Christopher, Ok, I see. This is weird. I can't explain it. Maybe I am just too tired right now and should go to bed.
Actually it is preferred to not do a POST against a protected URL. One should do a GET or a HEAD first, get authenticated, get a session cookie, and than do a POST. Another thing to try is turning on 'expect: continue' handshake http://jakarta.apache.org/commons/httpclient/apidocs/org/apache/commons/httpclient/methods/ExpectContinueMethod.html#setUseExpectHeader(boolean) Oleg On Wed, 2004-09-29 at 23:59, Burke, Christopher wrote: > Oleg, > Thanks for your prompt response. The main problem is that the file has > not been uploaded, but the return code is 200. I am trying to post the > File object 'f' to the 'F1' textbox in the following form (File f = new > File("C:/secureHttp/anotherLog.log");). I believe my code is correct. > > I am at a loss. What could be the problem? > > <FORM ENCTYPE="multipart/form-data" METHOD="POST" > ACTION="siteman.asp?u=D&d=c:\im\"> > <FONT SIZE=1 FACE="Arial, Helvetica, sans-serif">NAME OF DESTINATION > FOLDER ON WEB SITE</FONT><BR> > <FONT SIZE=4 FACE="Arial, Helvetica, sans-serif"><B>c:\im\</B></FONT><P> > <FONT SIZE=1 FACE="Arial, Helvetica, sans-serif">PATHNAME OF LOCAL > DOCUMENT<BR>(SEND THIS FILE TO THE WEB SERVER)</FONT><BR><INPUT SIZE=30 > TYPE="FILE" NAME="F1"><P> > <INPUT TYPE="SUBMIT" VALUE="UPLOAD"> > <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="CANCEL"> > <P><FONT SIZE=2 FACE="Arial, Helvetica, sans-serif">If the > <B>[BROWSE...]</B> button is not displayed, > <BR>you must upgrade your <A HREF="http://www.netscape.com">Netscape</A> > or <A HREF="http://www.microsoft.com">Microsoft</A> browser. > </FORM></ > > Thanks again for your help, Oleg. > > Christopher > > -----Original Message----- > From: Oleg Kalnichevski [mailto:[EMAIL PROTECTED] > Sent: Wednesday, September 29, 2004 4:29 PM > To: Commons HttpClient Project > Subject: Re: HttpClient + HTTPS + NTLM Authentication = HTTP/1.1 > 401Access Denied > > Christopher, > What is exactly the problem? > > The authentication succeeded: > HTTP/1.1 200 OK > > Session cookie has been sent: > ASPSESSIONIDAQQBDABR=LMNNMHNALPPKIBENMNNANHGP > > NTLM authentication scheme is a stateful one and requires multiple > challenges/responses. The first 401 Access Denied response is perfectly > OK. > > For details see: > http://davenport.sourceforge.net/ntlm.html > WARNING: contains utter insanity ;-) > > Oleg > > On Wed, 2004-09-29 at 23:10, Burke, Christopher wrote: > > All, > > I need help implementing a Commons HttpClient solution to post files > to > > a web server via an ASP page. This seems somewhat straightforward, > but > > I am having trouble with the NTLM authentication. > > > > Code Snippet: > > String url = > > > "https://keystone.ibanksystems.com/carlsontest/siteman.asp?u=Y&d=c:\\im\ > > \"; > > > > NTCredentials creds = new > > NTCredentials("user","password","keystone.ibanksystems.com","domain"); > > HttpClient client = new HttpClient(); > > MultipartPostMethod mpPostMethod = new MultipartPostMethod(url); > > > > client.getState().setCredentials(null, null, creds); > > > > File f = new