On Wed, May 06, 2009 at 09:36:30AM -0700, yoga p wrote: > Hi, > > We are using HttpClient (commons-httpclient-3.0-rc2.jar) for NTLM > Authentication and currently facing issues when the following security > settings in Windows Server 2003 or (win xp) is enabled: > Control Panel -> Administrative Tools -> Domain Security Policy -> Local > Policies -> Security Options -> Network security: Do not store LAN Manager > Hash value on next password change. > Click Enabled and then click OK. > After setting this property, NTLM authentication fails with following error: > > HTTP Error 401.1 - Unauthorized: Access is denied due to invalid > credentials. > Has anyone faced similar issue? If so, is there any possible work around > other than disabling above setting? > Also, does it mean that httpclient not supporting NTLM v1? > In the authentication guide of httpclient ( > http://hc.apache.org/httpclient-3.x/authentication.html), under known > limitations and problems, it is mentioned that "HttpClient provides limited > support for what is known as NTLMv1, the early version of the NTLM > protocol." Does anybody know what is the early version of the NTLM protocol? > Thanks in advance. > > Mr. Yoga
Your only option is upgrading to HttpClient 4.0 and following this guide: http://hc.apache.org/httpcomponents-client/ntlm.html Oleg --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
