[jira] Assigned: (AXIS2-1081) Basic Authentication should not be tried before NTLM authentication

Eran Chinthaka (JIRA) Mon, 11 Sep 2006 10:44:52 -0700

     [ http://issues.apache.org/jira/browse/AXIS2-1081?page=all ]


Eran Chinthaka reassigned AXIS2-1081:
-------------------------------------

    Assignee: Saminda Wishwajith Abeyruwan

> Basic Authentication should not be tried before NTLM authentication
> -------------------------------------------------------------------
>
>                 Key: AXIS2-1081
>                 URL: http://issues.apache.org/jira/browse/AXIS2-1081
>             Project: Apache Axis 2.0 (Axis2)
>          Issue Type: Bug
>          Components: transports
>         Environment: Windows XP (client), Windows 2003 server. Axis 2 as the 
> client using httpclient 3.0.1.
>            Reporter: jeff ling
>         Assigned To: Saminda Wishwajith Abeyruwan
>            Priority: Blocker
>
> I turned on httpclient wire as well as debug message log. And I configured 
> Axis 2 to use NTLM authentication. From below you can see that basic auth is 
> attempted without any reason. This defeats the purpose of using ntlm which is 
> more secure than basic auth.
> [EMAIL PROTECTED]:08:24 DEBUG [main] (DefaultHttpParams.java:150) - Set 
> parameter http.useragent = Jakarta Commons-HttpClient/3.0.1
> [EMAIL PROTECTED]:08:24 DEBUG [main] (DefaultHttpParams.java:150) - Set 
> parameter http.protocol.version = HTTP/1.1
> [EMAIL PROTECTED]:08:24 DEBUG [main] (DefaultHttpParams.java:150) - Set 
> parameter http.connection-manager.class = class 
> org.apache.commons.httpclient.SimpleHttpConnectionManager
> [EMAIL PROTECTED]:08:24 DEBUG [main] (DefaultHttpParams.java:150) - Set 
> parameter http.protocol.cookie-policy = rfc2109
> [EMAIL PROTECTED]:08:24 DEBUG [main] (DefaultHttpParams.java:150) - Set 
> parameter http.protocol.element-charset = US-ASCII
> [EMAIL PROTECTED]:08:24 DEBUG [main] (DefaultHttpParams.java:150) - Set 
> parameter http.protocol.content-charset = ISO-8859-1
> [EMAIL PROTECTED]:08:24 DEBUG [main] (DefaultHttpParams.java:150) - Set 
> parameter http.method.retry-handler = [EMAIL PROTECTED]
> [EMAIL PROTECTED]:08:24 DEBUG [main] (DefaultHttpParams.java:150) - Set 
> parameter http.dateparser.patterns = [EEE, dd MMM yyyy HH:mm:ss zzz, EEEE, 
> dd-MMM-yy HH:mm:ss zzz, EEE MMM d HH:mm:ss yyyy, EEE, dd-MMM-yyyy HH:mm:ss z, 
> EEE, dd-MMM-yyyy HH-mm-ss z, EEE, dd MMM yy HH:mm:ss z, EEE dd-MMM-yyyy 
> HH:mm:ss z, EEE dd MMM yyyy HH:mm:ss z, EEE dd-MMM-yyyy HH-mm-ss z, EEE 
> dd-MMM-yy HH:mm:ss z, EEE dd MMM yy HH:mm:ss z, EEE,dd-MMM-yy HH:mm:ss z, 
> EEE,dd-MMM-yyyy HH:mm:ss z, EEE, dd-MM-yyyy HH:mm:ss z]
> [EMAIL PROTECTED]:08:24 DEBUG [main] (DefaultHttpParams.java:150) - Set 
> parameter http.socket.timeout = 60000
> [EMAIL PROTECTED]:08:24 DEBUG [main] (DefaultHttpParams.java:150) - Set 
> parameter http.connection.timeout = 60000
> [EMAIL PROTECTED]:08:24 DEBUG [main] (DefaultHttpParams.java:150) - Set 
> parameter http.socket.timeout = 30000
> [EMAIL PROTECTED]:08:24 DEBUG [main] (DefaultHttpParams.java:150) - Set 
> parameter http.authentication.preemptive = true
> [EMAIL PROTECTED]:08:24 DEBUG [main] (DefaultHttpParams.java:150) - Set 
> parameter http.authentication.credential-provider = [EMAIL PROTECTED]
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpMethodDirector.java:160) - 
> Preemptively sending default basic credentials
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpMethodDirector.java:277) - 
> Authenticating with BASIC <any realm>@spweb.mycompany.com:80
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpMethodParams.java:355) - Credential 
> charset not configured, using HTTP element charset
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpConnection.java:691) - Open 
> connection to spweb.mycompany.com:80
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "POST 
> /sites/corpweb/_vti_bin/UserProfileService.asmx HTTP/1.1[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpMethodBase.java:1235) - Adding Host 
> request header
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "SOAPAction: 
> http://microsoft.com/webservices/SharePointPortalServer/UserProfileService/GetUserProfileByIndex[\r][\n]";
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "User-Agent: 
> Axis2[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "Authorization: 
> Basic c3BfY3Jhd2xlcjpGYTExYmFjaw==[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "Host: 
> spweb.mycompany.com[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "Transfer-Encoding: 
> chunked[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "Content-Type: 