File("C:/secureHttp/anotherLog.log"); > > > > //mpPostMethod.addParameter("F1",f.getName(),f); > > mpPostMethod.addParameter("F1",f); > > > > int statusCode = client.executeMethod(mpPostMethod); > > > > System.out.println("Status Line: " + mpPostMethod.getStatusLine()); > > System.out.println("Status Code: " + statusCode); > > > > mpPostMethod.releaseConnection(); > > > > Debug Output: > > 2004/09/29 15:53:44:425 CDT [DEBUG] HttpClient - Java version: > 1.4.2_05 > > 2004/09/29 15:53:44:425 CDT [DEBUG] HttpClient - Java vendor: Sun > > Microsystems I > > nc. > > 2004/09/29 15:53:44:425 CDT [DEBUG] HttpClient - Java class path: > > .;..;C:\j2sdk1 > > > .4.2_05\bin;C:\apacheCommons\commons-httpclient.jar;C:\apacheCommons\com > > mons-log > > > ging-api.jar;C:\apacheCommons\commons-logging.jar;C:\apacheCommons\commo > > ns-codec > > -1.3.jar > > 2004/09/29 15:53:44:425 CDT [DEBUG] HttpClient - Operating system > name: > > Windows > > XP > > 2004/09/29 15:53:44:425 CDT [DEBUG] HttpClient - Operating system > > architecture: > > x86 > > 2004/09/29 15:53:44:425 CDT [DEBUG] HttpClient - Operating system > > version: 5.1 > > 2004/09/29 15:53:44:565 CDT [DEBUG] HttpClient - SUN 1.42: SUN (DSA > > key/paramete > > r generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 > > certificates; > > JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, > > Collection Ce > > rtStores) > > 2004/09/29 15:53:44:565 CDT [DEBUG] HttpClient - SunJSSE 1.42: Sun > JSSE > > provider > > (implements RSA Signatures, PKCS12, SunX509 key/trust factories, > SSLv3, > > TLSv1) > > 2004/09/29 15:53:44:565 CDT [DEBUG] HttpClient - SunRsaSign 1.42: > SUN's > > provider > > for RSA signatures > > 2004/09/29 15:53:44:565 CDT [DEBUG] HttpClient - SunJCE 1.42: SunJCE > > Provider (i > > mplements DES, Triple DES, AES, Blowfish, PBE, Diffie-Hellman, > HMAC-MD5, > > HMAC-SH > > A1) > > 2004/09/29 15:53:44:565 CDT [DEBUG] HttpClient - SunJGSS 1.0: Sun > > (Kerberos v5) > > 2004/09/29 15:53:45:857 CDT [DEBUG] HttpConnection - > > HttpConnection.setSoTimeout > > (0) > > 2004/09/29 15:53:45:857 CDT [DEBUG] HttpMethodBase - Execute loop try > 1 > > 2004/09/29 15:53:45:857 CDT [DEBUG] header - >> "POST > > /carlsontest/siteman.asp?u > > =Y&d=c:\im\ HTTP/1.1[\r][\n]" > > 2004/09/29 15:53:45:857 CDT [DEBUG] HttpMethodBase - Adding Host > request > > header > > 2004/09/29 15:53:45:867 CDT [DEBUG] header - >> "User-Agent: Jakarta > > Commons-Htt > > pClient/2.0.1[\r][\n]" > > 2004/09/29 15:53:45:867 CDT [DEBUG] header - >> "Host: > > keystone.ibanksystems.com > > [\r][\n]" > > 2004/09/29 15:53:45:867 CDT [DEBUG] header - >> "Content-Length: > > 965[\r][\n]" > > 2004/09/29 15:53:45:867 CDT [DEBUG] header - >> "Content-Type: > > multipart/form-da > > ta; boundary=----------------314159265358979323846[\r][\n]" > > 2004/09/29 15:53:46:037 CDT [DEBUG] header - >> "[\r][\n]" > > 2004/09/29 15:53:46:107 CDT [DEBUG] header - << "HTTP/1.1 401 Access > > Denied[\r][ > > \n]" > > 2004/09/29 15:53:46:107 CDT [DEBUG] header - << "Server: > > Microsoft-IIS/5.0[\r][\ > > n]" > > 2004/09/29 15:53:46:107 CDT [DEBUG] header - << "Date: Wed, 29 Sep > 2004 > > 20:53:50 > > GMT[\r][\n]" > > 2004/09/29 