[jira] Created: (HTTPCLIENT-882) Auth state is not correctly maintained if a successful NTLM authentication results in a redirect

Auth state is not correctly maintained if a successful NTLM authentication results in a redirect
------------------------------------------------------------------------------------------------

                 Key: HTTPCLIENT-882
                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-882
             Project: HttpComponents HttpClient
          Issue Type: Bug
          Components: HttpClient
    Affects Versions: 4.0 Final
            Reporter: Oleg Kalnichevski
             Fix For: 4.0.1, 4.1 Alpha1


HttpClient fails to update the auth state correctly if a successful NTLM authentication results in a redirect response. Reported by Valentin Popov <valentin.po at gmail.com>

--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@...
For additional commands, e-mail: dev-help@...

     [ https://issues.apache.org/jira/browse/HTTPCLIENT-882?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Oleg Kalnichevski updated HTTPCLIENT-882:
-----------------------------------------

    Priority: Minor  (was: Major)

In fact HttpClient manages to recover automatically, so the problem is rather minor:  
----------------------------
DEBUG [org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager] ThreadSafeClientConnManager.getConnection: HttpRoute[{}->http://somehost.yyyyyy.local], timeout = 0
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Total connections kept alive: 0
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Total issued connections: 0
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Total allocated connection: 0 out of 20
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] No free connections [HttpRoute[{}->http://somehost.yyyyyy.local]][null]
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Available capacity: 2 out of 2 [HttpRoute[{}->http://somehost.yyyyyy.local]][null]
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Creating new connection [HttpRoute[{}->http://somehost.yyyyyy.local]]
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.tcp.nodelay': true
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.socket.timeout': 10000
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.socket.buffer-size': 8192
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.protocol.version': HTTP/1.1
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.useragent': Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: best-match
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Attempt 1 to execute request
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Sending request: GET /exchange/xxxxxx@... HTTP/1.1
DEBUG [org.apache.http.headers] >> GET /exchange/xxxxxx@... HTTP/1.1
DEBUG [org.apache.http.headers] >> Host: somehost.yyyyyy.local
DEBUG [org.apache.http.headers] >> Connection: Keep-Alive
DEBUG [org.apache.http.headers] >> User-Agent: Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Receiving response: HTTP/1.1 401 Unauthorized
DEBUG [org.apache.http.headers] << HTTP/1.1 401 Unauthorized
DEBUG [org.apache.http.headers] << Content-Length: 1656
DEBUG [org.apache.http.headers] << Content-Type: text/html
DEBUG [org.apache.http.headers] << Server: Microsoft-IIS/6.0
DEBUG [org.apache.http.headers] << WWW-Authenticate: Negotiate
DEBUG [org.apache.http.headers] << WWW-Authenticate: NTLM
DEBUG [org.apache.http.headers] << X-Powered-By: ASP.NET
DEBUG [org.apache.http.headers] << Date: Wed, 21 Oct 2009 18:33:00 GMT
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Connection can be kept alive indefinitely
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Target requested authentication
DEBUG [org.apache.http.impl.client.DefaultTargetAuthenticationHandler] Authentication schemes in the order of preference: [ntlm, digest, basic]
DEBUG [org.apache.http.impl.client.DefaultTargetAuthenticationHandler] ntlm authentication scheme selected
 WARN [org.apache.http.impl.client.DefaultTargetAuthenticationHandler] Authentication scheme ntlm not supported
