Lee, Please see this bug report:
http://issues.apache.org/bugzilla/show_bug.cgi?id=34909 Currently we do not know whether this is a problem with Microsoft's implementation of the Digest MD5-sess or that of HttpClient Oleg On Mon, May 16, 2005 at 04:09:42PM -0400, Lee Whitaker wrote: > I am having troubles authenticating against a Microsoft ISA Proxy set only > to use Digest Authentication. All other forms of authentication have been > disabled on the Proxy (Basic, NTLM). Basic and NTLM work when enabled > (individually and simultaneously) on the Proxy using the same code. I've > included the code and a wire log below. Help/Suggestions are appreciated. > > Thanks, Lee. > > ##################################### > String hostAddress = 172.16.7.201; > int hostPort = 443; > String protocol = "https"; > > String clientHostName = "testClient"; > String proxyPass = "testPass"; > String proxyDomain = "testdomain.local"; String proxyUser = "testuser"; > > > String proxyAddress = 192.168.100.222; > int proxyPort = 8080; > > > PostMethod method = new PostMethod("/test/page"); > method.setDoAuthentication(true); try{ > String payload = "Payload"; > method.setRequestEntity(new StringRequestEntity(payload)); > > //Setup Client > //-------------------------------------------------- > > HttpClient client = new HttpClient; > client.getHttpConnectionManager().getParams().setConnectionTimeout(45 * > 1000); > client.getHostConfiguration().setHost(hostAddress,hostPort, protocol); > client.getHostConfiguration().setProxy(proxyAddress, proxyPort); > > NTCredentials creds = new NTCredentials(proxyUser, > proxyPass, > clientHostName, > proxyDomain); > > AuthScope scope = new AuthScope(proxyAddress, > proxyPort, > AuthScope.ANY_REALM); > > client.getState().setProxyCredentials(scope, creds); > > //-------------------------------------------------- > > int statusCode = 0; > try { > statusCode = client.executeMethod(method); > } catch(IOException e) {...} > > String serverResponse = method.getResponseBodyAsString(); > > } catch (Exception e) {...} > finally { > // close streams and sockets > if(method != null) { > method.releaseConnection(); > } > else {...} > } > ##################################### > > DEBUG [13 May 20:38:53] - enter PostMethod.clearRequestBody() DEBUG [13 May > 20:38:53] - enter EntityEnclosingMethod.clearRequestBody() > DEBUG [13 May 20:38:53] - Set parameter http.connection.timeout = 45000 > DEBUG [13 May 20:38:53] - enter HttpState.setProxyCredentials(AuthScope, > Credentials) > DEBUG [13 May 20:38:53] - enter HttpClient.executeMethod(HttpMethod) > DEBUG [13 May 20:38:53] - enter > HttpClient.executeMethod(HostConfiguration,HttpMethod,HttpState) > DEBUG [13 May 20:38:53] - Attempt number 1 to process request DEBUG [13 May > 20:38:53] - enter HttpConnection.open() DEBUG [13 May 20:38:53] - Open > connection to 192.168.100.222:8080 DEBUG [13 May 20:38:53] - enter > ConnectMethod() DEBUG [13 May 20:38:53] - Attempt number 1 to process > request DEBUG [13 May 20:38:54] - enter ConnectMethod.execute(HttpState, > HttpConnection) > DEBUG [13 May 20:38:54] - enter HttpMethodBase.execute(HttpState, > HttpConnection) > DEBUG [13 May 20:38:54] - enter HttpMethodBase.writeRequest(HttpState, > HttpConnection) > DEBUG [13 May 20:38:54] - enter HttpConnection.printLine(String) DEBUG [13 > May 20:38:54] - enter HttpConnection.writeLine(byte[]) DEBUG [13 May > 20:38:54] - enter HttpConnection.write(byte[]) DEBUG [13 May 20:38:54] - > enter HttpConnection.write(byte[], int, int) DEBUG [13 May 20:38:54] - enter > HttpConnection.writeLine() DEBUG [13 May 20:38:54] - enter > HttpConnection.write(byte[]) DEBUG [13 May 20:38:54] - enter > HttpConnection.write(byte[], int, int) DEBUG [13 May 20:38:54] - >> "CONNECT > 172.16.7.201:443 HTTP/1.1" > DEBUG [13 May 20:38:54] - enter > HttpMethodBase.writeRequestHeaders(HttpState,HttpConnection) > DEBUG [13 May 20:38:54] - enter > ConnectMethod.addRequestHeaders(HttpState, HttpConnection) DEBUG [13 May > 20:38:54] - enter HttpMethodBase.addUserAgentRequestHeaders(HttpState, > HttpConnection) DEBUG [13 May 20:38:54] - enter > HttpMethodBase.addHostRequestHeader(HttpState, HttpConnection) DEBUG [13 May > 20:38:54] - Adding Host request header DEBUG [13 May 20:38:54] - enter > HttpMethodBase.addProxyConnectionHeader(HttpState, HttpConnection) DEBUG [13 > May 20:38:54] - >> "User-Agent: Jakarta Commons-HttpClient/3.0-rc1[\r][\n]" > DEBUG [13 May 20:38:54] - enter HttpConnection.print(String) DEBUG [13 May > 20:38:54] - enter HttpConnection.write(byte[]) DEBUG [13 May 20:38:54] - > enter HttpConnection.write(byte[], int, int) DEBUG [13 May 20:38:54] - >> > "Host: 172.16.7.201[\r][\n]" > DEBUG [13 May 20:38:54] - enter HttpConnection.print(String) DEBUG [13 May > 20:38:54] - enter HttpConnection.write(byte[]) DEBUG [13 May 20:38:54] - > enter HttpConnection.write(byte[], int, int) DEBUG [13 May 20:38:54] - >> > "Proxy-Connection: Keep-Alive[\r][\n]" > DEBUG [13 May 20:38:54] - enter HttpConnection.print(String) DEBUG [13 May > 20:38:54] - enter HttpConnection.write(byte[]) DEBUG [13 May 20:38:54] - > enter HttpConnection.write(byte[], int, int) DEBUG [13 May 20:38:54] - enter > HttpConnection.writeLine() DEBUG [13 May 20:38:54] - enter > HttpConnection.write(byte[]) DEBUG [13 May 20:38:54] - enter > HttpConnection.write(byte[], int, int) DEBUG [13 May 20:38:54] - enter > HttpConnection.flushRequestOutputStream() > DEBUG [13 May 20:38:54] - >> "[\r][\n]" > DEBUG [13 May 20:38:54] - enter > HttpConnection.flushRequestOutputStream() > DEBUG [13 May 20:38:54] - enter HttpMethodBase.readResponse(HttpState, > HttpConnection) > DEBUG [13 May 20:38:54] - enter HttpMethodBase.readStatusLine(HttpState, > HttpConnection) > DEBUG [13 May 20:38:54] - enter HttpConnection.readLine() DEBUG [13 May > 20:38:54] - enter HttpParser.readLine(InputStream, String) DEBUG [13 May > 20:38:54] - enter HttpParser.readRawLine() DEBUG [13 May 20:38:54] - << > "HTTP/1.1 407 Proxy Authentication Required ( The ISA Server requires > authorization to fulfill the request. Access to the Web Proxy service is > denied. )[\r][\n]" > DEBUG [13 May 20:38:54] - enter > HttpMethodBase.readResponseHeaders(HttpState,HttpConnection) > DEBUG [13 May 20:38:54] - enter HttpConnection.getResponseInputStream() > DEBUG [13 May 20:38:54] - enter HeaderParser.parseHeaders(InputStream, > String) > DEBUG [13 May 20:38:54] - enter HttpParser.readLine(InputStream, String) > DEBUG [13 May 20:38:54] - enter HttpParser.readRawLine() DEBUG [13 May > 20:38:54] - enter HttpParser.readLine(InputStream, String) DEBUG [13 May > 20:38:54] - enter HttpParser.readRawLine() DEBUG [13 May 20:38:54] - enter > HttpParser.readLine(InputStream, String) DEBUG [13 May 20:38:54] - enter > HttpParser.readRawLine() DEBUG [13 May 20:38:54] - enter > HttpParser.readLine(InputStream, String) DEBUG [13 May 20:38:54] - enter > HttpParser.readRawLine() DEBUG [13 May 20:38:54] - enter > HttpParser.readLine(InputStream, String) DEBUG [13 May 20:38:54] - enter > HttpParser.readRawLine() DEBUG [13 May 20:38:54] - enter > HttpParser.readLine(InputStream, String) DEBUG [13 May 20:38:54] - enter > HttpParser.readRawLine() DEBUG [13 May 20:38:54] - enter > HttpParser.readLine(InputStream, String) DEBUG [13 May 20:38:54] - enter > HttpParser.readRawLine() DEBUG [13 May 20:38:54] - enter > HttpParser.readLine(InputStream, String) DEBUG [13 May 20:38:54] - enter > HttpParser.readRawLine() DEBUG [13 May 20:38:54] - enter > HttpParser.readLine(InputStream, String) DEBUG [13 May 20:38:54] - enter > HttpParser.readRawLine() DEBUG [13 May 20:38:54] - << "Via: 1.1 > PROXY-SERVER[\r][\n]" > DEBUG [13 May 20:38:54] - << "Proxy-Authenticate: Digest > qop="auth",algorithm=MD5-sess,nonce="6a6148defe57c50134fbac84f267e48a1683cde > cdc5ba656e86b9459ad2b60e74c2a4073508ff436",opaque="d281644cde479aea06a0785d9 > ef654fe",charset=utf-8,realm="testdomain.local"[\r][\n]" > DEBUG [13 May 20:38:54] - << "Connection: close[\r][\n]" > DEBUG [13 May 20:38:54] - << "Proxy-Connection: close[\r][\n]" > DEBUG [13 May 20:38:54] - << "Pragma: no-cache[\r][\n]" > DEBUG [13 May 20:38:54] - << "Cache-Control: no-cache[\r][\n]" > DEBUG [13 May 20:38:54] - << "Content-Type: text/html[\r][\n]" > DEBUG [13 May 20:38:54] - << "Content-Length: 725[\r][\n]" > DEBUG [13 May 20:38:54] - enter > HttpMethodBase.processResponseHeaders(HttpState, HttpConnection) DEBUG [13 > May 20:38:54] - enter HttpMethodBase.readResponseBody(HttpState, > HttpConnection) DEBUG [13 May 20:38:54] - enter > HttpMethodBase.readResponseBody(HttpConnection) > DEBUG [13 May 20:38:54] - enter HttpConnection.getResponseInputStream() > DEBUG [13 May 20:38:54] - CONNECT status code 407 DEBUG [13 May 20:38:54] - > enter HttpMethodBase.processAuthenticationResponse(HttpState, > HttpConnection) DEBUG [13 May 20:38:56] - Supported authentication schemes > in the order of preference: [ntlm, digest, basic] DEBUG [13 May 20:38:56] - > Challenge for ntlm authentication scheme not available DEBUG [13 May > 20:38:56] - Using authentication scheme: digest DEBUG [13 May 20:38:56] - > enter DigestScheme.createCnonce() DEBUG [13 May 20:38:56] - enter > DigestScheme.encode(byte[]) DEBUG [13 May 20:38:56] - enter > HttpState.getProxyCredentials(AuthScope) > DEBUG [13 May 20:38:56] - Should close connection in response to > directive: close > DEBUG [13 May 20:38:56] - enter HttpConnection.close() DEBUG [13 May > 20:38:56] - enter HttpConnection.closeSockedAndStreams() > DEBUG [13 May 20:38:56] - enter HttpConnection.releaseConnection() > DEBUG [13 May 20:38:56] - Connection is locked. Call to > releaseConnection() ignored. > DEBUG [13 May 20:38:56] - Authenticating with DIGEST > 'testdomain.local'@192.168.100.222:8080 > DEBUG [13 May 20:38:56] - enter HttpState.getProxyCredentials(AuthScope) > DEBUG [13 May 20:38:56] - enter DigestScheme.authenticate(Credentials, > HttpMethod) > DEBUG [13 May 20:38:56] - Credential charset not configured, using HTTP > element charset DEBUG [13 May 20:38:56] - enter > DigestScheme.createDigest(String, String, Map) DEBUG [13 May 20:38:56] - > enter DigestScheme.encode(byte[]) DEBUG [13 May 20:38:56] - enter > DigestScheme.encode(byte[]) DEBUG [13 May 20:38:56] - enter > DigestScheme.encode(byte[]) DEBUG [13 May 20:38:56] - Using qop method auth > DEBUG [13 May 20:38:56] - enter DigestScheme.encode(byte[]) DEBUG [13 May > 20:38:56] - enter DigestScheme.createDigestHeader(String, > Map, String) > DEBUG [13 May 20:38:56] - HttpMethodBase.addRequestHeader(Header) > DEBUG [13 May 20:38:56] - Attempt number 1 to process request DEBUG [13 May > 20:38:56] - enter HttpConnection.open() DEBUG [13 May 20:38:56] - Open > connection to 192.168.100.222:8080 DEBUG [13 May 20:38:56] - enter > ConnectMethod.execute(HttpState, > HttpConnection) > DEBUG [13 May 20:38:56] - enter HttpMethodBase.execute(HttpState, > HttpConnection) > DEBUG [13 May 20:38:56] - enter