Christopher, What is exactly the problem? The authentication succeeded: HTTP/1.1 200 OK
Session cookie has been sent: ASPSESSIONIDAQQBDABR=LMNNMHNALPPKIBENMNNANHGP NTLM authentication scheme is a stateful one and requires multiple challenges/responses. The first 401 Access Denied response is perfectly OK. For details see: http://davenport.sourceforge.net/ntlm.html WARNING: contains utter insanity ;-) Oleg On Wed, 2004-09-29 at 23:10, Burke, Christopher wrote: > All, > I need help implementing a Commons HttpClient solution to post files to > a web server via an ASP page. This seems somewhat straightforward, but > I am having trouble with the NTLM authentication. > > Code Snippet: > String url = > "https://keystone.ibanksystems.com/carlsontest/siteman.asp?u=Y&d=c:\\im\ > \"; > > NTCredentials creds = new > NTCredentials("user","password","keystone.ibanksystems.com","domain"); > HttpClient client = new HttpClient(); > MultipartPostMethod mpPostMethod = new MultipartPostMethod(url); > > client.getState().setCredentials(null, null, creds); > > File f = new File("C:/secureHttp/anotherLog.log"); > > //mpPostMethod.addParameter("F1",f.getName(),f); > mpPostMethod.addParameter("F1",f); > > int statusCode = client.executeMethod(mpPostMethod); > > System.out.println("Status Line: " + mpPostMethod.getStatusLine()); > System.out.println("Status Code: " + statusCode); > > mpPostMethod.releaseConnection(); > > Debug Output: > 2004/09/29 15:53:44:425 CDT [DEBUG] HttpClient - Java version: 1.4.2_05 > 2004/09/29 15:53:44:425 CDT [DEBUG] HttpClient - Java vendor: Sun > Microsystems I > nc. > 2004/09/29 15:53:44:425 CDT [DEBUG] HttpClient - Java class path: > .;..;C:\j2sdk1 > .4.2_05\bin;C:\apacheCommons\commons-httpclient.jar;C:\apacheCommons\com > mons-log > ging-api.jar;C:\apacheCommons\commons-logging.jar;C:\apacheCommons\commo > ns-codec > -1.3.jar > 2004/09/29 15:53:44:425 CDT [DEBUG] HttpClient - Operating system name: > Windows > XP > 2004/09/29 15:53:44:425 CDT [DEBUG] HttpClient - Operating system > architecture: > x86 > 2004/09/29 15:53:44:425 CDT [DEBUG] HttpClient - Operating system > version: 5.1 > 2004/09/29 15:53:44:565 CDT [DEBUG] HttpClient - SUN 1.42: SUN (DSA > key/paramete > r generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 > certificates; > JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, > Collection Ce > rtStores) > 2004/09/29 15:53:44:565 CDT [DEBUG] HttpClient - SunJSSE 1.42: Sun JSSE > provider > (implements RSA Signatures, PKCS12, SunX509 key/trust factories, SSLv3, > TLSv1) > 2004/09/29 15:53:44:565 CDT [DEBUG] HttpClient - SunRsaSign 1.42: SUN's > provider > for RSA signatures > 2004/09/29 15:53:44:565 CDT [DEBUG] HttpClient - SunJCE 1.42: SunJCE > Provider (i > mplements DES, Triple DES, AES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5, > HMAC-SH > A1) > 2004/09/29 15:53:44:565 CDT [DEBUG] HttpClient - SunJGSS 1.0: Sun > (Kerberos v5) > 2004/09/29 15:53:45:857 CDT [DEBUG] HttpConnection - > HttpConnection.setSoTimeout > (0) > 2004/09/29 15:53:45:857 CDT [DEBUG] HttpMethodBase - Execute loop try 1 > 2004/09/29 15:53:45:857 CDT [DEBUG] header - >> "POST > /carlsontest/siteman.asp?u > =Y&d=c:\im\ HTTP/1.1[\r][\n]" > 2004/09/29 15:53:45:857 CDT [DEBUG] HttpMethodBase - Adding Host request > header > 2004/09/29 15:53:45:867 CDT [DEBUG] header - >> "User-Agent: Jakarta > Commons-Htt > pClient/2.0.1[\r][\n]" > 2004/09/29 15:53:45:867 CDT [DEBUG] header - >> "Host: > keystone.ibanksystems.com > [\r][\n]" > 2004/09/29 15:53:45:867 CDT [DEBUG] header - >> "Content-Length: > 965[\r][\n]" > 2004/09/29 15:53:45:867 CDT [DEBUG] header - >> "Content-Type: > multipart/form-da > ta; boundary=----------------314159265358979323846[\r][\n]" > 2004/09/29 15:53:46:037 CDT [DEBUG] header - >> "[\r][\n]" > 2004/09/29 15:53:46:107 CDT [DEBUG] header - << "HTTP/1.1 401 Access > Denied[\r][ > \n]" > 2004/09/29 15:53:46:107 CDT [DEBUG] header - << "Server: > Microsoft-IIS/5.0[\r][\ > n]" > 2004/09/29 15:53:46:107 CDT [DEBUG] header - << "Date: Wed, 29 Sep 2004 > 20:53:50 > GMT[\r][\n]" > 2004/09/29 15:53:46:107 CDT [DEBUG] header - << "WWW-Authenticate: > Negotiate[\r] > [\n]" > 2004/09/29 15:53:46:107 CDT [DEBUG] header - << "WWW-Authenticate: > NTLM[\r][\n]" > > 2004/09/29 15:53:46:107 CDT [DEBUG] header - << "Connection: > close[\r][\n]" > 2004/09/29 15:53:46:107 CDT [DEBUG] header - << "Content-Length: > 4431[\r][\n]" > 2004/09/29 15:53:46:107 CDT [DEBUG] header - << "Content-Type: > text/html[\r][\n] > " > 2004/09/29 15:53:46:107 CDT [DEBUG] HttpMethodBase - Authorization > required > 2004/09/29 15:53:46:117 CDT [DEBUG] HttpAuthenticator - Authenticating > with the > default authentication realm at keystone.ibanksystems.com > 2004/09/29 15:53:46:117 CDT [DEBUG] HttpMethodBase - > HttpMethodBase.execute(): S > erver demanded authentication credentials, will try again. > 2004/09/29 15:53:46:127 CDT [DEBUG] HttpMethodBase - Should close > connection in > response to Connection: close > > 2004/09/29 15:53:46:127 CDT [DEBUG] HttpMethodBase - Execute loop try 2 > 2004/09/29 15:53:46:127 CDT [DEBUG] HttpMethodBase - Opening the > connection. > 2004/09/29 15:53:46:167 CDT [DEBUG] header - >> "POST > /carlsontest/siteman.asp?u > =Y&d=c:\im\ HTTP/1.1[\r][\n]" > 2004/09/29 15:53:46:167 CDT [DEBUG] HttpMethodBase - Request to add Host > header > ignored: header already added > 2004/09/29 15:53:46:167 CDT [DEBUG] header - >> "User-Agent: Jakarta > Commons-Htt > pClient/2.0.1[\r][\n]" > 2004/09/29 15:53:46:167 CDT [DEBUG] header - >> "Host: > keystone.ibanksystems.com > [\r][\n]" > 2004/09/29 15:53:46:167 CDT [DEBUG] header - >> "Content-Length: > 965[\r][\n]" > 2004/09/29 15:53:46:167 CDT [DEBUG] header - >> "Authorization: NTLM > TlRMTVNTUAA > BAAAABlIAAAwADAA5AAAAGQAZACAAAABLRVlTVE9ORS5JQkFOS1NZU1RFTVMuQ09NSUJBTkt > TWVNURU1 > T[\r][\n]" > 2004/09/29 15:53:46:167 CDT [DEBUG] header - >> "Content-Type: > multipart/form-da > ta; boundary=----------------314159265358979323846[\r][\n]" > 2004/09/29 15:53:46:217 CDT [DEBUG] header - >> "[\r][\n]" > 2004/09/29 15:53:46:328 CDT [DEBUG] header - << "HTTP/1.1 401 Access > Denied[\r][ > \n]" > 2004/09/29 15:53:46:328 CDT [DEBUG] header - << "Server: > Microsoft-IIS/5.0[\r][\ > n]" > 2004/09/29 15:53:46:328 CDT [DEBUG] header - << "Date: Wed, 29 Sep 2004 > 20:53:50 > GMT[\r][\n]" > 2004/09/29 15:53:46:328 CDT [DEBUG] header - << "WWW-Authenticate: NTLM > TlRMTVNT > UAACAAAAAwADADAAAAAGAoEAi30aMw030nIAAAAAAAAAADoAOgAzAAAAQVRTAgAGAEEAVABT > AAEAEgBJ > AEIAQQBOAEsAVwBFAEIAMQADABIAaQBiAGEAbgBrAHcAZQBiADEAAAAAAA==[\r][\n]" > 2004/09/29 15:53:46:328 CDT [DEBUG] header - << "Content-Length: > 4033[\r][\n]" > 2004/09/29 15:53:46:328 CDT [DEBUG] header - << "Content-Type: > text/html[\r][\n] > " > 2004/09/29 15:53:46:328 CDT [DEBUG] HttpMethodBase - Authorization > required > 2004/09/29 15:53:46:328 CDT [DEBUG] HttpAuthenticator - Authenticating > with the > default authentication realm at keystone.ibanksystems.com > 2004/09/29 15:53:46:628 CDT [DEBUG] HttpMethodBase - > HttpMethodBase.execute(): S > erver demanded authentication credentials, will try again. > 2004/09/29 15:53:46:628 CDT [DEBUG] HttpMethodBase - Resorting to > protocol versi > on default close connection policy > 2004/09/29 15:53:46:628 CDT [DEBUG] HttpMethodBase - Should NOT close > connection > , using HTTP/1.1. > 2004/09/29 15:53:46:628 CDT [DEBUG] HttpMethodBase - Execute loop try 3 > 2004/09/29 15:53:46:628 CDT [DEBUG] header - >> "POST > /carlsontest/siteman.asp?u > =Y&d=c:\im\ HTTP/1.1[\r][\n]" > 2004/09/29 15:53:46:638 CDT [DEBUG] HttpMethodBase - Request to add Host > header > ignored: header already added > 2004/09/29 15:53:46:638 CDT [DEBUG] header - >> "User-Agent: Jakarta > Commons-Htt > pClient/2.0.1[\r][\n]" > 2004/09/29 15:53:46:638 CDT [DEBUG] header - >> "Host: > keystone.ibanksystems.com > [\r][\n]" > 2004/09/29 15:53:46:638 CDT [DEBUG] header - >> "Content-Length: > 965[\r][\n]" > 2004/09/29 15:53:46:638 CDT [DEBUG] header - >> "Authorization: NTLM > TlRMTVNTUAA > DAAAAGAAYAHAAAAAAAAAAiAAAAAwADABAAAAACwALAEwAAAAZABkAVwAAAAAAAACIAAAABlI > AAElCQU5 > LU1lTVEVNU0pXSUxMSUFNU09OS0VZU1RPTkUuSUJBTktTWVNURU1TLkNPTdQW3Tg5H/LspBn > 2RSOZkzf > ILnVSU4p+Ow==[\r][\n]" > 2004/09/29 15:53:46:638 CDT [DEBUG] header - >> "Content-Type: > multipart/form-da > ta; boundary=----------------314159265358979323846[\r][\n]" > 2004/09/29 15:53:46:648 CDT [DEBUG] header - >> "[\r][\n]" > 2004/09/29 15:53:46:698 CDT [DEBUG] header - << "HTTP/1.1 100 > Continue[\r][\n]" > 2004/09/29 15:53:46:698 CDT [DEBUG] header - << "Server: > Microsoft-IIS/5.0[\r][\ > n]" > 2004/09/29 15:53:46:698 CDT [DEBUG] header - << "Date: Wed, 29 Sep 2004 > 20:53:50 > GMT[\r][\n]" > 2004/09/29 15:53:46:698 CDT [DEBUG] header - << "IISExport: This web > site was ex > ported using IIS Export v3.0[\r][\n]" > 2004/09/29 15:53:46:698 CDT [INFO] HttpMethodBase - Discarding > unexpected respon > se: HTTP/1.1 100 Continue > 2004/09/29 15:53:46:708 CDT [DEBUG] header - << "HTTP/1.1 200 > OK[\r][\n]" > 2004/09/29 15:53:46:708 CDT [DEBUG] header - << "Server: > Microsoft-IIS/5.0[\r][\ > n]" > 2004/09/29 15:53:46:708 CDT [DEBUG] header - << "Date: Wed, 29 Sep 2004 > 20:53:50 > GMT[\r][\n]" > 2004/09/29 15:53:46:708 CDT [DEBUG] header - << "IISExport: This web > site was ex > ported using IIS Export v3.0[\r][\n]" > 2004/09/29 15:53:46:708 CDT [DEBUG] header - << "Content-Length: > 2873[\r][\n]" > 2004/09/29 15:53:46:708 CDT [DEBUG] header - << "Content-Type: > text/html[\r][\n] > " > 2004/09/29 15:53:46:708 CDT [DEBUG] header - << "Set-Cookie: > ASPSESSIONIDAQQBDAB > R=LMNNMHNALPPKIBENMNNANHGP; path=/[\r][\n]" > 2004/09/29 15:53:46:708 CDT [DEBUG] header - << "Cache-control: > private[\r][\n]" > > 2004/09/29 15:53:46:738 CDT [DEBUG] HttpMethodBase - Cookie accepted: > "$Version= > 0; ASPSESSIONIDAQQBDABR=LMNNMHNALPPKIBENMNNANHGP; $Path=/" > Status Line: HTTP/1.1 200 OK > Status Code: 200 > Press any key to continue . . . > > Any help/advice would be greatly appreciated. > > Best regards, > > Chris > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]