I must say that I hadn't wanted to say anything negative about that code in my original post(s), but now that you've asked:
The code now in your 4.1 distribution appears to be minimally (if at all) unchanged from some code that I came across during a Google search for better supporting NTLM within HttpClient way before I ever upgraded to 4.x. I looked at that code in depth sometime last year and concluded that there were just too many problems with it. Without going into technical details, which I have certainly mostly forgotten by now anyway, that code seemed to have been written by reverse engineering and guessing about NTLM some time before Microsoft (finally) publicly released the NTLM specification. It may have worked at one time for some specific combination of Windows parameters and options but it was too far away from working for the general cases that I needed. You see, unlike many NTLM client-side users that are just trying to authenticate against a specific Windows server, I need to work with just about any combo of Windows OS versions, service packs, registry settings, installed apps, etc. So I abandoned that effort and when I recognized the same code inside HttpClient, I was not hopeful. It was as I was looking for alternatives that I asked the questions that you answered for me last month leading me straight to this approach that is working great for us today. Seems to me that there is still no "open source" solution that is ready to drop into the HttpClient distribution. I believe that the correct approach is indeed JCIFS and that your restoring and updating the web page is the best solution. If I were "forced" to write some NTLM code without licensing issues for HttpClient it would end up looking much too uncomfortably close to JCIFS. I truly hope that I have offended no one. -----Original Message----- From: Oleg Kalnichevski [mailto:[email protected]] Sent: Thursday, April 21, 2011 12:23 PM To: HttpClient User Discussion Subject: Re: Full NTLMv2 Support Achieved Easily (Was: NTLM authentication with a UPN instead of domain and user name) ... PS: Would you be by any change willing to take a look at the default NTLM engine distributed with HttpClient and see what may be wrong there? It'd be a great contribution to all users of HttpClient.
