[
https://issues.apache.org/jira/browse/CAMEL-22073?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17951843#comment-17951843
]
Raymond edited comment on CAMEL-22073 at 5/15/25 5:44 PM:
----------------------------------------------------------
Note that in Camel 4.9.0 the Apache HttpClient was upgraded from 5.2.1 to 5.4.1:
>From the 5.3 release notes of Apache HTTP Client:
{code:java}
The 5.3 release series introduces support for the Bearer authentication scheme
(RFC 6750) and
deprecates NTLM and GSS-based experimental authentication schemes in favor of
Basic / Bearer
authentication with TLS.
Notable changes and features included in the 5.3 series:
* Introduction of the Bearer authentication scheme.
* Deprecation of the NTLM authentication scheme.
* Deprecation of the GSS-based experimental authentication schemes.
* Support for load distribution across multiple proxies. {code}
Deprecation doesn't mean removal of course, but it's suspicious.
was (Author: skin27):
Note that in Camel 4.9.0 the Apache HttpClient was upgraded from 5.2.1 to 5.4.1:
>From the 5.3 release notes of Apache HTTP Client:
{code:java}
The 5.3 release series introduces support for the Bearer authentication scheme
(RFC 6750) and
deprecates NTLM and GSS-based experimental authentication schemes in favor of
Basic / Bearer
authentication with TLS.
Notable changes and features included in the 5.3 series:
* Introduction of the Bearer authentication scheme.
* Deprecation of the NTLM authentication scheme.
* Deprecation of the GSS-based experimental authentication schemes.
* Support for load distribution across multiple proxies. {code}
Deprecation doesn't mean removal of course, but it's suspicious.
[{color:#ababad}7:28{color}|https://teamdovetail.slack.com/archives/D02KJ5MDAR4/p1747330100418929]
Raymond Meester
Deprecation should mean that it still works, but maybe they changed or removed
something.
> camel-http - NTLM authentication doesn't work over http
> -------------------------------------------------------
>
> Key: CAMEL-22073
> URL: https://issues.apache.org/jira/browse/CAMEL-22073
> Project: Camel
> Issue Type: Bug
> Components: camel-http
> Affects Versions: 4.10.4
> Reporter: Bruno Gonçalves
> Priority: Minor
> Attachments: http-ntlm-reproducer.tar,
> wireshark_http_ntlm_camel4.png, wireshark_http_ntlm_curl.png
>
>
> It appears that NTLM authentication is not functioning correctly in Apache
> Camel 4 (version 4.10.4) when using the {{http}} component.
> Using the exact same credentials and request details, the call succeeds when
> made via the {{curl}} command with the {{--ntlm}} flag, but fails when
> executed through Camel.
> As shown in the attached Wireshark capture, the {{curl}} request correctly
> initiates the NTLM handshake, including the {{Authorization: NTLM ...}}
> header, whereas the Apache Camel request does not send the Authorization
> header and fails to trigger a challenge-response flow.
> *Apache Camel 4 (4.10.4) (x)*
> {code:java}
> <to
> uri="http://exacttest.myserver.local:8020/Services/Exact.Entity.REST.EG/?authMethod=NTLM&authUsername=RAW(usr_exact1)&authPassword=RAW(blabla)&authDomain=RAW(myserver.local)&maxTotalConnections=20&connectionsPerRoute=2&connectTimeout=180000&soTimeout=180000"/>{code}
> *Curl (8.7.1) (/)*
> {code:java}
> curl --ntlm --user myserver.local\\usr_exact1:blabla
> "http://exacttest.myserver.local:8020/services/Exact.Entity.REST.EG/"{code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
