On Wed, 2014-02-12 at 02:21 +1100, Brett Ryan wrote:
> Thanks Oleg, I've added this to the client, yet I am still getting the same
> warnings.
>
> Lookup<AuthSchemeProvider> authProviders =
> RegistryBuilder.<AuthSchemeProvider>create()
> .register(AuthSchemes.BASIC, new BasicSchemeFactory())
> .build();
> RequestConfig rc = RequestConfig.custom()
> .setTargetPreferredAuthSchemes(Arrays.asList("BASIC"))
> .build();
> BasicCredentialsProvider credsProvider = new BasicCredentialsProvider();
> credsProvider.setCredentials(AuthScope.ANY, null);
> client = HttpClients.custom()
> .setDefaultCredentialsProvider(credsProvider)
> .setDefaultAuthSchemeRegistry(authProviders)
> .setDefaultRequestConfig(rc)
>
> .setTargetAuthenticationStrategy(TargetAuthenticationStrategy.INSTANCE)
> .build();
>
Can happen if the proxy auth strategy tries to pick up an auth scheme
from the list of preferred schemes still containing NTLM and SPNEGO.
Oleg
>
>
> On 12 February 2014 00:58, Oleg Kalnichevski <[email protected]> wrote:
>
> > On Tue, 2014-02-11 at 14:20 +1100, Brett Ryan wrote:
> > > If a server supports NTLM and Kerberos authentication, but when setting
> > up the client I only provide basic credentials I get a log for each of the
> > NTLM and NEGOTIATE authentication schemes.
> > >
> > > Taking the example from :
> > https://hc.apache.org/httpcomponents-client-4.3.x/httpclient/examples/org/apache/http/examples/client/ClientAuthentication.java
> > >
> > > CredentialsProvider credsProvider = new BasicCredentialsProvider();
> > > credsProvider.setCredentials(
> > > new AuthScope(null, -1),
> > > new UsernamePasswordCredentials(restUser, restPass));
> > > CloseableHttpClient client = HttpClients.custom()
> > > .setDefaultCredentialsProvider(credsProvider)
> > > .build();
> > >
> > > Use of the above client will produce the following warnings, though
> > requests succeed fine through basic authentication:
> > >
> > > WARN o.a.http.impl.auth.HttpAuthenticator - NEGOTIATE
> > authentication error: Invalid name provided (Mechanism level: KrbException:
> > Cannot locate default realm)
> > > WARN o.a.http.impl.auth.HttpAuthenticator - NTLM authentication
> > error: Credentials cannot be used for NTLM authentication:
> > org.apache.http.auth.UsernamePasswordCredentials
> > >
> > > So I figured after searching through the builder method that I'd supply
> > an auth provider with only basic support:
> > >
> > > Lookup<AuthSchemeProvider> authProviders =
> > RegistryBuilder.<AuthSchemeProvider>create()
> > > .register(AuthSchemes.BASIC, new BasicSchemeFactory())
> > > .build();
> > > CloseableHttpClient client = HttpClients.custom()
> > > .setDefaultCredentialsProvider(credsProvider)
> > > .setDefaultAuthSchemeRegistry(authProviders)
> > > .build();
> > >
> > > But now I get a different warning about the scheme's no longer being
> > enabled.
> > >
> > > WARN o.a.h.i.c.TargetAuthenticationStrategy - Authentication scheme
> > negotiate not supported
> > > WARN o.a.h.i.c.TargetAuthenticationStrategy - Authentication scheme
> > NTLM not supported
> > >
> > > How do I simply get rid of these warnings and only get the client to use
> > the basic scheme that I've configured?
> >
> > ---
> > RequestConfig config = RequestConfig.custom()
> > .setTargetPreferredAuthSchemes(Arrays.asList("BASIC"))
> > .build();
> > HttpGet get = new HttpGet("/");
> > get.setConfig(config);
> > ---
> >
> > Hope this helps
> >
> > Oleg
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [email protected]
> > For additional commands, e-mail: [email protected]
> >
> >
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
