[jira] Updated: (HTTPCLIENT-882) Auth state is not correctly maintained if a successful NTLM authentication results in a redirect

Oleg Kalnichevski (JIRA) Thu, 22 Oct 2009 11:15:34 -0700

     [ 
https://issues.apache.org/jira/browse/HTTPCLIENT-882?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Oleg Kalnichevski updated HTTPCLIENT-882:
-----------------------------------------

    Priority: Minor  (was: Major)

In fact HttpClient manages to recover automatically, so the problem is rather 
minor:  
----------------------------
DEBUG [org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager] 
ThreadSafeClientConnManager.getConnection: 
HttpRoute[{}->http://somehost.yyyyyy.local], timeout = 0
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Total connections kept 
alive: 0
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Total issued 
connections: 0
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Total allocated 
connection: 0 out of 20
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] No free connections 
[HttpRoute[{}->http://somehost.yyyyyy.local]][null]
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Available capacity: 2 
out of 2 [HttpRoute[{}->http://somehost.yyyyyy.local]][null]
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Creating new connection 
[HttpRoute[{}->http://somehost.yyyyyy.local]]
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.tcp.nodelay': true
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.socket.timeout': 
10000
DEBUG [org.apache.http.impl.client.ClientParamsStack] 
'http.socket.buffer-size': 8192
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.protocol.version': 
HTTP/1.1
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.useragent': 
Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: 
best-match
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Attempt 1 to execute 
request
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Sending request: GET 
/exchange/[email protected] HTTP/1.1
DEBUG [org.apache.http.headers] >> GET /exchange/[email protected] HTTP/1.1
DEBUG [org.apache.http.headers] >> Host: somehost.yyyyyy.local
DEBUG [org.apache.http.headers] >> Connection: Keep-Alive
DEBUG [org.apache.http.headers] >> User-Agent: Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Receiving response: 
HTTP/1.1 401 Unauthorized
DEBUG [org.apache.http.headers] << HTTP/1.1 401 Unauthorized
DEBUG [org.apache.http.headers] << Content-Length: 1656
DEBUG [org.apache.http.headers] << Content-Type: text/html
DEBUG [org.apache.http.headers] << Server: Microsoft-IIS/6.0
DEBUG [org.apache.http.headers] << WWW-Authenticate: Negotiate
DEBUG [org.apache.http.headers] << WWW-Authenticate: NTLM
DEBUG [org.apache.http.headers] << X-Powered-By: ASP.NET
DEBUG [org.apache.http.headers] << Date: Wed, 21 Oct 2009 18:33:00 GMT
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Connection can be 
kept alive indefinitely
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Target requested 
authentication
DEBUG [org.apache.http.impl.client.DefaultTargetAuthenticationHandler] 
Authentication schemes in the order of preference: [ntlm, digest, basic]
DEBUG [org.apache.http.impl.client.DefaultTargetAuthenticationHandler] ntlm 
authentication scheme selected
 WARN [org.apache.http.impl.client.DefaultTargetAuthenticationHandler] 
Authentication scheme ntlm not supported
DEBUG [org.apache.http.impl.client.DefaultTargetAuthenticationHandler] 
Challenge for digest authentication scheme not available
DEBUG [org.apache.http.impl.client.DefaultTargetAuthenticationHandler] 
Challenge for basic authentication scheme not available
 WARN [org.apache.http.impl.client.DefaultRequestDirector] Authentication 
error: Unable to respond to any of these challenges: {ntlm=WWW-Authenticate: 
NTLM, negotiate=WWW-Authenticate: Negotiate}
DEBUG [org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager] Released 
connection is reusable.
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Releasing connection 
[HttpRoute[{}->http://somehost.yyyyyy.local]][null]