HttpMethodBase.writeRequest(HttpState, > HttpConnection) > DEBUG [13 May 20:38:56] - enter HttpConnection.printLine(String) DEBUG [13 > May 20:38:56] - enter HttpConnection.writeLine(byte[]) DEBUG [13 May > 20:38:56] - enter HttpConnection.write(byte[]) DEBUG [13 May 20:38:56] - > enter HttpConnection.write(byte[], int, int) DEBUG [13 May 20:38:56] - enter > HttpConnection.writeLine() DEBUG [13 May 20:38:56] - enter > HttpConnection.write(byte[]) DEBUG [13 May 20:38:56] - enter > HttpConnection.write(byte[], int, int) DEBUG [13 May 20:38:56] - >> "CONNECT > 172.16.7.201:443 HTTP/1.1" > DEBUG [13 May 20:38:56] - enter > HttpMethodBase.writeRequestHeaders(HttpState,HttpConnection) > DEBUG [13 May 20:38:56] - enter > ConnectMethod.addRequestHeaders(HttpState, HttpConnection) DEBUG [13 May > 20:38:56] - enter HttpMethodBase.addUserAgentRequestHeaders(HttpState, > HttpConnection) DEBUG [13 May 20:38:56] - enter > HttpMethodBase.addHostRequestHeader(HttpState, HttpConnection) DEBUG [13 May > 20:38:56] - Adding Host request header DEBUG [13 May 20:38:56] - enter > HttpMethodBase.addProxyConnectionHeader(HttpState, HttpConnection) DEBUG [13 > May 20:38:56] - >> "User-Agent: Jakarta Commons-HttpClient/3.0-rc1[\r][\n]" > DEBUG [13 May 20:38:56] - enter HttpConnection.print(String) DEBUG [13 May > 20:38:56] - enter HttpConnection.write(byte[]) DEBUG [13 May 20:38:56] - > enter HttpConnection.write(byte[], int, int) DEBUG [13 May 20:38:56] - >> > "Proxy-Authorization: Digest username="testuser", realm="testdomain.local", > nonce="6a6148defe57c50134fbac84f267e48a1683cdecdc5ba656e86b9459ad2b60e74c2a4 > 073508ff436", uri="/", response="8936387dad2de2602c7e28d67a180f3b", > qop="auth", nc=00000001, cnonce="0703305257785494025f3efd1d2b3d86", > algorithm="MD5-sess", opaque="d281644cde479aea06a0785d9ef654fe"[\r][\n]" > DEBUG [13 May 20:38:56] - enter HttpConnection.print(String) DEBUG [13 May > 20:38:56] - enter HttpConnection.write(byte[]) DEBUG [13 May 20:38:56] - > enter HttpConnection.write(byte[], int, int) DEBUG [13 May 20:38:56] - >> > "Host: 172.16.7.201[\r][\n]" > DEBUG [13 May 20:38:56] - enter HttpConnection.print(String) DEBUG [13 May > 20:38:56] - enter HttpConnection.write(byte[]) DEBUG [13 May 20:38:56] - > enter HttpConnection.write(byte[], int, int) DEBUG [13 May 20:38:56] - >> > "Proxy-Connection: Keep-Alive[\r][\n]" > DEBUG [13 May 20:38:56] - enter HttpConnection.print(String) DEBUG [13 May > 20:38:56] - enter HttpConnection.write(byte[]) DEBUG [13 May 20:38:56] - > enter HttpConnection.write(byte[], int, int) DEBUG [13 May 20:38:56] - enter > HttpConnection.writeLine() DEBUG [13 May 20:38:56] - enter > HttpConnection.write(byte[]) DEBUG [13 May 20:38:56] - enter > HttpConnection.write(byte[], int, int) DEBUG [13 May 20:38:56] - enter > HttpConnection.flushRequestOutputStream() > DEBUG [13 May 20:38:56] - >> "[\r][\n]" > DEBUG [13 May 20:38:56] - enter > HttpConnection.flushRequestOutputStream() > DEBUG [13 May 20:38:56] - enter HttpMethodBase.readResponse(HttpState, > HttpConnection) > DEBUG [13 May 20:38:56] - enter HttpMethodBase.readStatusLine(HttpState, > HttpConnection) > DEBUG [13 May 20:38:56] - enter HttpConnection.readLine() DEBUG [13 May > 20:38:56] - enter HttpParser.readLine(InputStream, String) DEBUG [13 May > 20:38:56] - enter HttpParser.readRawLine() DEBUG [13 May 20:38:56] - << > "HTTP/1.1 407 Proxy Authentication Required ( The ISA Server requires > authorization to fulfill the request. Access to the Web Proxy service is > denied. )[\r][\n]" > DEBUG [13 May 20:38:56] - enter > HttpMethodBase.readResponseHeaders(HttpState,HttpConnection) > DEBUG [13 May 20:38:56] - enter