SPNEGO and NTLMv2

Tue, 05 Jun 2012 03:54:00 -0700 

Hello,
I have a site protected with SPNEGO. The authentication can be performed with both Kerberos and NTLMv2. 


I'm trying to use HttpClient 4.2 to authenticate against this site 
through NTLMv2 but without success so far. Here's my sample code:


        HttpHost targetHost = new HttpHost("172.27.192.171", 8080, "http");

        DefaultHttpClient httpclient = new DefaultHttpClient();

        try {
            httpclient.getCredentialsProvider().setCredentials(

                    new AuthScope(targetHost.getHostName(), 
targetHost.getPort()),
                    new NTCredentials("psaraiva", "psaraiva", 
InetAddress.getLocalHost().getHostName(), "DEV"));
                    //new UsernamePasswordCredentials("psaraiva", 
"psaraiva" ));


            // Create AuthCache instance
            AuthCache authCache = new BasicAuthCache();
            // Generate BASIC scheme object and add it to the local
            // auth cache
            BasicScheme basicAuth = new BasicScheme();
            authCache.put(targetHost, basicAuth);

            // Add AuthCache to the execution context
            BasicHttpContext localcontext = new BasicHttpContext();
            localcontext.setAttribute(ClientContext.AUTH_CACHE, authCache);

            HttpGet httpget = new HttpGet("/services/files/");


            System.out.println("executing request: " + 
httpget.getRequestLine());

            System.out.println("to target: " + targetHost);


            HttpResponse response = httpclient.execute(targetHost, 
httpget);//, localcontext);

            HttpEntity entity = response.getEntity();


             
System.out.println("----------------------------------------");

             System.out.println(response.getStatusLine());
              if (entity != null) {

                  System.out.println("Response content length: " + 
entity.getContentLength());

              }
              EntityUtils.consume(entity);

        } finally {
            // When HttpClient instance is no longer needed,
            // shut down the connection manager to ensure
            // immediate deallocation of all system resources
            httpclient.getConnectionManager().shutdown();
        }


HttpClient seems to only try the Kerberos authentication and outputs the 
following warning:
WARN [main] (RequestAuthenticationBase.java:88) - NEGOTIATE 
authentication error: No valid credentials provided (Mechanism level: No 
valid credentials provided (Mechanism level: Failed to find any Kerberos 
tgt))



However, I want it to force it to use NTLMv2. From the HttpClient NTLM 
auth page it states that NTLMv2 is supported since version 4.1.



Does HttpClient 4.2 support NTLMv2 over SPNEGO? Or it's my bad 
configuration that's causing it not to use NTLMv2?


Kind regards,

Pedro Saraiva

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]























					Reply via email to