[
https://issues.apache.org/jira/browse/CXF-9056?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17886093#comment-17886093
]
Alexander Suter commented on CXF-9056:
--------------------------------------
Hello [~ffang]
Thanks. Yes, you are right. By setting this property it works again.
The bad thing in my environment is that I've the hc (async) jar on my
classpath. Even if I disable ASYNC_HTTP the HTTPConduit will be created by the
hc jar
{code:java}
// HTTPTransportFactory
HTTPConduitFactory factory = findFactory(endpointInfo, bus);
HTTPConduit conduit = null;
if (factory != null) {
conduit = factory.createConduit(this, bus, endpointInfo, target);
}
if (conduit == null) {
if (forceURLConnectionConduit) {
conduit = new URLConnectionHTTPConduit(bus, endpointInfo, target);
} else {
conduit = new HttpClientHTTPConduit(bus, endpointInfo, target);
}
} {code}
> NTML Login ends up with Authorization loop detected after upgrading CXF from
> 3.5 to 3.6
> ---------------------------------------------------------------------------------------
>
> Key: CXF-9056
> URL: https://issues.apache.org/jira/browse/CXF-9056
> Project: CXF
> Issue Type: Bug
> Reporter: Alexander Suter
> Priority: Major
> Attachments: stacktrace.txt
>
>
> After upgrading cxf from 3.5 to 3.6 we can no longer authenticate with NTLM
> with CXF as web service client technology.
>
> We do support two modes in our product. With Challenge and without challenge.
> And the case without challenge (challenge = false) is no longer working
> whereas the authentication will be set on the httpConduit directly.
>
> {code:java}
> public class NTLMAuthenticationFeature implements WebServiceClientFeature {
>
> @Override
> public void initialize(WebServiceClientFeatureContext context) {
> BindingProvider bindingProvider = context.getBindingProvider();
> WsProps props = new WsProps(context.getProperties());
> Client proxy = ClientProxy.getClient(bindingProvider);
>
> boolean challenge =
> props.bool(Authentication.NTLM.CHALLENGE).orElse(Boolean.TRUE);
> proxy.getRequestContext().put(AsyncHTTPConduit.USE_ASYNC, challenge);
> var credentials = createNTCredentials(props);
> if (challenge) {
> proxy.getRequestContext().put(Credentials.class.getName(), credentials);
> }
> Conduit conduit = proxy.getConduit();
> if (conduit instanceof HTTPConduit httpConduit) {
> httpConduit.getClient().setAutoRedirect(true);
> }
> if (!challenge) {
> // this does no longer work
> httpConduit.getClient().setAllowChunking(false);
> setNtlmAuthHeader(credentials, httpConduit);
> }
> }
> private void setNtlmAuthHeader(NTCredentials credentials, HTTPConduit
> httpConduit) {
> var auth = httpConduit.getAuthorization();
> auth.setAuthorizationType("NTLM");
> auth.setUserName(credentials.getUserPrincipal().getName());
> auth.setPassword(credentials.getPassword());
> }
> private static NTCredentials createNTCredentials(WsProps properties) {
> var username = properties.string(Authentication.USERNAME);
> var password = properties.string(Authentication.PASSWORD);
> var workstation = properties.string(Authentication.NTLM.WORKSTATION);
> var domain = properties.string(Authentication.NTLM.DOMAIN);
> return new NTCredentials(username, password, workstation, domain);
> }
> private static record WsProps(Map<String, Object> props) {
>
> String string(String key) {
>
> return Optional.ofNullable(props.get(key))
> .map(String.class::cast)
> .orElse(null);
>
> Optional<Boolean> bool(String key) {
> return Optional.ofNullable(props.get(key))
> .map(String.class::cast)
> .filter(Predicate.not(String::isBlank))
> .map(Boolean::parseBoolean);
> }
> }
> } {code}
>
> See the error stack trace in the log.
> Do you have any hints for this problem?
>
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
