Uploaded image for project: 'HttpComponents HttpClient'
  1. HttpComponents HttpClient
  2. HTTPCLIENT-2170

NTLM Authentication not working when sending multiple request concurrently

    XMLWordPrintableJSON

Details

    Description

      We migrated our apache version from 4.5.x to 5.0.4 and we have encountered an authentication error using NTLM. 

      We are making multiple requests in different threads to a NTLM secured server concurrently such as: 

      private fun test_Standalone() {    val username = "username"    val password = "password"    val serverName = "localhost"
          val requestUrls = arrayOf(        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/0/0/0",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/63/0/0",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/16/26166/11433",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/15/13083/5716",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/1/0/0",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/16/26166/11432",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/14/6541/2858",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/15/13082/5716",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/15/13083/5715",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/16/26166/11431",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/15/13082/5715",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/14/6541/2857",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/16/26165/11434",        "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/15/13082/5717"    )
          for(url in requestUrls) {        makeRequestAsync(url, username, password)    }}
      

      Some of the data request succeed but others fail with a 401 Unauthorized.

      **the output looks something like this:

       

      <------[Thread-7] 401 :401 Unauthorized HTTP/1.1
      <------[Thread-1] 401 :401 Unauthorized HTTP/1.1
      <------[Thread-4] 401 :401 Unauthorized HTTP/1.1
      <------[Thread-6] 401 :401 Unauthorized HTTP/1.1
      <------[Thread-3] 401 :401 Unauthorized HTTP/1.1
      <------[Thread-10] 401 :401 Unauthorized HTTP/1.1
      <------[Thread-2] 401 :401 Unauthorized HTTP/1.1
      <------[Thread-9] 401 :401 Unauthorized HTTP/1.1
      <------[Thread-13] 401 :401 Unauthorized HTTP/1.1
      <------[Thread-12] 401 :401 Unauthorized HTTP/1.1
      <------[Thread-0] 401 :401 Unauthorized HTTP/1.1
      <------[Thread-11] 401 :401 Unauthorized HTTP/1.1
      <------[Thread-5] 401 :401 Unauthorized HTTP/1.1
      <------[Thread-8] 200 :200 OK HTTP/1.1
      

       

      Looking at the logs, it seems that the NTLM handshake fails for some request 

      **We found that by synchronizing the method ProtocolExec.execute(), all the NTLM authentication requests succeed and we are able to fetch the data successfully. 

       

      Attached is the repro java project that we are using. 

      The project only needs an NTLM server and credentials to run. 

       

      We tested version 5.1 and it was also reproducible. 

       

      Attachments

        1. NTLM_logs.txt
          227 kB
          Erick
        2. NTLMTestSample.zip
          307 kB
          Erick

        Activity

          People

            Unassigned Unassigned
            Erick_001 Erick
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: