« Return to Thread: redirect fails when NTLM authentication is used for proxy
Re: redirect fails when NTLM authentication is used for proxy
by olegk
::
Rate this Message:
On Mon, Jun 29, 2009 at 02:09:32AM -0700, RajK wrote:
>
> Hi Oleg,
> I tried out for the release,
>
> https://repository.apache.org/content/repositories/snapshots/org/apache/httpcomponents/httpclient/4.0-beta3-SNAPSHOT/
> This time I did include all the jars (http-core, jcifs for Ntlm etc.)
> and tried out NTLM as given
> http://hc.apache.org/httpcomponents-client/ntlm.html
>
> It still fails on trying out the new urls in the re-direct executions.
>
Raj,
Could you please raise a JIRA for this issue and attach a complete wire /
context log to it?
https://issues.apache.org/jira/browse/HTTPCLIENT
http://hc.apache.org/httpcomponents-client/logging.html
Oleg
> Here is the logs,
> [DEBUG] DefaultRequestDirector - Attempt 1 to execute request
> [DEBUG] DefaultRequestDirector - Connection can be kept alive indefinitely
> [DEBUG] DefaultRequestDirector - Proxy requested authentication
> [DEBUG] DefaultRequestDirector - Authorization challenge processed
> [DEBUG] DefaultRequestDirector - Authentication scope: NTLM <any
> realm>@172.16.231.11:8080
> [DEBUG] DefaultRequestDirector - Found credentials
> [DEBUG] DefaultRequestDirector - Attempt 2 to execute request
> [DEBUG] DefaultRequestDirector - Connection can be kept alive indefinitely
> [DEBUG] DefaultRequestDirector - Proxy requested authentication
> [DEBUG] DefaultRequestDirector - Authorization challenge processed
> [DEBUG] DefaultRequestDirector - Authentication scope: NTLM <any
> realm>@172.16.231.11:8080
> [DEBUG] DefaultRequestDirector - Attempt 3 to execute request
> [DEBUG] DefaultRequestDirector - Connection can be kept alive indefinitely
> [DEBUG] DefaultRequestDirector - Redirecting to 'http://www.verisign.com/'
> via HttpRoute[{}->http://172.16.231.11:8080->http://www.verisign.com]
> [ERROR] RequestProxyAuthentication - Proxy authentication error: Unexpected
> state: MSG_TYPE3_GENERATED
> [DEBUG] DefaultRequestDirector - Attempt 4 to execute request
> [DEBUG] DefaultRequestDirector - Connection can be kept alive indefinitely
> [DEBUG] DefaultRequestDirector - Proxy requested authentication
> [DEBUG] DefaultRequestDirector - Authorization challenge processed
> [DEBUG] DefaultRequestDirector - Authentication scope: NTLM <any
> realm>@172.16.231.11:8080
> [DEBUG] DefaultRequestDirector - Authentication failed
> ----------------------------------------
> HTTP/1.1 407 Proxy Authentication Required ( The ISA Server requires
> authorization to fulfill the request. Access to the Web Proxy filter is
> denied. )
>
> I tried with the direct urls such as https://www.verisign.com etc, and it
> works.
>
> Thanks and Regards,
> Raj K
> --
> View this message in context: http://www.nabble.com/redirect-fails-when-NTLM-authentication-is-used-for-proxy-tp23867531p24250740.html
> Sent from the HttpClient-User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@...
> For additional commands, e-mail: httpclient-users-help@...
>
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@...
For additional commands, e-mail: httpclient-users-help@...
>
> Hi Oleg,
> I tried out for the release,
>
> https://repository.apache.org/content/repositories/snapshots/org/apache/httpcomponents/httpclient/4.0-beta3-SNAPSHOT/
> This time I did include all the jars (http-core, jcifs for Ntlm etc.)
> and tried out NTLM as given
> http://hc.apache.org/httpcomponents-client/ntlm.html
>
> It still fails on trying out the new urls in the re-direct executions.
>
Raj,
Could you please raise a JIRA for this issue and attach a complete wire /
context log to it?
https://issues.apache.org/jira/browse/HTTPCLIENT
http://hc.apache.org/httpcomponents-client/logging.html
Oleg
> Here is the logs,
> [DEBUG] DefaultRequestDirector - Attempt 1 to execute request
> [DEBUG] DefaultRequestDirector - Connection can be kept alive indefinitely
> [DEBUG] DefaultRequestDirector - Proxy requested authentication
> [DEBUG] DefaultRequestDirector - Authorization challenge processed
> [DEBUG] DefaultRequestDirector - Authentication scope: NTLM <any
> realm>@172.16.231.11:8080
> [DEBUG] DefaultRequestDirector - Found credentials
> [DEBUG] DefaultRequestDirector - Attempt 2 to execute request
> [DEBUG] DefaultRequestDirector - Connection can be kept alive indefinitely
> [DEBUG] DefaultRequestDirector - Proxy requested authentication
> [DEBUG] DefaultRequestDirector - Authorization challenge processed
> [DEBUG] DefaultRequestDirector - Authentication scope: NTLM <any
> realm>@172.16.231.11:8080
> [DEBUG] DefaultRequestDirector - Attempt 3 to execute request
> [DEBUG] DefaultRequestDirector - Connection can be kept alive indefinitely
> [DEBUG] DefaultRequestDirector - Redirecting to 'http://www.verisign.com/'
> via HttpRoute[{}->http://172.16.231.11:8080->http://www.verisign.com]
> [ERROR] RequestProxyAuthentication - Proxy authentication error: Unexpected
> state: MSG_TYPE3_GENERATED
> [DEBUG] DefaultRequestDirector - Attempt 4 to execute request
> [DEBUG] DefaultRequestDirector - Connection can be kept alive indefinitely
> [DEBUG] DefaultRequestDirector - Proxy requested authentication
> [DEBUG] DefaultRequestDirector - Authorization challenge processed
> [DEBUG] DefaultRequestDirector - Authentication scope: NTLM <any
> realm>@172.16.231.11:8080
> [DEBUG] DefaultRequestDirector - Authentication failed
> ----------------------------------------
> HTTP/1.1 407 Proxy Authentication Required ( The ISA Server requires
> authorization to fulfill the request. Access to the Web Proxy filter is
> denied. )
>
> I tried with the direct urls such as https://www.verisign.com etc, and it
> works.
>
> Thanks and Regards,
> Raj K
> --
> View this message in context: http://www.nabble.com/redirect-fails-when-NTLM-authentication-is-used-for-proxy-tp23867531p24250740.html
> Sent from the HttpClient-User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@...
> For additional commands, e-mail: httpclient-users-help@...
>
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@...
For additional commands, e-mail: httpclient-users-help@...
« Return to Thread: redirect fails when NTLM authentication is used for proxy
| Free embeddable forum powered by Nabble | Forum Help |
