[
https://issues.apache.org/jira/browse/CAMEL-22073?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Bruno Gonçalves updated CAMEL-22073:
------------------------------------
Description:
It appears that NTLM authentication is not functioning correctly in Apache
Camel 4 (version 4.10.4) when using the {{http}} component.
Using the exact same credentials and request details, the call succeeds when
made via the {{curl}} command with the {{--ntlm}} flag, but fails when executed
through Camel.
As shown in the attached Wireshark capture, the {{curl}} request correctly
initiates the NTLM handshake, including the {{Authorization: NTLM ...}} header,
whereas the Apache Camel request does not send the Authorization header and
fails to trigger a challenge-response flow.
*Apache Camel 4 (4.10.4) (x)*
{code:java}
<to
uri="http://exacttest.myserver.local:8020/Services/Exact.Entity.REST.EG/?authMethod=NTLM&authUsername=RAW(usr_exact1)&authPassword=RAW(blabla)&authDomain=RAW(myserver.local)&maxTotalConnections=20&connectionsPerRoute=2&connectTimeout=180000&soTimeout=180000"/>{code}
*Curl (8.7.1) (/)*
{code:java}
curl --ntlm --user myserver.local\\usr_exact1:blabla
"http://exacttest.myserver.local:8020/services/Exact.Entity.REST.EG/"{code}
was:
It appears that NTLM authentication is not functioning correctly in Apache
Camel 4 (version 4.10.4) when using the {{http}} component.
Using the exact same credentials and request details, the call succeeds when
made via the {{curl}} command with the {{--ntlm}} flag, but fails when executed
through Camel.
As shown in the attached Wireshark capture, the {{curl}} request correctly
initiates the NTLM handshake, including the {{Authorization: NTLM ...}} header,
whereas the Apache Camel request does not send the Authorization header and
fails to trigger a challenge-response flow.
*Apache Camel 4 (4.10.4) (x)*
{code:java}
<to
uri="http://exacttest.seacon.local:8020/Services/Exact.Entity.REST.EG/?authMethod=NTLM&authUsername=RAW(usr_exact1)&authPassword=RAW(blabla)&authDomain=RAW(seacon.local)&maxTotalConnections=20&connectionsPerRoute=2&connectTimeout=180000&soTimeout=180000"/>{code}
*Curl (8.7.1) (/)*
{code:java}
curl --ntlm --user seacon.local\\usr_exact1:blabla
"http://exacttest.seacon.local:8020/services/Exact.Entity.REST.EG/"{code}
> NTLM doesn't work over http in Camel 4.10.4
> -------------------------------------------
>
> Key: CAMEL-22073
> URL: https://issues.apache.org/jira/browse/CAMEL-22073
> Project: Camel
> Issue Type: Bug
> Components: camel-http
> Affects Versions: 4.10.4
> Reporter: Bruno Gonçalves
> Priority: Major
> Attachments: wireshark_http_ntlm_camel4.png,
> wireshark_http_ntlm_curl.png
>
>
> It appears that NTLM authentication is not functioning correctly in Apache
> Camel 4 (version 4.10.4) when using the {{http}} component.
> Using the exact same credentials and request details, the call succeeds when
> made via the {{curl}} command with the {{--ntlm}} flag, but fails when
> executed through Camel.
> As shown in the attached Wireshark capture, the {{curl}} request correctly
> initiates the NTLM handshake, including the {{Authorization: NTLM ...}}
> header, whereas the Apache Camel request does not send the Authorization
> header and fails to trigger a challenge-response flow.
> *Apache Camel 4 (4.10.4) (x)*
> {code:java}
> <to
> uri="http://exacttest.myserver.local:8020/Services/Exact.Entity.REST.EG/?authMethod=NTLM&authUsername=RAW(usr_exact1)&authPassword=RAW(blabla)&authDomain=RAW(myserver.local)&maxTotalConnections=20&connectionsPerRoute=2&connectTimeout=180000&soTimeout=180000"/>{code}
> *Curl (8.7.1) (/)*
> {code:java}
> curl --ntlm --user myserver.local\\usr_exact1:blabla
> "http://exacttest.myserver.local:8020/services/Exact.Entity.REST.EG/"{code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
