUG] wire - << "h1 {font-size:2.4em;margin:0;color:#FFF;} [\r] [\n] " [DEBUG] wire - << "h2 {font-size:1.7em;margin:0;color:#CC0000;} [\r] [\n] " [DEBUG] wire - << "h3 {font-size:1.2em;margin:10px 0 0 0;color:#000000;} [\r] [\n] " [DEBUG] wire - << "#header {width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;[\r][\n]" [DEBUG] wire - << "background-color:#555555;} [\r] [\n] " [DEBUG] wire - << "#content {margin:0 0 0 2%;position:relative;} [\r] [\n] " [DEBUG] wire - << ".content-container {background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} [\r] [\n] " [DEBUG] wire - << "--> [\r] [\n] " [DEBUG] wire - << "</style> [\r] [\n] " [DEBUG] wire - << "</head> [\r] [\n] " [DEBUG] wire - << "<body> [\r] [\n] " [DEBUG] wire - << "<div id="header"><h1>Server Error</h1></div> [\r] [\n] " [DEBUG] wire - << "<div id="content"> [\r] [\n] " [DEBUG] wire - << " <div class="content-container"><fieldset> [\r] [\n] " [DEBUG] wire - << " <h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2> [\r] [\n] " [DEBUG] wire - << " <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> [\r] [\n] " [DEBUG] wire - << " </fieldset></div> [\r] [\n] " [DEBUG] wire - << "</div> [\r] [\n] " [DEBUG] wire - << "</body> [\r] [\n] " [DEBUG] wire - << "</html> [\r] [\n] " [DEBUG] RequestAddCookies - CookieSpec selected: best-match [DEBUG] RequestAuthCache - Auth cache not set in the context [DEBUG] RequestTargetAuthentication - Target auth state: HANDSHAKE [DEBUG] RequestProxyAuthentication - Proxy auth state: UNCHALLENGED [DEBUG] DefaultHttpClient - Attempt 3 to execute request [DEBUG] DefaultClientConnection - Sending request: GET / HTTP/1.1 [DEBUG] wire - >> "GET / HTTP/1.1 [\r] [\n] " [DEBUG] wire - >> "Host: WIN2008-CAT [\r] [\n] " [DEBUG] wire - >> "Connection: Keep-Alive [\r] [\n] " [DEBUG] wire - >> "User-Agent: Apache-HttpClient/4.2-alpha1 (java 1.5) [\r] [\n] " [DEBUG] wire - >> "Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAADEAMQAWAAAAAYABgAcAQAAEgASACIBAAAWABYANAEAAAAAAABKAQAANQIIIKG3pGkmvtI0sFFa6CS+/yvXTfdr4+0L7pYPHxK1BocwDzJXBXTd4mMBAQAAAAAAAMBXzaEWnswB1033a+PtC+4AAAAAAgAGAFMAVwBHAAEAFgBXAEkATgAyADAAMAA4AC0AQwBBAFQABAAYAFMAVwBHAC4AQwBEAEMALgBSAE8ATwBUAAMAMABXAEkATgAyADAAMAA4AC0AQwBBAFQALgBTAFcARwAuAEMARABDAC4AUgBPAE8AVAAFABAAYwBkAGMALgByAG8AbwB0AAcACADisHx6Fp7MAQAAAABTAFcARwBJAEIAZQBhAHUAbQBvAG4AdABJAEEATgAtAEwAQQBQAFQATwBQADIA [\r] [\n] " [DEBUG] wire - >> " [\r] [\n] " [DEBUG] headers - >> GET / HTTP/1.1 [DEBUG] headers - >> Host: WIN2008-CAT [DEBUG] headers - >> Connection: Keep-Alive [DEBUG] headers - >> User-Agent: Apache-HttpClient/4.2-alpha1 (java 1.5) [DEBUG] headers - >> Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAADEAMQAWAAAAAYABgAcAQAAEgASACIBAAAWABYANAEAAAAAAABKAQAANQIIIKG3pGkmvtI0sFFa6CS+/yvXTfdr4+0L7pYPHxK1BocwDzJXBXTd4mMBAQAAAAAAAMBXzaEWnswB1033a+PtC+4AAAAAAgAGAFMAVwBHAAEAFgBXAEkATgAyADAAMAA4AC0AQwBBAFQABAAYAFMAVwBHAC4AQwBEAEMALgBSAE8ATwBUAAMAMABXAEkATgAyADAAMAA4AC0AQwBBAFQALgBTAFcARwAuAEMARABDAC4AUgBPAE8AVAAFABAAYwBkAGMALgByAG8AbwB0AAcACADisHx6Fp7MAQAAAABTAFcARwBJAEIAZQBhAHUAbQBvAG4AdABJAEEATgAtAEwAQQBQAFQATwBQADIA [DEBUG] wire - << "HTTP/1.1 200 OK [\r] [\n] " [DEBUG] wire - << "Content-Type: text/html [\r] [\n] " [DEBUG] wire - << "Last-Modified: Thu, 17 Feb 2011 16:49:40 GMT [\r] [\n] " [DEBUG] wire - << "Accept-Ranges: bytes [\r] [\n] " [DEBUG] wire - << "ETag: "d9919dabc2cecb1:0" [\r] [\n] " [DEBUG] wire - << "Server: Microsoft-IIS/7.0 [\r] [\n] " [DEBUG] wire - << "X-Powered-By: ASP.NET [\r] [\n] " [DEBUG] wire - << "Date: Tue, 08 Nov 2011 13:01:06 GMT [\r] [\n] " [DEBUG] wire - << "Content-Length: 689 [\r] [\n] " [DEBUG] wire - << " [\r] [\n] " [DEBUG] DefaultClientConnection - Receiving response: HTTP/1.1 200 OK [DEBUG] headers - << HTTP/1.1 200 OK [DEBUG] headers - << Content-Type: text/html [DEBUG] headers - << Last-Modified: Thu, 17 Feb 2011 16:49:40 GMT [DEBUG] headers - << Accept-Ranges: bytes [DEBUG] headers - << ETag: "d9919dabc2cecb1:0" [DEBUG] headers - << Server: Microsoft-IIS/7.0 [DEBUG] headers - << X-Powered-By: ASP.NET [DEBUG] headers - << Date: Tue, 08 Nov 2011 13:01:06 GMT [DEBUG] headers - << Content-Length: 689 [DEBUG] DefaultHttpClient - Connection can be kept alive indefinitely [DEBUG] wire - << "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> [\r] [\n] " [DEBUG] wire - << "<html xmlns="http://www.w3.org/1999/xhtml"> [\r] [\n] " [DEBUG] wire - << "<head> [\r] [\n] " [DEBUG] wire - << "<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> [\r] [\n] " [DEBUG] wire - << "<title>IIS7</title> [\r] [\n] " [DEBUG] wire - << "<style type="text/css"> [\r] [\n] " [DEBUG] wire - << "<!-- [\r] [\n] " [DEBUG] wire - << "body {[\r][\n]" [DEBUG] wire - << "[0x9]color:#000000;[\r][\n]" [DEBUG] wire - << "[0x9]background-color:#B3B3B3;[\r][\n]" [DEBUG] wire - << "[0x9]margin:0;[\r][\n]" [DEBUG] wire - << "} [\r] [\n] " [DEBUG] wire - << " [\r] [\n] " [DEBUG] wire - << "#container {[\r][\n]" [DEBUG] wire - << "[0x9]margin-left:auto;[\r][\n]" [DEBUG] wire - << "[0x9]margin-right:auto;[\r][\n]" [DEBUG] wire - << "[0x9]text-align:center;[\r][\n]" [DEBUG] wire - << "[0x9]} [\r] [\n] " [DEBUG] wire - << " [\r] [\n] " [DEBUG] wire - << "a img {[\r][\n]" [DEBUG] wire - << "[0x9]border:none;[\r][\n]" [DEBUG] wire - << "} [\r] [\n] " [DEBUG] wire - << " [\r] [\n] " [DEBUG] wire - << "--> [\r] [\n] " [DEBUG] wire - << "</style> [\r] [\n] " [DEBUG] wire - << "</head> [\r] [\n] " [DEBUG] wire - << "<body> [\r] [\n] " [DEBUG] wire - << "<div id="container"> [\r] [\n] " [DEBUG] wire - << "<a href="http://go.microsoft.com/fwlink/?linkid=66138&clcid=0x409"><img src="welcome.png" alt="IIS7" width="571" height="411" /></a> [\r] [\n] " content:<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> [DEBUG] wire - << "</div> [\r] [\n] " <html xmlns="http://www.w3.org/1999/xhtml"> [DEBUG] wire - << "</body> [\r] [\n] " <head> [DEBUG] wire - << "</html>" <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>IIS7</title> <style type="text/css"> <!-- body { color:#000000; background-color:#B3B3B3; margin:0; } [DEBUG] PoolingClientConnectionManager - Connection [id: 0] [route: {}->http://WIN2008-CAT] [state: XXX/YYYYYYYYYY] can be kept alive indefinitely #container { margin-left:auto; margin-right:auto; text-align:center; } a img { border:none; } [DEBUG] PoolingClientConnectionManager - Connection released: [id: 0] [route: {}->http://WIN2008-CAT] [state: XXX/YYYYYYYYYY] [total kept alive: 1; route allocated: 1 of 2; total allocated: 1 of 20] --> </style> </head> <body> <div id="container"> <a href="http://go.microsoft.com/fwlink/?linkid=66138&clcid=0x409"><img src="welcome.png" alt="IIS7" width="571" height="411" /></a> </div> </body> </html>
          Hide
          Oleg Kalnichevski added a comment -