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Pooling connection 
[HttpRoute[{}->http://somehost.yyyyyy.local]][null]; keep alive for -1 
MILLISECONDS
DEBUG [org.apache.http.impl.conn.IdleConnectionHandler] Adding connection at: 
1256149979224
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Notifying no-one, there 
are no waiting threads
DEBUG [org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager] 
ThreadSafeClientConnManager.getConnection: 
HttpRoute[{}->http://somehost.yyyyyy.local], timeout = 0
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Total connections kept 
alive: 1
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Total issued 
connections: 0
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Total allocated 
connection: 1 out of 20
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Getting free connection 
[HttpRoute[{}->http://somehost.yyyyyy.local]][null]
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Stale connection 
check
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.protocol.version': 
HTTP/1.1
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.useragent': 
Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: 
best-match
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Attempt 1 to execute 
request
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Sending request: GET 
/exchange/[email protected] HTTP/1.1
DEBUG [org.apache.http.headers] >> GET /exchange/[email protected] HTTP/1.1
DEBUG [org.apache.http.headers] >> Host: somehost.yyyyyy.local
DEBUG [org.apache.http.headers] >> Connection: Keep-Alive
DEBUG [org.apache.http.headers] >> User-Agent: Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Receiving response: 
HTTP/1.1 401 Unauthorized
DEBUG [org.apache.http.headers] << HTTP/1.1 401 Unauthorized
DEBUG [org.apache.http.headers] << Content-Length: 1656
DEBUG [org.apache.http.headers] << Content-Type: text/html
DEBUG [org.apache.http.headers] << Server: Microsoft-IIS/6.0
DEBUG [org.apache.http.headers] << WWW-Authenticate: Negotiate
DEBUG [org.apache.http.headers] << WWW-Authenticate: NTLM
DEBUG [org.apache.http.headers] << X-Powered-By: ASP.NET
DEBUG [org.apache.http.headers] << Date: Wed, 21 Oct 2009 18:33:00 GMT
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Connection can be 
kept alive indefinitely
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Target requested 
authentication
DEBUG [org.apache.http.impl.client.DefaultTargetAuthenticationHandler] 
Authentication schemes in the order of preference: [ntlm, digest, basic]
DEBUG [org.apache.http.impl.client.DefaultTargetAuthenticationHandler] ntlm 
authentication scheme selected
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Authorization 
challenge processed
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Authentication 
scope: NTLM <any realm>@somehost.yyyyyy.local:80
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Found credentials
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.useragent': 
Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: 
best-match
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Attempt 2 to execute 
request
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Sending request: GET 
/exchange/[email protected] HTTP/1.1
DEBUG [org.apache.http.headers] >> GET /exchange/[email protected] HTTP/1.1
DEBUG [org.apache.http.headers] >> Host: somehost.yyyyyy.local
DEBUG [org.apache.http.headers] >> Connection: Keep-Alive
DEBUG [org.apache.http.headers] >> User-Agent: Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.headers] >> Authorization: NTLM 
TlRMTVNTUAABAAAAATIAABMAEwAgAAAAIwAjADMAAABTTUFMTEJVU0lORVNTLkxPQ0FMVkFMRU5QTy1GMjE4RTY0LlNNQUxMQlVTSU5FU1MuTE9DQUw=
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Receiving response: 
HTTP/1.1 401 Unauthorized
DEBUG [org.apache.http.headers] << HTTP/1.1 401 Unauthorized
DEBUG [org.apache.http.headers] << Content-Length: 1539
DEBUG [org.apache.http.headers] << Content-Type: text/html
DEBUG [org.apache.http.headers] << Server: Microsoft-IIS/6.0
