Michael Wagner created HTTPCLIENT-2086:
------------------------------------------
Summary: NTLM Message parse Error
Key: HTTPCLIENT-2086
URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2086
Project: HttpComponents HttpClient
Issue Type: Bug
Components: HttpCache
Affects Versions: 5.0
Reporter: Michael Wagner
My Authentication endpoint returns an NTLM Message header like this:
{code}
"Authorization: NTLM TlRM....AAACgAAAAFASgKAAAADw==[\r][\n]"
{code}
Upon reading this header with {{AuthChallengeParser}} hc parses this field
using the code in [line
70|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L70]:
{code}
if (!cursor.atEnd() && buffer.charAt(cursor.getPos()) == EQUAL_CHAR) {
cursor.updatePos(cursor.getPos() + 1);
final String value = tokenParser.parseValue(buffer, cursor,
DELIMITER);
return new BasicNameValuePair(token, value);
}
{code}
When reading the first "=" char of the message, it interprets the value as a
key-value pair. The first part of the NTLM message being the key and the second
"=" the value. Later an AuthChallenge is later created with
```
new AuthChallenge(challengeType, schemeName, null, params.size() > 0 ? params :
null);
```
where {{value}} is null and params a list containing the NTLM message without
the equals signs.
Without the "==" the next auth step fails.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
