[
https://issues.apache.org/jira/browse/HTTPCLIENT-2086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17148657#comment-17148657
]
Eric Kerwin commented on HTTPCLIENT-2086:
-----------------------------------------
Still getting errors. The parser DOES now get invoked twice, once with "NTLM"
as the buffer and a second time with "NTLM
TlRMTVNTUAACAAAAAAAAADgAAAABggiin2c+jmXtqkAAAAAAAAAAAAAAAAA4AAAABgEAAAAAAA8="
as the buffer.
This second invocation results in this state:
{noformat}
authChallenges = {ArrayList@1983} size = 1
0 = {AuthChallenge@2024} "NTLM
[TlRMTVNTUAACAAAAAAAAADgAAAABggiin2c+jmXtqkAAAAAAAAAAAAAAAAA4AAAABgEAAAAAAA8=]"
challengeType = {ChallengeType@1930} "PROXY"
schemeName = "NTLM"
value = null
params = {Collections$UnmodifiableRandomAccessList@2026} size = 1
0 = {BasicNameValuePair@2028}
"TlRMTVNTUAACAAAAAAAAADgAAAABggiin2c+jmXtqkAAAAAAAAAAAAAAAAA4AAAABgEAAAAAAA8="
name =
"TlRMTVNTUAACAAAAAAAAADgAAAABggiin2c+jmXtqkAAAAAAAAAAAAAAAAA4AAAABgEAAAAAAA8"
value = ""{noformat}
This AuthChallenge gets passed down to the NTLMScheme, which has this:
{code:java}
this.challenge = authChallenge.getValue();
if (this.challenge == null || this.challenge.isEmpty()) {
if (this.state == State.UNINITIATED) {
this.state = State.CHALLENGE_RECEIVED;
} else {
this.state = State.FAILED;
}
{code}
which, because value is null, results in State.FAILED.
> NTLM Message parse Error
> ------------------------
>
> Key: HTTPCLIENT-2086
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2086
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Affects Versions: 5.0
> Reporter: Michael Wagner
> Priority: Minor
> Fix For: 5.0.2
>
> Attachments: ntlm 407 log and stacktrace.txt, screenshot-1.png
>
> Time Spent: 1h 10m
> Remaining Estimate: 0h
>
> My Authentication endpoint returns an NTLM Message header like this:
> {code}
> "WWW-Authenticate: NTLM
> TlRMTVNTUAACAAAABgAGADgAAAAF.....QByAGcALgBkAGUABwAIAMG9LHviQtYBAAAAAA=="
> {code}
> Upon reading this header with {{AuthChallengeParser}} hc parses this field
> using the code in [line
> 70|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L70]:
> {code}
> if (!cursor.atEnd() && buffer.charAt(cursor.getPos()) == EQUAL_CHAR) {
> cursor.updatePos(cursor.getPos() + 1);
> final String value = tokenParser.parseValue(buffer, cursor,
> DELIMITER);
> return new BasicNameValuePair(token, value);
> }
> {code}
> When reading the first "=" char of the message, it interprets the value as a
> key-value pair. The first part of the NTLM message being the key and the
> second "=" the value.
> [Later|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L126]
> an AuthChallenge is later created with
> {code}
> new AuthChallenge(challengeType, schemeName, null, params.size() > 0 ? params
> : null);
> {code}
> where {{value}} is null and params a list containing the NTLM message without
> the equals signs.
> Without the "==" the next auth step fails.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
