[
https://issues.apache.org/jira/browse/HTTPCLIENT-1624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14340672#comment-14340672
]
Karl Wright commented on HTTPCLIENT-1624:
-----------------------------------------
Hi Jason,
There are a couple of different modes you can operate your Windows server in.
When you say you've tested Windows 7 and Windows 8, I am not sure what you mean
by that. Specifically, what I think you would need to do is to read articles
like this one:
http://www.nbtnet.newboundary.com/support/docs/ppm/ppm/troubleshooting/tasks/ppm0114.htm
... and alter the configuration accordingly, to see how NTLM behaves. So this
is what I recommend:
(1) First, in the absence of any of your custom changes, try modifying a
server's configuration to cover all different variants, e.g. NTLMv1, NTLMv2,
and NTLM 2 Session Response. Use wireshark to be sure the NTLM exchange is
working as expected, and that all three modes are being exercised. Record the
Type 1 and Type 2 message flags from each configuration for later analysis.
(2) Now, make your custom changes, and repeat the process. Some of the Type 2
flags will change, and some of the protocol exchanges will fail to work.
Record the new flags and whether the authentication succeeded or not.
(3) Attach a matrix to this ticket with the following columns:
"Current/modified", "Type 1 flags", "Type 2 flags", "Success/failure" . From
that maybe we can figure out how to change the logic.
Thanks!
> NTLMresp in type3message is being generated wrong when using
> NEGOTIATE_NTLM2_KEY
> --------------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1624
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1624
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpAuth
> Affects Versions: 4.3.6, 4.4 Final
> Environment: Running from a linux box, connecting to a windows 7
> machine.
> Reporter: Jason Forand
> Assignee: Karl Wright
> Attachments: wireshark_400.pcapng
>
>
> When connecting to a windows host using NTLM authentication, if the windows
> host passes back the
> NEGOTIATE_UNICODE
> REQUEST_TARGET
> NEGOTIATE_SIGN
> NEGOTIATE_SEAL
> NEGOTITATE_LAN_MANAGER_KEY
> NEGOTIATE_NTLM
> NEGOTIATE_ALWAYS_SIGN
> TARGET_TYPE_DOMAIN
> NEGOTIATE_NTLM2_KEY
> NEGOTIATE_TARGET_INFO
> UNKNOWN_4
> NEGOTIATE_128
> NEGOTIATE_KEY_EXCHANGE
> NEGOTIATE_56
> flags, (in this case the offending flag is NEGOTIATE_NTLM2_KEY) the type3
> message is generating an ntresp using
> http://davenport.sourceforge.net/ntlm.html#theNtlmv2Response when it should
> be generating according to
> http://davenport.sourceforge.net/ntlm.html#theNtlm2SessionResponse
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