          @ Ian

          Great! Thank you so much! I just wanted to be sure the log contained enough details about the authentication process, which seems to be the case.


          [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using Negotiate scheme
          [DEBUG] NegotiateScheme - init WIN2008-CAT
          [WARN] RequestTargetAuthentication - NEGOTIATE authentication error: Invalid name provided (Mechanism level: Could not load configuration file C:\WINDOWS\krb5.ini (The system cannot find the file specified))
          [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using ntlm scheme

          Oleg

          Show
          Oleg Kalnichevski added a comment - @ Ian Great! Thank you so much! I just wanted to be sure the log contained enough details about the authentication process, which seems to be the case. — [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using Negotiate scheme [DEBUG] NegotiateScheme - init WIN2008-CAT [WARN] RequestTargetAuthentication - NEGOTIATE authentication error: Invalid name provided (Mechanism level: Could not load configuration file C:\WINDOWS\krb5.ini (The system cannot find the file specified)) [DEBUG] RequestTargetAuthentication - Generating response to an authentication challenge using ntlm scheme — Oleg
          Hide
          Ian Beaumont added a comment -

          It seems I was bit hasty in saying it worked ok. I've just tried it in a different scenario and it goes into an endless loop of retrying authentication.

          This seems related to doing a POST rather than a GET.

          Show
          Ian Beaumont added a comment - It seems I was bit hasty in saying it worked ok. I've just tried it in a different scenario and it goes into an endless loop of retrying authentication. This seems related to doing a POST rather than a GET.
          Hide
          Ian Beaumont added a comment - - edited

          See attachments :
          post_endless_authentication_loop.txt
          working_get_request.txt

          for the debug log of it getting stuck in a loop of constant authenticating with a POST, and also a similar log of it working ok when I make a GET request.

          Show
          Ian Beaumont added a comment - - edited See attachments : post_endless_authentication_loop.txt working_get_request.txt for the debug log of it getting stuck in a loop of constant authenticating with a POST, and also a similar log of it working ok when I make a GET request.
          Hide
          Oleg Kalnichevski added a comment -

          Ian, are you using 4.2-alpha1 or the latest SVN trunk snapshot? There was a critical bug fix since 4.2-alpha1 (HTTPCLIENT-1142) which resolved similar infinite loop problem?

          Oleg

          Show
          Oleg Kalnichevski added a comment - Ian, are you using 4.2-alpha1 or the latest SVN trunk snapshot? There was a critical bug fix since 4.2-alpha1 ( HTTPCLIENT-1142 ) which resolved similar infinite loop problem? Oleg
          Hide
          Ian Beaumont added a comment -

          4.2-alpha1 - I'll get the latest snapshot and try that

          Show
          Ian Beaumont added a comment - 4.2-alpha1 - I'll get the latest snapshot and try that
          Hide
          Ian Beaumont added a comment -

          Sorry for the dumb question...is there a latest build of the trunk available (are daily builds available?) or do I need to check it out and build it myself?

          Show
          Ian Beaumont added a comment - Sorry for the dumb question...is there a latest build of the trunk available (are daily builds available?) or do I need to check it out and build it myself?
          Hide
          Oleg Kalnichevski added a comment -

          I just pushed the latest snapshot to the official snapshot repository. This should save you a trouble of having to compile it by yourself.

          https://repository.apache.org/content/repositories/snapshots/org/apache/httpcomponents/httpclient/4.2-alpha2-SNAPSHOT/

          Oleg

          Show
          Oleg Kalnichevski added a comment - I just pushed the latest snapshot to the official snapshot repository. This should save you a trouble of having to compile it by yourself. https://repository.apache.org/content/repositories/snapshots/org/apache/httpcomponents/httpclient/4.2-alpha2-SNAPSHOT/ Oleg
          Hide
          Ian Beaumont added a comment -

          Thanks, all working well with the latest snapshot.

          Show
          Ian Beaumont added a comment - Thanks, all working well with the latest snapshot.

            People

            • Assignee:
              Oleg Kalnichevski
              Reporter:
              Ian Beaumont
            • Votes:
              4 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development