Hi, We are using HttpClient (commons-httpclient-3.0-rc2.jar) for NTLM Authentication and currently facing issues when the following security settings in Windows Server 2003 or (win xp) is enabled: Control Panel -> Administrative Tools -> Domain Security Policy -> Local Policies -> Security Options -> Network security: Do not store LAN Manager Hash value on next password change. Click Enabled and then click OK. After setting this property, NTLM authentication fails with following error:
HTTP Error 401.1 - Unauthorized: Access is denied due to invalid credentials. Has anyone faced similar issue? If so, is there any possible work around other than disabling above setting? Also, does it mean that httpclient not supporting NTLM v1? In the authentication guide of httpclient ( http://hc.apache.org/httpclient-3.x/authentication.html), under known limitations and problems, it is mentioned that "HttpClient provides limited support for what is known as NTLMv1, the early version of the NTLM protocol." Does anybody know what is the early version of the NTLM protocol? Thanks in advance. Mr. Yoga
