[
https://issues.apache.org/jira/browse/HTTPCLIENT-1662?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14599171#comment-14599171
]
Colin commented on HTTPCLIENT-1662:
-----------------------------------
Hi [[email protected]] ,
Thanks.
Do you mean, it's standard mapping to convert domain company.com to standard
one "company"?
Yes, the domain and workstation come from ntcredentials and in Type3Message
constructor, the domain converted to "base domain name":
{code}
/** Constructor. Pass the arguments we will need */
Type3Message(final String domain, final String host, final String user,
final String password, final byte[] nonce,
final int type2Flags, final String target, final byte[]
targetInformation)
throws NTLMEngineException {
// Save the flags
this.type2Flags = type2Flags;
// Strip off domain name from the host!
final String unqualifiedHost = convertHost(host);
// Use only the base domain name!
final String unqualifiedDomain =
convertDomain(domain);//<<=========here
{code}
> NTLM auth failed because NTLMEngineImpl strip domain to base domain name
> ------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1662
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1662
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpAuth
> Affects Versions: 4.5
> Environment: HttpClient 4.3, 4.5
> A http site with NTLM auth
> A domain which Netbios name is not match domain name(e.g.
> domain=mydomain.com; netbios name= testdomain)
> Reporter: Colin
> Assignee: Karl Wright
>
> When generate type 3 message, we change the domain name to base domain name:
> {code}
> // Use only the base domain name!
> final String unqualifiedDomain = convertDomain(domain);
> {code}
> {code}
> /** Strip dot suffix from a name */
> private static String stripDotSuffix(final String value) {
> if (value == null) {
> return null;
> }
> final int index = value.indexOf(".");
> if (index != -1) {
> return value.substring(0, index);
> }
> return value;
> }
> /** Convert domain to standard form */
> private static String convertDomain(final String domain) {
> return stripDotSuffix(domain);
> }
> {code}
> I got http 401 in my environment with correct credential and found the root
> cause is those code got wrong domain name so the domain controller return a
> NTLM sub status code 0xC0000064, which means " The username you typed does
> not exist!"
> The Netbios name of a domain is the "Pre Windows 2000 name" of the domain.
> Is there any issue to use full domain name?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
