Any other way to prevent it? I've also tried setting the proxyPreferredAuthSchemes property with no change.
On 12 February 2014 02:44, Oleg Kalnichevski <[email protected]> wrote: > On Wed, 2014-02-12 at 02:21 +1100, Brett Ryan wrote: > > Thanks Oleg, I've added this to the client, yet I am still getting the > same > > warnings. > > > > Lookup<AuthSchemeProvider> authProviders = > > RegistryBuilder.<AuthSchemeProvider>create() > > .register(AuthSchemes.BASIC, new BasicSchemeFactory()) > > .build(); > > RequestConfig rc = RequestConfig.custom() > > .setTargetPreferredAuthSchemes(Arrays.asList("BASIC")) > > .build(); > > BasicCredentialsProvider credsProvider = new > BasicCredentialsProvider(); > > credsProvider.setCredentials(AuthScope.ANY, null); > > client = HttpClients.custom() > > .setDefaultCredentialsProvider(credsProvider) > > .setDefaultAuthSchemeRegistry(authProviders) > > .setDefaultRequestConfig(rc) > > > > .setTargetAuthenticationStrategy(TargetAuthenticationStrategy.INSTANCE) > > .build(); > > > > Can happen if the proxy auth strategy tries to pick up an auth scheme > from the list of preferred schemes still containing NTLM and SPNEGO. > > Oleg > > > > > > > On 12 February 2014 00:58, Oleg Kalnichevski <[email protected]> wrote: > > > > > On Tue, 2014-02-11 at 14:20 +1100, Brett Ryan wrote: > > > > If a server supports NTLM and Kerberos authentication, but when > setting > > > up the client I only provide basic credentials I get a log for each of > the > > > NTLM and NEGOTIATE authentication schemes. > > > > > > > > Taking the example from : > > > > https://hc.apache.org/httpcomponents-client-4.3.x/httpclient/examples/org/apache/http/examples/client/ClientAuthentication.java > > > > > > > > CredentialsProvider credsProvider = new > BasicCredentialsProvider(); > > > > credsProvider.setCredentials( > > > > new AuthScope(null, -1), > > > > new UsernamePasswordCredentials(restUser, restPass)); > > > > CloseableHttpClient client = HttpClients.custom() > > > > .setDefaultCredentialsProvider(credsProvider) > > > > .build(); > > > > > > > > Use of the above client will produce the following warnings, though > > > requests succeed fine through basic authentication: > > > > > > > > WARN o.a.http.impl.auth.HttpAuthenticator - NEGOTIATE > > > authentication error: Invalid name provided (Mechanism level: > KrbException: > > > Cannot locate default realm) > > > > WARN o.a.http.impl.auth.HttpAuthenticator - NTLM authentication > > > error: Credentials cannot be used for NTLM authentication: > > > org.apache.http.auth.UsernamePasswordCredentials > > > > > > > > So I figured after searching through the builder method that I'd > supply > > > an auth provider with only basic support: > > > > > > > > Lookup<AuthSchemeProvider> authProviders = > > > RegistryBuilder.<AuthSchemeProvider>create() > > > > .register(AuthSchemes.BASIC, new BasicSchemeFactory()) > > > > .build(); > > > > CloseableHttpClient client = HttpClients.custom() > > > > .setDefaultCredentialsProvider(credsProvider) > > > > .setDefaultAuthSchemeRegistry(authProviders) > > > > .build(); > > > > > > > > But now I get a different warning about the scheme's no longer being > > > enabled. > > > > > > > > WARN o.a.h.i.c.TargetAuthenticationStrategy - Authentication > scheme > > > negotiate not supported > > > > WARN o.a.h.i.c.TargetAuthenticationStrategy - Authentication > scheme > > > NTLM not supported > > > > > > > > How do I simply get rid of these warnings and only get the client to > use > > > the basic scheme that I've configured? > > > > > > --- > > > RequestConfig config = RequestConfig.custom() > > > .setTargetPreferredAuthSchemes(Arrays.asList("BASIC")) > > > .build(); > > > HttpGet get = new HttpGet("/"); > > > get.setConfig(config); > > > --- > > > > > > Hope this helps > > > > > > Oleg > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [email protected] > > > For additional commands, e-mail: [email protected] > > > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