DEBUG [org.apache.http.headers] << WWW-Authenticate: NTLM 
TlRMTVNTUAACAAAAAAAAADgAAAABAgACmc27i263OXEAAAAAAAAAAAAAAAA4AAAABQLODgAAAA8=
DEBUG [org.apache.http.headers] << X-Powered-By: ASP.NET
DEBUG [org.apache.http.headers] << Date: Wed, 21 Oct 2009 18:33:00 GMT
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Connection can be 
kept alive indefinitely
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Target requested 
authentication
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Authorization 
challenge processed
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Authentication 
scope: NTLM <any realm>@somehost.yyyyyy.local:80
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.useragent': 
Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: 
best-match
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Attempt 3 to execute 
request
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Sending request: GET 
/exchange/[email protected] HTTP/1.1
DEBUG [org.apache.http.headers] >> GET /exchange/[email protected] HTTP/1.1
DEBUG [org.apache.http.headers] >> Host: somehost.yyyyyy.local
DEBUG [org.apache.http.headers] >> Connection: Keep-Alive
DEBUG [org.apache.http.headers] >> User-Agent: Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.headers] >> Authorization: NTLM 
TlRMTVNTUAADAAAAGAAYAEAAAAAwADAAWAAAACYAJgCIAAAAGgAaAK4AAABGAEYAyAAAAAAAAAAAAAAAAQIAAB4JoT4zpb810e3SHwf3FK1jqVwM+hY9ebJT77oEZdUTBTR7nSBle+8BAQAAAAAAACD1X+p8UsoB1PolW6ZgLiUAAAAAAAAAAFMATQBBAEwATABCAFUAUwBJAE4ARQBTAFMALgBMAE8AQwBBAEwAQQBkAG0AaQBuAGkAcwB0AHIAYQB0AG8AcgBWAEEATABFAE4AUABPAC0ARgAyADEAOABFADYANAAuAFMATQBBAEwATABCAFUAUwBJAE4ARQBTAFMALgBMAE8AQwBBAEwA
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Receiving response: 
HTTP/1.1 302 Object Moved
DEBUG [org.apache.http.headers] << HTTP/1.1 302 Object Moved
DEBUG [org.apache.http.headers] << Content-Length: 205
DEBUG [org.apache.http.headers] << Content-Type: text/html
DEBUG [org.apache.http.headers] << Location: 
http://somehost.yyyyyy.local/exchange/[email protected]/
DEBUG [org.apache.http.headers] << Server: Microsoft-IIS/6.0
DEBUG [org.apache.http.headers] << X-Powered-By: ASP.NET
DEBUG [org.apache.http.headers] << Date: Wed, 21 Oct 2009 18:33:00 GMT
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Connection can be 
kept alive indefinitely
DEBUG [org.apache.http.impl.client.DefaultRedirectHandler] Redirect requested 
to location 'http://somehost.yyyyyy.local/exchange/[email protected]/'
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Redirecting to 
'http://somehost.yyyyyy.local/exchange/[email protected]/' via 
HttpRoute[{}->http://somehost.yyyyyy.local]
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.protocol.version': 
HTTP/1.1
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.useragent': 
Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: 
best-match
ERROR [org.apache.http.client.protocol.RequestTargetAuthentication] 
Authentication error: Unexpected state: MSG_TYPE3_GENERATED
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Attempt 4 to execute 
request
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Sending request: GET 
/exchange/[email protected]/ HTTP/1.1
DEBUG [org.apache.http.headers] >> GET /exchange/[email protected]/ HTTP/1.1
DEBUG [org.apache.http.headers] >> Host: somehost.yyyyyy.local
DEBUG [org.apache.http.headers] >> Connection: Keep-Alive
DEBUG [org.apache.http.headers] >> User-Agent: Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Receiving response: 
HTTP/1.1 302 Object Moved
DEBUG [org.apache.http.headers] << HTTP/1.1 302 Object Moved
DEBUG [org.apache.http.headers] << Content-Length: 200
DEBUG [org.apache.http.headers] << Content-Type: text/html
DEBUG [org.apache.http.headers] << Location: 
http://somehost.yyyyyy.local/owa/[email protected]/
DEBUG [org.apache.http.headers] << Server: Microsoft-IIS/6.0
DEBUG [org.apache.http.headers] << X-Powered-By: ASP.NET
DEBUG [org.apache.http.headers] << Date: Wed, 21 Oct 2009 18:33:00 GMT
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Connection can be 