> text/xml; charset=UTF-8[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "15a[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:83) - >> "<?xml version='1.0' 
> encoding='UTF-8'?><soapenv:Envelope 
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";><soapenv:Header 
> /><soapenv:Body><ns1:GetUserProfileByIndex 
> xmlns:ns1="http://microsoft.com/webservices/SharePointPortalServer/UserProfileService";><ns1:index>0</ns1:index></ns1:GetUserProfileByIndex></soapenv:Body></soapenv:Envelope>"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:83) - >> "0"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (EntityEnclosingMethod.java:504) - 
> Request body sent
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "HTTP/1.1 401 
> Unauthorized[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "Date: Fri, 25 Aug 
> 2006 21:08:24 GMT[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "Content-Length: 
> 1656[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "Content-Type: 
> text/html[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "Server: 
> Microsoft-IIS/6.0[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "WWW-Authenticate: 
> NTLM[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "X-Powered-By: 
> ASP.NET[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << 
> "MicrosoftSharePointTeamServices: 6.0.2.6417[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpMethodDirector.java:840) - 
> Authorization required
> [EMAIL PROTECTED]:08:24 DEBUG [main] (AuthChallengeProcessor.java:89) - 
> Supported authentication schemes in the order of preference: [ntlm, digest, 
> basic]
> [EMAIL PROTECTED]:08:24  INFO [main] (AuthChallengeProcessor.java:100) - ntlm 
> authentication scheme selected
> [EMAIL PROTECTED]:08:24 DEBUG [main] (AuthChallengeProcessor.java:154) - 
> Using authentication scheme: ntlm
> [EMAIL PROTECTED]:08:24 DEBUG [main] (AuthChallengeProcessor.java:162) - 
> Authorization challenge processed
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpMethodDirector.java:709) - 
> Authentication scope: NTLM <any realm>@spweb.mycompany.com:80
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpMethodDirector.java:193) - Retry 
> authentication
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<!DOCTYPE HTML 
> PUBLIC "-//W3C//DTD HTML 4.01//EN" 
> "http://www.w3.org/TR/html4/strict.dtd";>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << 
> "<HTML><HEAD><TITLE>You are not authorized to view this page</TITLE>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<META 
> HTTP-EQUIV="Content-Type" Content="text/html; charset=Windows-1252">[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<STYLE 
> type="text/css">[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "  BODY { font: 
> 8pt/12pt verdana }[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "  H1 { font: 
> 13pt/15pt verdana }[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "  H2 { font: 
> 8pt/12pt verdana }[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "  A:link { color: 
> red }[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "  A:visited { 
> color: maroon }[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "</STYLE>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "</HEAD><BODY><TABLE 
> width=500 border=0 cellspacing=10><TR><TD>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<h1>You are not 
> authorized to view this page</h1>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "You do not have 
> permission to view this directory or page using the credentials that you 
> supplied because your Web browser is sending a WWW-Authenticate header field 
> that the Web server is not configured to accept.[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<hr>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<p>Please try the 
> following:</p>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<ul>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<li>Contact the Web 
> site administrator if you believe you should be able to view this directory 
> or page.</li>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:83) - << "<li>Click the <a 
> href="javascript:location.reload()">Refresh</a> button to try again with 
> different cred"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << 
> "entials.</li>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "</ul>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<h2>HTTP Error 
> 401.2 - Unauthorized: Access is denied due to server 
> configuration.<br>Internet Information Services (IIS)</h2>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<hr>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<p>Technical 
> Information (for support personnel)</p>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<ul>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<li>Go to <a 