HttpConnection.getResponseInputStream() > DEBUG [13 May 20:38:56] - enter HeaderParser.parseHeaders(InputStream, > String) > DEBUG [13 May 20:38:56] - enter HttpParser.readLine(InputStream, String) > DEBUG [13 May 20:38:56] - enter HttpParser.readRawLine() DEBUG [13 May > 20:38:56] - enter HttpParser.readLine(InputStream, String) DEBUG [13 May > 20:38:56] - enter HttpParser.readRawLine() DEBUG [13 May 20:38:56] - enter > HttpParser.readLine(InputStream, String) DEBUG [13 May 20:38:56] - enter > HttpParser.readRawLine() DEBUG [13 May 20:38:56] - enter > HttpParser.readLine(InputStream, String) DEBUG [13 May 20:38:56] - enter > HttpParser.readRawLine() DEBUG [13 May 20:38:56] - enter > HttpParser.readLine(InputStream, String) DEBUG [13 May 20:38:56] - enter > HttpParser.readRawLine() DEBUG [13 May 20:38:56] - enter > HttpParser.readLine(InputStream, String) DEBUG [13 May 20:38:56] - enter > HttpParser.readRawLine() DEBUG [13 May 20:38:56] - enter > HttpParser.readLine(InputStream, String) DEBUG [13 May 20:38:56] - enter > HttpParser.readRawLine() DEBUG [13 May 20:38:56] - enter > HttpParser.readLine(InputStream, String) DEBUG [13 May 20:38:56] - enter > HttpParser.readRawLine() DEBUG [13 May 20:38:56] - enter > HttpParser.readLine(InputStream, String) DEBUG [13 May 20:38:56] - enter > HttpParser.readRawLine() DEBUG [13 May 20:38:56] - << "Via: 1.1 > PROXY-SERVER[\r][\n]" > DEBUG [13 May 20:38:56] - << "Proxy-Authenticate: Digest > qop="auth",algorithm=MD5-sess,nonce="b0bc91dffe57c501646152801024725a586087e > 59341688773dd79f2f26b03a3e9c2cdd7be112cf9",opaque="2bb47471666668931690649b1 > 0dcefc4",charset=utf-8,realm="testdomain.local"[\r][\n]" > DEBUG [13 May 20:38:56] - << "Connection: close[\r][\n]" > DEBUG [13 May 20:38:56] - << "Proxy-Connection: close[\r][\n]" > DEBUG [13 May 20:38:56] - << "Pragma: no-cache[\r][\n]" > DEBUG [13 May 20:38:56] - << "Cache-Control: no-cache[\r][\n]" > DEBUG [13 May 20:38:56] - << "Content-Type: text/html[\r][\n]" > DEBUG [13 May 20:38:56] - << "Content-Length: 725[\r][\n]" > DEBUG [13 May 20:38:56] - enter > HttpMethodBase.processResponseHeaders(HttpState, HttpConnection) DEBUG [13 > May 20:38:56] - enter HttpMethodBase.readResponseBody(HttpState, > HttpConnection) DEBUG [13 May 20:38:56] - enter > HttpMethodBase.readResponseBody(HttpConnection) > DEBUG [13 May 20:38:56] - enter HttpConnection.getResponseInputStream() > DEBUG [13 May 20:38:56] - CONNECT status code 407 DEBUG [13 May 20:38:56] - > enter HttpMethodBase.processAuthenticationResponse(HttpState, > HttpConnection) DEBUG [13 May 20:38:56] - Using authentication scheme: > digest DEBUG [13 May 20:38:56] - enter DigestScheme.createCnonce() DEBUG [13 > May 20:38:56] - enter DigestScheme.encode(byte[]) DEBUG [13 May 20:38:56] - > CONNECT failed, fake the response for the original method DEBUG [13 May > 20:38:56] - Buffering response body DEBUG [13 May 20:38:56] - Should close > connection in response to > directive: close > DEBUG [13 May 20:38:56] - enter HttpConnection.close() DEBUG [13 May > 20:38:56] - enter HttpConnection.closeSockedAndStreams() > DEBUG [13 May 20:38:56] - enter HttpConnection.releaseConnection() > DEBUG [13 May 20:38:56] - Releasing connection back to connection manager. > DEBUG [13 May 20:38:56] - enter getContentCharSet( Header contentheader > ) > DEBUG [13 May 20:38:56] - enter HeaderElement.parseElements(String) > DEBUG [13 May 20:38:56] - enter HeaderElement.parseElements(char[]) > DEBUG [13 May 20:38:56] - enter HeaderElement.getParameterByName(String) > DEBUG [13 May 20:38:56] - Default charset used: ISO-8859-1 > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
