HttpComponents HttpClient
  1. HttpComponents HttpClient
  2. HTTPCLIENT-1315

NTLM or digest authentication using a local user on a domain host doesn't work

    Details

      Description

      The default AuthScheme cannot authenticate local users if the host is included in a domain. Authetication with domain users or local users if the host is in a workgroup works fine.

      If using ntlm or digest authentication:

      • Authentication with a domain user works fine
      • Authentication with a local user if the host is in a workgroup works fine
      • Authentication with a local user (e.g. Administrator) if the host is in a domain returns 401 - Unauthorized. (Note: this works with JCIFS implementation)

      To reproduce:

      //using local user returns "401 - Unauthorized" if the host is part of a domain
      NTCredentials creds = new NTCredentials("Administrator", "password", "myworkstation", "HOSTNAME");
      //domain user works fine:
      //NTCredentials creds = new NTCredentials("USERNAME", "password", "myworkstation", "DOMAIN");

      DefaultHttpClient httpclient = new DefaultHttpClient();
      httpclient.getCredentialsProvider().setCredentials(AuthScope.ANY, creds);
      HttpHost target = new HttpHost("xx.xx.xx.xx", 81, "http");
      HttpContext localContext = new BasicHttpContext();
      HttpGet httpget = new HttpGet("/Orchestrator2012/Orchestrator.svc/Jobs");
      List<String> authpref = new ArrayList<String>();
      authpref.add(AuthPolicy.NTLM);
      httpclient.getParams().setParameter(AuthPNames.TARGET_AUTH_PREF, authpref);
      HttpResponse response1 = httpclient.execute(target, httpget, localContext);
      HttpEntity entity1 = response1.getEntity();

      The code works if I use jcifs-1.3.17 to create an NTLMEngine like in the example: http://hc.apache.org/httpcomponents-client-ga/ntlm.html

      1. zero_lm.patch
        0.8 kB
        Karl Wright
      2. disable_flags.patch
        0.8 kB
        Karl Wright
      3. browser login with local user.txt
        4 kB
        Mihai David
      4. httpclient login with local user.txt
        18 kB
        Mihai David
      5. digestlog.txt
        14 kB
        Mihai David

        Activity

        Mihai David created issue -
        Mihai David made changes -
        Field Original Value New Value
        Attachment digestlog.txt [ 12567595 ]
        Mihai David made changes -
        Comment [ Backslash has special meaning in a string literal so it needs to be escaped. I also tried "A.B.com" and it doesn't work. The login credentials work in the browser (i.e. Chrome) ]
        Mihai David made changes -
        Attachment browser login with local user.txt [ 12567628 ]
        Attachment httpclient login with local user.txt [ 12567629 ]
        Mihai David made changes -
        Attachment browser login with local user.txt [ 12567628 ]
        Mihai David made changes -
        Attachment browser login with local user.txt [ 12567630 ]
        Karl Wright made changes -
        Assignee Karl Wright [ kwright@metacarta.com ]
        Mihai David made changes -
        Attachment browser login with local user.txt [ 12567630 ]
        Mihai David made changes -
        Attachment browser login with local user.txt [ 12567631 ]
        Mihai David made changes -
        Attachment httpclient login with local user.txt [ 12567629 ]
        Mihai David made changes -
        Attachment httpclient login with local user.txt [ 12567632 ]
        Mihai David made changes -
        Attachment browser login with local user.txt [ 12567631 ]
        Mihai David made changes -
        Attachment browser login with local user.txt [ 12567633 ]
        Karl Wright made changes -
        Attachment disable_flags.patch [ 12567786 ]
        Karl Wright made changes -
        Attachment zero_lm.patch [ 12567816 ]
        Karl Wright made changes -
        Resolution Fixed [ 1 ]
        Status Open [ 1 ] Resolved [ 5 ]
        Fix Version/s 4.2.4 [ 12323961 ]
        Fix Version/s 4.3 Alpha2 [ 12323951 ]
        Oleg Kalnichevski made changes -
        Status Resolved [ 5 ] Closed [ 6 ]

          People

          • Assignee:
            Karl Wright
            Reporter:
            Mihai David
          • Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development