[
https://issues.apache.org/jira/browse/HTTPCLIENT-1834?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15932501#comment-15932501
]
Karl Wright commented on HTTPCLIENT-1834:
-----------------------------------------
[~olegk]: One other thing I noticed, in both NTLMEngineImpl.Type1Message and
Type3Message:
{code}
// Strip off domain name from the host!
final String unqualifiedHost = convertHost(host);
// Use only the base domain name!
final String unqualifiedDomain = convertDomain(domain);
{code}
The code that this replaced had changed to say something like:
{code}
// Everything done now in NTCredentials
final String unqualifiedHost = host;
final String unqualifiedDomain = domain;
{code}
I don't think it is *harmful* to leave the dot suffix stripping in here but I
wanted to let you know about this, since it is possible that the CredSsp class
might not work properly if NTCredentials does this manipulation on user and
domain before CredSsp has a crack at it. I suspect you're going to need to
roll out whatever change was made to NTCredentials in the 5.0 branch.
Thanks!
> Clean up NTLM implementation and add CredSsp support
> ----------------------------------------------------
>
> Key: HTTPCLIENT-1834
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1834
> Project: HttpComponents HttpClient
> Issue Type: Improvement
> Reporter: Karl Wright
> Assignee: Karl Wright
> Fix For: 4.5.4, 4.6 Alpha1, 5.0 Alpha2
>
>
> The NTLM implementation has some oddities that we need to fix (flag handling,
> for instance), and we also have a contribution of a CredSsp implementation on
> top of that (github pull request 66).
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