15:53:46:107 CDT [DEBUG] header - << "WWW-Authenticate: > > Negotiate[\r] > > [\n]" > > 2004/09/29 15:53:46:107 CDT [DEBUG] header - << "WWW-Authenticate: > > NTLM[\r][\n]" > > > > 2004/09/29 15:53:46:107 CDT [DEBUG] header - << "Connection: > > close[\r][\n]" > > 2004/09/29 15:53:46:107 CDT [DEBUG] header - << "Content-Length: > > 4431[\r][\n]" > > 2004/09/29 15:53:46:107 CDT [DEBUG] header - << "Content-Type: > > text/html[\r][\n] > > " > > 2004/09/29 15:53:46:107 CDT [DEBUG] HttpMethodBase - Authorization > > required > > 2004/09/29 15:53:46:117 CDT [DEBUG] HttpAuthenticator - Authenticating > > with the > > default authentication realm at keystone.ibanksystems.com > > 2004/09/29 15:53:46:117 CDT [DEBUG] HttpMethodBase - > > HttpMethodBase.execute(): S > > erver demanded authentication credentials, will try again. > > 2004/09/29 15:53:46:127 CDT [DEBUG] HttpMethodBase - Should close > > connection in > > response to Connection: close > > > > 2004/09/29 15:53:46:127 CDT [DEBUG] HttpMethodBase - Execute loop try > 2 > > 2004/09/29 15:53:46:127 CDT [DEBUG] HttpMethodBase - Opening the > > connection. > > 2004/09/29 15:53:46:167 CDT [DEBUG] header - >> "POST > > /carlsontest/siteman.asp?u > > =Y&d=c:\im\ HTTP/1.1[\r][\n]" > > 2004/09/29 15:53:46:167 CDT [DEBUG] HttpMethodBase - Request to add > Host > > header > > ignored: header already added > > 2004/09/29 15:53:46:167 CDT [DEBUG] header - >> "User-Agent: Jakarta > > Commons-Htt > > pClient/2.0.1[\r][\n]" > > 2004/09/29 15:53:46:167 CDT [DEBUG] header - >> "Host: > > keystone.ibanksystems.com > > [\r][\n]" > > 2004/09/29 15:53:46:167 CDT [DEBUG] header - >> "Content-Length: > > 965[\r][\n]" > > 2004/09/29 15:53:46:167 CDT [DEBUG] header - >> "Authorization: NTLM > > TlRMTVNTUAA > > > BAAAABlIAAAwADAA5AAAAGQAZACAAAABLRVlTVE9ORS5JQkFOS1NZU1RFTVMuQ09NSUJBTkt > > TWVNURU1 > > T[\r][\n]" > > 2004/09/29 15:53:46:167 CDT [DEBUG] header - >> "Content-Type: > > multipart/form-da > > ta; boundary=----------------314159265358979323846[\r][\n]" > > 2004/09/29 15:53:46:217 CDT [DEBUG] header - >> "[\r][\n]" > > 2004/09/29 15:53:46:328 CDT [DEBUG] header - << "HTTP/1.1 401 Access > > Denied[\r][ > > \n]" > > 2004/09/29 15:53:46:328 CDT [DEBUG] header - << "Server: > > Microsoft-IIS/5.0[\r][\ > > n]" > > 2004/09/29 15:53:46:328 CDT [DEBUG] header - << "Date: Wed, 29 Sep > 2004 > > 20:53:50 > > GMT[\r][\n]" > > 2004/09/29 15:53:46:328 CDT [DEBUG] header - << "WWW-Authenticate: > NTLM > > TlRMTVNT > > > UAACAAAAAwADADAAAAAGAoEAi30aMw030nIAAAAAAAAAADoAOgAzAAAAQVRTAgAGAEEAVABT > > AAEAEgBJ > > AEIAQQBOAEsAVwBFAEIAMQADABIAaQBiAGEAbgBrAHcAZQBiADEAAAAAAA==[\r][\n]" > > 2004/09/29 15:53:46:328 CDT [DEBUG] header - << "Content-Length: > > 4033[\r][\n]" > > 2004/09/29 15:53:46:328 CDT [DEBUG] header - << "Content-Type: > > text/html[\r][\n] > > " > > 2004/09/29 15:53:46:328 CDT [DEBUG] HttpMethodBase - Authorization > > required > > 2004/09/29 15:53:46:328 CDT [DEBUG] HttpAuthenticator - Authenticating > > with the > > default authentication realm at keystone.ibanksystems.com > > 2004/09/29 15:53:46:628 CDT [DEBUG] HttpMethodBase - > > HttpMethodBase.execute(): S > > erver demanded authentication