> href="http://go.microsoft.com/fwlink/?linkid=8180";>Microsoft Product Support 
> Services</a> and perform a title search for the words <b>HTTP</b> and 
> <b>401</b>.</li>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<li>Open <b>IIS 
> Help</b>, which is accessible in IIS Manager (inetmgr),[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << " and search for 
> topics titled <b>About Security</b>, <b>Authentication</b>, and <b>About 
> Custom Error Messages</b>.</li>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "</ul>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << 
> "</TD></TR></TABLE></BODY></HTML>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpMethodBase.java:921) - Resorting to 
> protocol version default close connection policy
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpMethodBase.java:925) - Should NOT 
> close connection, using HTTP/1.1
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpConnection.java:1175) - Connection 
> is locked.  Call to releaseConnection() ignored.
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpMethodDirector.java:277) - 
> Authenticating with NTLM <any realm>@spweb.mycompany.com:80
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpMethodParams.java:355) - Credential 
> charset not configured, using HTTP element charset
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "POST 
> /sites/corpweb/_vti_bin/UserProfileService.asmx HTTP/1.1[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpMethodBase.java:1235) - Adding Host 
> request header
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "SOAPAction: 
> http://microsoft.com/webservices/SharePointPortalServer/UserProfileService/GetUserProfileByIndex[\r][\n]";
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "User-Agent: 
> Axis2[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "Transfer-Encoding: 
> chunked[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "Content-Type: 
> text/xml; charset=UTF-8[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "Authorization: NTLM 
> TlRMTVNTUAABAAAABlIAAAgACAAwAAAAEAAQACAAAABTUFdFQi5NSUNST04uQ09NV0lOTlRET00=[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "Host: 
> spweb.mycompany.com[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "15a[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:83) - >> "<?xml version='1.0' 
> encoding='UTF-8'?><soapenv:Envelope 
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";><soapenv:Header 
> /><soapenv:Body><ns1:GetUserProfileByIndex 
> xmlns:ns1="http://microsoft.com/webservices/SharePointPortalServer/UserProfileService";><ns1:index>0</ns1:index></ns1:GetUserProfileByIndex></soapenv:Body></soapenv:Envelope>"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:83) - >> "0"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (EntityEnclosingMethod.java:504) - 
> Request body sent
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "HTTP/1.1 401 
> Unauthorized[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "Date: Fri, 25 Aug 
> 2006 21:08:24 GMT[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "Content-Length: 
> 1539[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "Content-Type: 
> text/html[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "Server: 
> Microsoft-IIS/6.0[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "WWW-Authenticate: 
> NTLM 
> TlRMTVNTUAACAAAACAAIADgAAAAGAoECukXFw2EYshQAAAAAAAAAAIoAigBAAAAABQLODgAAAA9XSU5OVERPTQIAEABXAEkATgBOAFQARABPAE0AAQAMAE4AVABTAFAAUwAxAAQAGgBuAGEALgBtAGkAYwByAG8AbgAuAGMAbwBtAAMAIgBuAHQAcwBwAHMAMQAuAG0AaQBjAHIAbwBuAC4AYwBvAG0ABQAaAG4AYQAuAG0AaQBjAHIAbwBuAC4AYwBvAG0AAAAAAA==[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "X-Powered-By: 
> ASP.NET[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << 
> "MicrosoftSharePointTeamServices: 6.0.2.6417[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpMethodDirector.java:840) - 
> Authorization required
> [EMAIL PROTECTED]:08:24 DEBUG [main] (AuthChallengeProcessor.java:154) - 
> Using authentication scheme: ntlm
> [EMAIL PROTECTED]:08:24 DEBUG [main] (AuthChallengeProcessor.java:162) - 
> Authorization challenge processed
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpMethodDirector.java:709) - 
> Authentication scope: NTLM <any realm>@spweb.mycompany.com:80
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpMethodDirector.java:193) - Retry 
> authentication
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<!DOCTYPE HTML 
> PUBLIC "-//W3C//DTD HTML 4.01//EN" 
> "http://www.w3.org/TR/html4/strict.dtd";>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << 
