[HTTPCLIENT-2170] NTLM Authentication not working when sending multiple request concurrently - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 5.0.4, 5.1
Fix Version/s: 5.1.1, 5.2-alpha1
Component/s: HttpClient (classic)
Labels:
- 5.04
- 5.1
- NTLM
- http-client
Environment:
Java 1.8 and Android

Flags:

Important
Language:
- java
- kotlin

Description

We migrated our apache version from 4.5.x to 5.0.4 and we have encountered an authentication error using NTLM.

We are making multiple requests in different threads to a NTLM secured server concurrently such as:

private fun test_Standalone() {    val username = "username"    val password = "password"    val serverName = "localhost"
    val requestUrls = arrayOf(        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/0/0/0",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/63/0/0",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/16/26166/11433",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/15/13083/5716",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/1/0/0",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/16/26166/11432",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/14/6541/2858",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/15/13082/5716",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/15/13083/5715",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/16/26166/11431",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/15/13082/5715",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/14/6541/2857",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/16/26165/11434",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/15/13082/5717"    )
    for(url in requestUrls) {        makeRequestAsync(url, username, password)    }}

Some of the data request succeed but others fail with a 401 Unauthorized.

**the output looks something like this:

<------[Thread-7] 401 :401 Unauthorized HTTP/1.1
<------[Thread-1] 401 :401 Unauthorized HTTP/1.1
<------[Thread-4] 401 :401 Unauthorized HTTP/1.1
<------[Thread-6] 401 :401 Unauthorized HTTP/1.1
<------[Thread-3] 401 :401 Unauthorized HTTP/1.1
<------[Thread-10] 401 :401 Unauthorized HTTP/1.1
<------[Thread-2] 401 :401 Unauthorized HTTP/1.1
<------[Thread-9] 401 :401 Unauthorized HTTP/1.1
<------[Thread-13] 401 :401 Unauthorized HTTP/1.1
<------[Thread-12] 401 :401 Unauthorized HTTP/1.1
<------[Thread-0] 401 :401 Unauthorized HTTP/1.1
<------[Thread-11] 401 :401 Unauthorized HTTP/1.1
<------[Thread-5] 401 :401 Unauthorized HTTP/1.1
<------[Thread-8] 200 :200 OK HTTP/1.1

Looking at the logs, it seems that the NTLM handshake fails for some request

**We found that by synchronizing the method ProtocolExec.execute(), all the NTLM authentication requests succeed and we are able to fetch the data successfully.

Attached is the repro java project that we are using.

The project only needs an NTLM server and credentials to run.

We tested version 5.1 and it was also reproducible.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

NTLMTestSample.zip
17/Aug/21 00:20
307 kB
Erick
NTLM_logs.txt
18/Aug/21 19:33
227 kB
Erick

Activity

People

Assignee:: Unassigned

Reporter:: Erick

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 17/Aug/21 00:25

Updated:: 19/Aug/21 17:06

Resolved:: 19/Aug/21 17:06