[HTTPCLIENT-1488] Built-in NTLM engine fails to authenticate against Squids ntlm_fake_auth, JCIFS doesn't - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Won't Fix
Affects Version/s: 4.3.3
Fix Version/s: None
Component/s: HttpClient (classic)
Labels:
None
Environment:
Squid 4.3.3
JCIFS 1.3.17

Description

I used the provided ClientProxyAuthentication example <https://hc.apache.org/httpcomponents-client-4.2.x/httpclient/examples/org/apache/http/examples/client/ClientProxyAuthentication.java> to authenticate with NTML against a local Squid instance, using its ntlm_fake_auth helper (only does the handshake, all credentials are considered valid).

Unfortunately, this fails with the NTLM engine built into version 4.3.3 (also tested with 4.2.1: same result). Following the guidance of <http://hc.apache.org/httpcomponents-client-ga/ntlm.html>, I got it working with JCIFS. Is Squid not implementing NTLM as expected by HttpComponents?

I added two Wireshark captures to show the differences in handshake behaviour between the built-in and JCIFS engines. Hope that helps.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

builtin.pcap.gz
21/Mar/14 10:55
2 kB
Andreas Sewe
jcfis.pcap.gz
21/Mar/14 10:55
3 kB
Andreas Sewe
builtin.txt
21/Mar/14 12:17
45 kB
Andreas Sewe
jcifs.txt
21/Mar/14 12:17
39 kB
Andreas Sewe

Activity

People

Assignee:: Unassigned

Reporter:: Andreas Sewe

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 21/Mar/14 10:54

Updated:: 04/May/17 09:49

Resolved:: 21/Mar/14 12:58