User with invalid credentials are authenticated for NTLM authentication.
------------------------------------------------------------------------
Key: AXIS2-5094
URL: https://issues.apache.org/jira/browse/AXIS2-5094
Project: Axis2
Issue Type: Bug
Components: transports
Affects Versions: 1.5
Reporter: shivendra tripathi
Priority: Critical
NTLM authentication is per connection. Since 1.5 onward connection is cached,
so once a user is authenticated another user with invalid credentials is also
getting same authenticated connection.
If we create new MultiThreadedHttpConnectionManager for authenticate request;
issue will be fixed. I did the following changes in
AbstractHTTPSender#getHttpClient
HttpConnectionManager connManager = null;
Object obj = msgContext.getProperty(HTTPConstants.AUTHENTICATE);
if (obj !=null){
connManager = new MultiThreadedHttpConnectionManager();
}
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org
For additional commands, e-mail: java-dev-h...@axis.apache.org