DEBUG [org.apache.http.impl.client.DefaultTargetAuthenticationHandler] Challenge for digest authentication scheme not available
DEBUG [org.apache.http.impl.client.DefaultTargetAuthenticationHandler] Challenge for basic authentication scheme not available
 WARN [org.apache.http.impl.client.DefaultRequestDirector] Authentication error: Unable to respond to any of these challenges: {ntlm=WWW-Authenticate: NTLM, negotiate=WWW-Authenticate: Negotiate}
DEBUG [org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager] Released connection is reusable.
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Releasing connection [HttpRoute[{}->http://somehost.yyyyyy.local]][null]
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Pooling connection [HttpRoute[{}->http://somehost.yyyyyy.local]][null]; keep alive for -1 MILLISECONDS
DEBUG [org.apache.http.impl.conn.IdleConnectionHandler] Adding connection at: 1256149979224
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Notifying no-one, there are no waiting threads
DEBUG [org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager] ThreadSafeClientConnManager.getConnection: HttpRoute[{}->http://somehost.yyyyyy.local], timeout = 0
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Total connections kept alive: 1
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Total issued connections: 0
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Total allocated connection: 1 out of 20
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Getting free connection [HttpRoute[{}->http://somehost.yyyyyy.local]][null]
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Stale connection check
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.protocol.version': HTTP/1.1
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.useragent': Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: best-match
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Attempt 1 to execute request
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Sending request: GET /exchange/xxxxxx@... HTTP/1.1
DEBUG [org.apache.http.headers] >> GET /exchange/xxxxxx@... HTTP/1.1
DEBUG [org.apache.http.headers] >> Host: somehost.yyyyyy.local
DEBUG [org.apache.http.headers] >> Connection: Keep-Alive
DEBUG [org.apache.http.headers] >> User-Agent: Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Receiving response: HTTP/1.1 401 Unauthorized
DEBUG [org.apache.http.headers] << HTTP/1.1 401 Unauthorized
DEBUG [org.apache.http.headers] << Content-Length: 1656
DEBUG [org.apache.http.headers] << Content-Type: text/html
DEBUG [org.apache.http.headers] << Server: Microsoft-IIS/6.0
DEBUG [org.apache.http.headers] << WWW-Authenticate: Negotiate
DEBUG [org.apache.http.headers] << WWW-Authenticate: NTLM
DEBUG [org.apache.http.headers] << X-Powered-By: ASP.NET
DEBUG [org.apache.http.headers] << Date: Wed, 21 Oct 2009 18:33:00 GMT
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Connection can be kept alive indefinitely
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Target requested authentication
DEBUG [org.apache.http.impl.client.DefaultTargetAuthenticationHandler] Authentication schemes in the order of preference: [ntlm, digest, basic]
DEBUG [org.apache.http.impl.client.DefaultTargetAuthenticationHandler] ntlm authentication scheme selected
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Authorization challenge processed
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Authentication scope: NTLM <any realm>@somehost.yyyyyy.local:80
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Found credentials
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.useragent': Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: best-match
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Attempt 2 to execute request
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Sending request: GET /exchange/xxxxxx@... HTTP/1.1
DEBUG [org.apache.http.headers] >> GET /exchange/xxxxxx@... HTTP/1.1
DEBUG [org.apache.http.headers] >> Host: somehost.yyyyyy.local
DEBUG [org.apache.http.headers] >> Connection: Keep-Alive
