[jira] [Commented] (HTTPCLIENT-2170) NTLM Authentication not working when sending multiple request concurrently

Thu, 19 Aug 2021 09:59:06 -0700 


    [ 
https://issues.apache.org/jira/browse/HTTPCLIENT-2170?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17401757#comment-17401757
 ] 

ASF subversion and git services commented on HTTPCLIENT-2170:
-------------------------------------------------------------

Commit 0f9d651948437121b4a921366cf5fb437d0ca0bc in httpcomponents-client's 
branch refs/heads/5.1.x from Oleg Kalnichevski
[ https://gitbox.apache.org/repos/asf?p=httpcomponents-client.git;h=0f9d651 ]

HTTPCLIENT-2170: Classic protocol layer no longer releases the underlying 
connection back to the pool prematurely while the NTLM handshake is still 
ongoing


> NTLM Authentication not working when sending multiple request concurrently
> --------------------------------------------------------------------------
>
>                 Key: HTTPCLIENT-2170
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2170
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient (classic)
>    Affects Versions: 5.0.4, 5.1
>         Environment: Java 1.8 and Android 
>            Reporter: Erick 
>            Priority: Major
>              Labels: 5.04, 5.1, NTLM, http-client
>         Attachments: NTLMTestSample.zip, NTLM_logs.txt
>
>
> We migrated our apache version from 4.5.x to 5.0.4 and we have encountered an 
> authentication error using NTLM. 
> We are making multiple requests in different threads to a NTLM secured server 
> concurrently such as: 
> {code:java}
> private fun test_Standalone() {    val username = "username"    val password 
> = "password"    val serverName = "localhost"
>     val requestUrls = arrayOf(        
> "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/0/0/0";,
>         
> "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/63/0/0";,
>         
> "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/16/26166/11433";,
>         
> "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/15/13083/5716";,
>         
> "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/1/0/0";,
>         
> "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/16/26166/11432";,
>         
> "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/14/6541/2858";,
>         
> "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/15/13082/5716";,
>         
> "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/15/13083/5715";,
>         
> "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/16/26166/11431";,
>         
> "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/15/13082/5715";,
>         
> "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/14/6541/2857";,
>         
> "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/16/26165/11434";,
>         
> "https://${serverName}/server/rest/services/CERT_Secured_Basemap/MapServer/tile/15/13082/5717";
>     )
>     for(url in requestUrls) {        makeRequestAsync(url, username, 
> password)    }}
> {code}
> Some of the data request succeed but others fail with a *401 Unauthorized.*
> **the output looks something like this:
>  
> {code:java}
> <------[Thread-7] 401 :401 Unauthorized HTTP/1.1
> <------[Thread-1] 401 :401 Unauthorized HTTP/1.1
> <------[Thread-4] 401 :401 Unauthorized HTTP/1.1
> <------[Thread-6] 401 :401 Unauthorized HTTP/1.1
> <------[Thread-3] 401 :401 Unauthorized HTTP/1.1
> <------[Thread-10] 401 :401 Unauthorized HTTP/1.1
> <------[Thread-2] 401 :401 Unauthorized HTTP/1.1
> <------[Thread-9] 401 :401 Unauthorized HTTP/1.1
> <------[Thread-13] 401 :401 Unauthorized HTTP/1.1
> <------[Thread-12] 401 :401 Unauthorized HTTP/1.1
> <------[Thread-0] 401 :401 Unauthorized HTTP/1.1
> <------[Thread-11] 401 :401 Unauthorized HTTP/1.1
> <------[Thread-5] 401 :401 Unauthorized HTTP/1.1
> <------[Thread-8] 200 :200 OK HTTP/1.1
> {code}
>  
> Looking at the logs, it seems that the NTLM handshake fails for some request 
> **We found that by synchronizing the method 
> [ProtocolExec.execute()|https://github.com/apache/httpcomponents-client/blob/5.0.x/httpclient5/src/main/java/org/apache/hc/client5/http/impl/classic/ProtocolExec.java#L103],
>  all the NTLM authentication requests succeed and we are able to fetch the 
> data successfully. 
>  
> Attached is the repro java project that we are using. 
> The project only needs an NTLM server and credentials to run. 
>  
> We tested version 5.1 and it was also reproducible. 
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to