Details
-
Bug
-
Status: Closed
-
Minor
-
Resolution: Fixed
-
4.2.3
-
using httpclient to connect to a Windows Server 2008 R2 standard host running IIS 7.5
Description
The default AuthScheme cannot authenticate local users if the host is included in a domain. Authetication with domain users or local users if the host is in a workgroup works fine.
If using ntlm or digest authentication:
- Authentication with a domain user works fine
- Authentication with a local user if the host is in a workgroup works fine
- Authentication with a local user (e.g. Administrator) if the host is in a domain returns 401 - Unauthorized. (Note: this works with JCIFS implementation)
To reproduce:
//using local user returns "401 - Unauthorized" if the host is part of a domain
NTCredentials creds = new NTCredentials("Administrator", "password", "myworkstation", "HOSTNAME");
//domain user works fine:
//NTCredentials creds = new NTCredentials("USERNAME", "password", "myworkstation", "DOMAIN");
DefaultHttpClient httpclient = new DefaultHttpClient();
httpclient.getCredentialsProvider().setCredentials(AuthScope.ANY, creds);
HttpHost target = new HttpHost("xx.xx.xx.xx", 81, "http");
HttpContext localContext = new BasicHttpContext();
HttpGet httpget = new HttpGet("/Orchestrator2012/Orchestrator.svc/Jobs");
List<String> authpref = new ArrayList<String>();
authpref.add(AuthPolicy.NTLM);
httpclient.getParams().setParameter(AuthPNames.TARGET_AUTH_PREF, authpref);
HttpResponse response1 = httpclient.execute(target, httpget, localContext);
HttpEntity entity1 = response1.getEntity();
The code works if I use jcifs-1.3.17 to create an NTLMEngine like in the example: http://hc.apache.org/httpcomponents-client-ga/ntlm.html