DEBUG [org.apache.http.headers] >> User-Agent: Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.headers] >> Authorization: NTLM TlRMTVNTUAABAAAAATIAABMAEwAgAAAAIwAjADMAAABTTUFMTEJVU0lORVNTLkxPQ0FMVkFMRU5QTy1GMjE4RTY0LlNNQUxMQlVTSU5FU1MuTE9DQUw=
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Receiving response: HTTP/1.1 401 Unauthorized
DEBUG [org.apache.http.headers] << HTTP/1.1 401 Unauthorized
DEBUG [org.apache.http.headers] << Content-Length: 1539
DEBUG [org.apache.http.headers] << Content-Type: text/html
DEBUG [org.apache.http.headers] << Server: Microsoft-IIS/6.0
DEBUG [org.apache.http.headers] << WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAAAAADgAAAABAgACmc27i263OXEAAAAAAAAAAAAAAAA4AAAABQLODgAAAA8=
DEBUG [org.apache.http.headers] << X-Powered-By: ASP.NET
DEBUG [org.apache.http.headers] << Date: Wed, 21 Oct 2009 18:33:00 GMT
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Connection can be kept alive indefinitely
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Target requested authentication
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Authorization challenge processed
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Authentication scope: NTLM <any realm>@somehost.yyyyyy.local:80
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.useragent': Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: best-match
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Attempt 3 to execute request
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Sending request: GET /exchange/xxxxxx@... HTTP/1.1
DEBUG [org.apache.http.headers] >> GET /exchange/xxxxxx@... HTTP/1.1
DEBUG [org.apache.http.headers] >> Host: somehost.yyyyyy.local
DEBUG [org.apache.http.headers] >> Connection: Keep-Alive
DEBUG [org.apache.http.headers] >> User-Agent: Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.headers] >> Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAwADAAWAAAACYAJgCIAAAAGgAaAK4AAABGAEYAyAAAAAAAAAAAAAAAAQIAAB4JoT4zpb810e3SHwf3FK1jqVwM+hY9ebJT77oEZdUTBTR7nSBle+8BAQAAAAAAACD1X+p8UsoB1PolW6ZgLiUAAAAAAAAAAFMATQBBAEwATABCAFUAUwBJAE4ARQBTAFMALgBMAE8AQwBBAEwAQQBkAG0AaQBuAGkAcwB0AHIAYQB0AG8AcgBWAEEATABFAE4AUABPAC0ARgAyADEAOABFADYANAAuAFMATQBBAEwATABCAFUAUwBJAE4ARQBTAFMALgBMAE8AQwBBAEwA
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Receiving response: HTTP/1.1 302 Object Moved
DEBUG [org.apache.http.headers] << HTTP/1.1 302 Object Moved
DEBUG [org.apache.http.headers] << Content-Length: 205
DEBUG [org.apache.http.headers] << Content-Type: text/html
DEBUG [org.apache.http.headers] << Location: http://somehost.yyyyyy.local/exchange/xxxxxx@.../
DEBUG [org.apache.http.headers] << Server: Microsoft-IIS/6.0
DEBUG [org.apache.http.headers] << X-Powered-By: ASP.NET
DEBUG [org.apache.http.headers] << Date: Wed, 21 Oct 2009 18:33:00 GMT
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Connection can be kept alive indefinitely
DEBUG [org.apache.http.impl.client.DefaultRedirectHandler] Redirect requested to location 'http://somehost.yyyyyy.local/exchange/xxxxxx@.../'
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Redirecting to 'http://somehost.yyyyyy.local/exchange/xxxxxx@.../' via HttpRoute[{}->http://somehost.yyyyyy.local]
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.protocol.version': HTTP/1.1
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.useragent': Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: best-match
ERROR [org.apache.http.client.protocol.RequestTargetAuthentication] Authentication error: Unexpected state: MSG_TYPE3_GENERATED
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Attempt 4 to execute request
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Sending request: GET /exchange/xxxxxx@.../ HTTP/1.1
DEBUG [org.apache.http.headers] >> GET /exchange/xxxxxx@.../ HTTP/1.1
DEBUG [org.apache.http.headers] >> Host: somehost.yyyyyy.local
DEBUG [org.apache.http.headers] >> Connection: Keep-Alive
DEBUG [org.apache.http.headers] >> User-Agent: Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Receiving response: HTTP/1.1 302 Object Moved
DEBUG [org.apache.http.headers] << HTTP/1.1 302 Object Moved