kept alive indefinitely
DEBUG [org.apache.http.impl.client.DefaultRedirectHandler] Redirect requested 
to location 'http://somehost.yyyyyy.local/owa/[email protected]/'
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Redirecting to 
'http://somehost.yyyyyy.local/owa/[email protected]/' via 
HttpRoute[{}->http://somehost.yyyyyy.local]
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.protocol.version': 
HTTP/1.1
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.useragent': 
Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: 
best-match
ERROR [org.apache.http.client.protocol.RequestTargetAuthentication] 
Authentication error: Unexpected state: MSG_TYPE3_GENERATED
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Attempt 5 to execute 
request
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Sending request: GET 
/owa/[email protected]/ HTTP/1.1
DEBUG [org.apache.http.headers] >> GET /owa/[email protected]/ HTTP/1.1
DEBUG [org.apache.http.headers] >> Host: somehost.yyyyyy.local
DEBUG [org.apache.http.headers] >> Connection: Keep-Alive
DEBUG [org.apache.http.headers] >> User-Agent: Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Receiving response: 
HTTP/1.1 200 OK
DEBUG [org.apache.http.headers] << HTTP/1.1 200 OK
DEBUG [org.apache.http.headers] << Date: Wed, 21 Oct 2009 18:33:00 GMT
DEBUG [org.apache.http.headers] << Server: Microsoft-IIS/6.0
DEBUG [org.apache.http.headers] << X-Powered-By: ASP.NET
DEBUG [org.apache.http.headers] << X-AspNet-Version: 2.0.50727
DEBUG [org.apache.http.headers] << X-OWA-Version: 8.1.375.2
DEBUG [org.apache.http.headers] << X-UA-Compatible: IE=EmulateIE7
DEBUG [org.apache.http.headers] << Set-Cookie: 
UserContext_b3f50bcb069640afa7310a0cf9d5831e=26a1db23fb0741dd8302af1a59901710&c210cDp2YWwucG9wb3ZAc21hbGxidXNpbmVzcy5sb2NhbA;
 path=/
DEBUG [org.apache.http.headers] << Cache-Control: no-cache
DEBUG [org.apache.http.headers] << Pragma: no-cache
DEBUG [org.apache.http.headers] << Expires: -1
DEBUG [org.apache.http.headers] << Content-Type: text/html; charset=utf-8
DEBUG [org.apache.http.headers] << Content-Length: 30867
DEBUG [org.apache.http.client.protocol.ResponseProcessCookies] Cookie accepted: 
"[version: 0][name: UserContext_b3f50bcb069640afa7310a0cf9d5831e][value: 
26a1db23fb0741dd8302af1a59901710&c210cDp2YWwucG9wb3ZAc21hbGxidXNpbmVzcy5sb2NhbA][domain:
 somehost.yyyyyy.local][path: /][expiry: null]". 
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Connection can be 
kept alive indefinitely
DEBUG [org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager] Released 
connection is reusable.
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Releasing connection 
[HttpRoute[{}->http://somehost.yyyyyy.local]][SMALLBUSINESS.LOCAL/Administrator]
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Pooling connection 
[HttpRoute[{}->http://somehost.yyyyyy.local]][SMALLBUSINESS.LOCAL/Administrator];
 keep alive for -1 MILLISECONDS
DEBUG [org.apache.http.impl.conn.IdleConnectionHandler] Adding connection at: 
1256149980711
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Notifying no-one, there 
are no waiting threads
----------------------------


> Auth state is not correctly maintained if a successful NTLM authentication 
> results in a redirect
> ------------------------------------------------------------------------------------------------
>
>                 Key: HTTPCLIENT-882
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-882
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient
>    Affects Versions: 4.0 Final
>            Reporter: Oleg Kalnichevski
>            Priority: Minor
>             Fix For: 4.0.1, 4.1 Alpha1
>
>
> HttpClient fails to update the auth state correctly if a successful NTLM 
> authentication results in a redirect response. Reported by Valentin Popov 
> <valentin.po at gmail.com>

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] Updated: (HTTPCLIENT-882) Auth state is not correctly maintained if a successful NTLM authentication results in a redirect

Reply via email to