[
https://issues.apache.org/jira/browse/HTTPCLIENT-1662?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14599611#comment-14599611
]
Oleg Kalnichevski commented on HTTPCLIENT-1662:
-----------------------------------------------
[[email protected]] et al: We no longer need to maintain backward
compatibility in trunk (5.0 branch). Please feel free to change NTCredential
(or any other class for that matter) as you deem best. We might (or might not)
later back-port the changes to a stable feature branch.
I am currently re-visiting and rewriting authentication APIs in the trunk. One
thing I intend to do is to make Credentials optional for non RFC 2617 schemes
that rely on credentials more complex than a trivial username / password pair.
At this point we are in position to change about anything in trunk.
Oleg
> NTLM auth failed because NTLMEngineImpl strip domain to base domain name
> ------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1662
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1662
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpAuth
> Affects Versions: 4.5
> Environment: HttpClient 4.3, 4.5
> A http site with NTLM auth
> A domain which Netbios name is not match domain name(e.g.
> domain=mydomain.com; netbios name= testdomain)
> Reporter: Colin
> Assignee: Karl Wright
> Attachments: HTTPCLIENT-1662.patch
>
>
> When generate type 3 message, we change the domain name to base domain name:
> {code}
> // Use only the base domain name!
> final String unqualifiedDomain = convertDomain(domain);
> {code}
> {code}
> /** Strip dot suffix from a name */
> private static String stripDotSuffix(final String value) {
> if (value == null) {
> return null;
> }
> final int index = value.indexOf(".");
> if (index != -1) {
> return value.substring(0, index);
> }
> return value;
> }
> /** Convert domain to standard form */
> private static String convertDomain(final String domain) {
> return stripDotSuffix(domain);
> }
> {code}
> I got http 401 in my environment with correct credential and found the root
> cause is those code got wrong domain name so the domain controller return a
> NTLM sub status code 0xC0000064, which means " The username you typed does
> not exist!"
> The Netbios name of a domain is the "Pre Windows 2000 name" of the domain.
> Is there any issue to use full domain name?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
