I find this discussion fascinating. One question, are you saying the Ntlmschemefactory doesn't work? I use it as part of my unit tests against adfs 2 running on w2k8r2 64bit and it works perfectly.
Thanks Marc Sent from my iPad On Apr 21, 2011, at 5:07 PM, Ron Jacobs <[email protected]> wrote: > I must say that I hadn't wanted to say anything negative about that code > in my original post(s), but now that you've asked: > > The code now in your 4.1 distribution appears to be minimally (if at > all) unchanged from some code that I came across during a Google search > for better supporting NTLM within HttpClient way before I ever upgraded > to 4.x. I looked at that code in depth sometime last year and concluded > that there were just too many problems with it. > > Without going into technical details, which I have certainly mostly > forgotten by now anyway, that code seemed to have been written by > reverse engineering and guessing about NTLM some time before Microsoft > (finally) publicly released the NTLM specification. It may have worked > at one time for some specific combination of Windows parameters and > options but it was too far away from working for the general cases that > I needed. You see, unlike many NTLM client-side users that are just > trying to authenticate against a specific Windows server, I need to work > with just about any combo of Windows OS versions, service packs, > registry settings, installed apps, etc. > > So I abandoned that effort and when I recognized the same code inside > HttpClient, I was not hopeful. It was as I was looking for alternatives > that I asked the questions that you answered for me last month leading > me straight to this approach that is working great for us today. > > Seems to me that there is still no "open source" solution that is ready > to drop into the HttpClient distribution. I believe that the correct > approach is indeed JCIFS and that your restoring and updating the web > page is the best solution. If I were "forced" to write some NTLM code > without licensing issues for HttpClient it would end up looking much > too uncomfortably close to JCIFS. > > I truly hope that I have offended no one. > > -----Original Message----- > From: Oleg Kalnichevski [mailto:[email protected]] > Sent: Thursday, April 21, 2011 12:23 PM > To: HttpClient User Discussion > Subject: Re: Full NTLMv2 Support Achieved Easily (Was: NTLM authentication > with a UPN instead of domain and user name) > > ... > > PS: Would you be by any change willing to take a look at the default > NTLM engine distributed with HttpClient and see what may be wrong there? > It'd be a great contribution to all users of HttpClient. > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