DEBUG [org.apache.http.headers] << Content-Length: 200
DEBUG [org.apache.http.headers] << Content-Type: text/html
DEBUG [org.apache.http.headers] << Location: http://somehost.yyyyyy.local/owa/xxxxxx@.../
DEBUG [org.apache.http.headers] << Server: Microsoft-IIS/6.0
DEBUG [org.apache.http.headers] << X-Powered-By: ASP.NET
DEBUG [org.apache.http.headers] << Date: Wed, 21 Oct 2009 18:33:00 GMT
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Connection can be kept alive indefinitely
DEBUG [org.apache.http.impl.client.DefaultRedirectHandler] Redirect requested to location 'http://somehost.yyyyyy.local/owa/xxxxxx@.../'
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Redirecting to 'http://somehost.yyyyyy.local/owa/xxxxxx@.../' via HttpRoute[{}->http://somehost.yyyyyy.local]
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.protocol.version': HTTP/1.1
DEBUG [org.apache.http.impl.client.ClientParamsStack] 'http.useragent': Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: best-match
ERROR [org.apache.http.client.protocol.RequestTargetAuthentication] Authentication error: Unexpected state: MSG_TYPE3_GENERATED
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Attempt 5 to execute request
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Sending request: GET /owa/xxxxxx@.../ HTTP/1.1
DEBUG [org.apache.http.headers] >> GET /owa/xxxxxx@.../ HTTP/1.1
DEBUG [org.apache.http.headers] >> Host: somehost.yyyyyy.local
DEBUG [org.apache.http.headers] >> Connection: Keep-Alive
DEBUG [org.apache.http.headers] >> User-Agent: Apache-HttpClient/4.0 (java 1.5)
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Receiving response: HTTP/1.1 200 OK
DEBUG [org.apache.http.headers] << HTTP/1.1 200 OK
DEBUG [org.apache.http.headers] << Date: Wed, 21 Oct 2009 18:33:00 GMT
DEBUG [org.apache.http.headers] << Server: Microsoft-IIS/6.0
DEBUG [org.apache.http.headers] << X-Powered-By: ASP.NET
DEBUG [org.apache.http.headers] << X-AspNet-Version: 2.0.50727
DEBUG [org.apache.http.headers] << X-OWA-Version: 8.1.375.2
DEBUG [org.apache.http.headers] << X-UA-Compatible: IE=EmulateIE7
DEBUG [org.apache.http.headers] << Set-Cookie: UserContext_b3f50bcb069640afa7310a0cf9d5831e=26a1db23fb0741dd8302af1a59901710&c210cDp2YWwucG9wb3ZAc21hbGxidXNpbmVzcy5sb2NhbA; path=/
DEBUG [org.apache.http.headers] << Cache-Control: no-cache
DEBUG [org.apache.http.headers] << Pragma: no-cache
DEBUG [org.apache.http.headers] << Expires: -1
DEBUG [org.apache.http.headers] << Content-Type: text/html; charset=utf-8
DEBUG [org.apache.http.headers] << Content-Length: 30867
DEBUG [org.apache.http.client.protocol.ResponseProcessCookies] Cookie accepted: "[version: 0][name: UserContext_b3f50bcb069640afa7310a0cf9d5831e][value: 26a1db23fb0741dd8302af1a59901710&c210cDp2YWwucG9wb3ZAc21hbGxidXNpbmVzcy5sb2NhbA][domain: somehost.yyyyyy.local][path: /][expiry: null]".
DEBUG [org.apache.http.impl.client.DefaultRequestDirector] Connection can be kept alive indefinitely
DEBUG [org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager] Released connection is reusable.
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Releasing connection [HttpRoute[{}->http://somehost.yyyyyy.local]][SMALLBUSINESS.LOCAL/Administrator]
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Pooling connection [HttpRoute[{}->http://somehost.yyyyyy.local]][SMALLBUSINESS.LOCAL/Administrator]; keep alive for -1 MILLISECONDS
DEBUG [org.apache.http.impl.conn.IdleConnectionHandler] Adding connection at: 1256149980711
DEBUG [org.apache.http.impl.conn.tsccm.ConnPoolByRoute] Notifying no-one, there are no waiting threads
----------------------------


--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@...
For additional commands, e-mail: dev-help@...

     [ https://issues.apache.org/jira/browse/HTTPCLIENT-882?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Oleg Kalnichevski resolved HTTPCLIENT-882.
------------------------------------------

    Resolution: Fixed

Fixed in trunk and 4.0.x branch

Oleg

--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@...
For additional commands, e-mail: dev-help@...