> "<HTML><HEAD><TITLE>You are not authorized to view this page</TITLE>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<META 
> HTTP-EQUIV="Content-Type" Content="text/html; charset=Windows-1252">[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<STYLE 
> type="text/css">[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "  BODY { font: 
> 8pt/12pt verdana }[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "  H1 { font: 
> 13pt/15pt verdana }[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "  H2 { font: 
> 8pt/12pt verdana }[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "  A:link { color: 
> red }[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "  A:visited { 
> color: maroon }[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "</STYLE>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "</HEAD><BODY><TABLE 
> width=500 border=0 cellspacing=10><TR><TD>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<h1>You are not 
> authorized to view this page</h1>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "You do not have 
> permission to view this directory or page using the credentials that you 
> supplied.[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<hr>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<p>Please try the 
> following:</p>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<ul>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<li>Contact the Web 
> site administrator if you believe you should be able to view this directory 
> or page.</li>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<li>Click the <a 
> href="javascript:location.reload()">Refresh</a> button to try again with 
> different credentials.</li>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "</ul>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:83) - << "<h2>HTTP Error 
> 401.1 - Unauthorized: Access is denied due to invalid 
> credentials.<br>Internet "
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "Information 
> Services (IIS)</h2>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<hr>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<p>Technical 
> Information (for support personnel)</p>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<ul>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<li>Go to <a 
> href="http://go.microsoft.com/fwlink/?linkid=8180";>Microsoft Product Support 
> Services</a> and perform a title search for the words <b>HTTP</b> and 
> <b>401</b>.</li>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "<li>Open <b>IIS 
> Help</b>, which is accessible in IIS Manager (inetmgr),[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << " and search for 
> topics titled <b>Authentication</b>, <b>Access Control</b>, and <b>About 
> Custom Error Messages</b>.</li>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "</ul>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << "[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - << 
> "</TD></TR></TABLE></BODY></HTML>[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpMethodBase.java:921) - Resorting to 
> protocol version default close connection policy
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpMethodBase.java:925) - Should NOT 
> close connection, using HTTP/1.1
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpConnection.java:1175) - Connection 
> is locked.  Call to releaseConnection() ignored.
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpMethodDirector.java:277) - 
> Authenticating with NTLM <any realm>@spweb.mycompany.com:80
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpMethodParams.java:355) - Credential 
> charset not configured, using HTTP element charset
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "POST 
> /sites/corpweb/_vti_bin/UserProfileService.asmx HTTP/1.1[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (HttpMethodBase.java:1235) - Adding Host 
> request header
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "SOAPAction: 
> http://microsoft.com/webservices/SharePointPortalServer/UserProfileService/GetUserProfileByIndex[\r][\n]";
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "User-Agent: 
> Axis2[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "Transfer-Encoding: 
> chunked[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "Content-Type: 
> text/xml; charset=UTF-8[\r][\n]"
> [EMAIL PROTECTED]:08:24 DEBUG [main] (Wire.java:69) - >> "Authorization: NTLM 
> TlRMTVNTUAADAAAAGAAYAGIAAAAAAAAAegAAAAgACABAAAAACgAKAEgAAAAQABAAUgAAAAAAAAB6AAAABlIAAFdJTk5URE9NU1BfQ1JBV0xFUlNQV0VCLk1JQ1JPTi5DT002VzHvvpNN+u0ZUA1AJK4mTRg6+aWfDgI=[\r][\n]"

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[jira] Assigned: (AXIS2-1081) Basic Authentication should not be tried before NTLM authentication

Reply via email to