credentials, will try again. > > 2004/09/29 15:53:46:628 CDT [DEBUG] HttpMethodBase - Resorting to > > protocol versi > > on default close connection policy > > 2004/09/29 15:53:46:628 CDT [DEBUG] HttpMethodBase - Should NOT close > > connection > > , using HTTP/1.1. > > 2004/09/29 15:53:46:628 CDT [DEBUG] HttpMethodBase - Execute loop try > 3 > > 2004/09/29 15:53:46:628 CDT [DEBUG] header - >> "POST > > /carlsontest/siteman.asp?u > > =Y&d=c:\im\ HTTP/1.1[\r][\n]" > > 2004/09/29 15:53:46:638 CDT [DEBUG] HttpMethodBase - Request to add > Host > > header > > ignored: header already added > > 2004/09/29 15:53:46:638 CDT [DEBUG] header - >> "User-Agent: Jakarta > > Commons-Htt > > pClient/2.0.1[\r][\n]" > > 2004/09/29 15:53:46:638 CDT [DEBUG] header - >> "Host: > > keystone.ibanksystems.com > > [\r][\n]" > > 2004/09/29 15:53:46:638 CDT [DEBUG] header - >> "Content-Length: > > 965[\r][\n]" > > 2004/09/29 15:53:46:638 CDT [DEBUG] header - >> "Authorization: NTLM > > TlRMTVNTUAA > > > DAAAAGAAYAHAAAAAAAAAAiAAAAAwADABAAAAACwALAEwAAAAZABkAVwAAAAAAAACIAAAABlI > > AAElCQU5 > > > LU1lTVEVNU0pXSUxMSUFNU09OS0VZU1RPTkUuSUJBTktTWVNURU1TLkNPTdQW3Tg5H/LspBn > > 2RSOZkzf > > ILnVSU4p+Ow==[\r][\n]" > > 2004/09/29 15:53:46:638 CDT [DEBUG] header - >> "Content-Type: > > multipart/form-da > > ta; boundary=----------------314159265358979323846[\r][\n]" > > 2004/09/29 15:53:46:648 CDT [DEBUG] header - >> "[\r][\n]" > > 2004/09/29 15:53:46:698 CDT [DEBUG] header - << "HTTP/1.1 100 > > Continue[\r][\n]" > > 2004/09/29 15:53:46:698 CDT [DEBUG] header - << "Server: > > Microsoft-IIS/5.0[\r][\ > > n]" > > 2004/09/29 15:53:46:698 CDT [DEBUG] header - << "Date: Wed, 29 Sep > 2004 > > 20:53:50 > > GMT[\r][\n]" > > 2004/09/29 15:53:46:698 CDT [DEBUG] header - << "IISExport: This web > > site was ex > > ported using IIS Export v3.0[\r][\n]" > > 2004/09/29 15:53:46:698 CDT [INFO] HttpMethodBase - Discarding > > unexpected respon > > se: HTTP/1.1 100 Continue > > 2004/09/29 15:53:46:708 CDT [DEBUG] header - << "HTTP/1.1 200 > > OK[\r][\n]" > > 2004/09/29 15:53:46:708 CDT [DEBUG] header - << "Server: > > Microsoft-IIS/5.0[\r][\ > > n]" > > 2004/09/29 15:53:46:708 CDT [DEBUG] header - << "Date: Wed, 29 Sep > 2004 > > 20:53:50 > > GMT[\r][\n]" > > 2004/09/29 15:53:46:708 CDT [DEBUG] header - << "IISExport: This web > > site was ex > > ported using IIS Export v3.0[\r][\n]" > > 2004/09/29 15:53:46:708 CDT [DEBUG] header - << "Content-Length: > > 2873[\r][\n]" > > 2004/09/29 15:53:46:708 CDT [DEBUG] header - << "Content-Type: > > text/html[\r][\n] > > " > > 2004/09/29 15:53:46:708 CDT [DEBUG] header - << "Set-Cookie: > > ASPSESSIONIDAQQBDAB > > R=LMNNMHNALPPKIBENMNNANHGP; path=/[\r][\n]" > > 2004/09/29 15:53:46:708 CDT [DEBUG] header - << "Cache-control: > > private[\r][\n]" > > > > 2004/09/29 15:53:46:738 CDT [DEBUG] HttpMethodBase - Cookie accepted: > > "$Version= > > 0; ASPSESSIONIDAQQBDABR=LMNNMHNALPPKIBENMNNANHGP; $Path=/" > > Status Line: HTTP/1.1 200 OK > > Status Code: 200 > > Press any key to continue . . . > > > > Any help/advice would be greatly appreciated. > > > > Best regards, > > > > Chris > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]