Brian,
It's not a bug. It is a known issue. The current implementation of Axis2 1.5.1 uses httpCommonsClient 3 (I believe). The oaklandSoftware solution wrote their own transport sender using the Commons Client v4 and JCIFS which handles the NTLM v2 messages (whereas httpCommons Client 3 does NOT). ________________________________ From: Brian Dillon [mailto:[email protected]] Sent: Thursday, June 10, 2010 12:33 PM To: [email protected] Subject: NTLM Authentication failure with CommonsHTTPTransportSender Hi, I am using Axis2 1.4.1 I am currently trying to call a SharePoint service from Axis2 using NTLM authentication. My configuration is as follows; <transportSender name="http" class="org.apache.axis2.transport.http.CommonsHTTPTransportSender"> <parameter name="PROTOCOL">HTTP/1.1</parameter> <parameter name="Transfer-Encoding">chunked</parameter> </transportSender> I am invoking the service using the following; HttpTransportProperties.Authenticator auth = new HttpTransportProperties.Authenticator(); auth.setUsername(sharePointUser); auth.setPassword(sharePointPwd); String domain = getSharepointConfigProperty(AUTHENTICATION_DOMAIN); auth.setDomain(domain); List<String> authL = new ArrayList<String>(); authL.add(org.apache.axis2.transport.http.HttpTransportProperties.Authen ticator.NTLM); auth.setAuthSchemes(authL); options.setProperty(HTTPConstants.AUTHENTICATE,auth); When I invoke the service I get the following error (seeing this in using fiddler to see the HTTP traffic) HTTP/1.1 401 Authorization Required Date: Thu, 10 Jun 2010 16:19:02 GMT Server: Apache/2.2.8 (Win32) DAV/2 SVN/1.5.5 mod_auth_sspi/1.0.4 WWW-Authenticate: NTLM TlRMTVNTUAACAAAADAAMADgAAAAFgomi/C9BoEfVN9gAAAAAAAAAAIIAggBEAAAABQLODgAA AA9GAEkATgBFAE8AUwACAAwARgBJAE4ARQBPAFMAAQAQAEkARQBEAEUAVgAwADAANAAEABQA RgBJAE4ARQBPAFMALgBjAG8AbQADACYAaQBlAGQAZQB2ADAAMAA0AC4ARgBJAE4ARQBPAFMA LgBjAG8AbQAFABQARgBJAE4ARQBPAFMALgBjAG8AbQAAAAAA Content-Length: 401 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 Proxy-Support: Session-Based-Authentication <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>401 Authorization Required</title> </head><body> <h1>Authorization Required</h1> <p>This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.</p> </body></html> When I also found is that if I switch to use com.oaklandsw.http.axis2.OaklandHTTPTransportSender2 instead of the CommonsHTTPTransportSender that the request will succeed. Is this a know bug with CommonsHTTPTransportSender ? Is there a workaround or a known fix ? I don't want to go down the route of using the Oakland HTTP Sender as it is not an open source project. Any help is appreciated, Thanks, Brian Brian Dillon Technical Architecture FINEOS Corporation Pembroke House, 8-10 Lower Pembroke Street, Dublin2, Ireland. T +353-1-639-9700 F +353-1-639-9701 W www.FINEOS.com <http://www.FINEOS.com> ENTERPRISE SOLUTIONS for INSURANCE, BANCASSURANCE AND SOCIAL INSURANCE __________________________________________________________ FINEOS Corporation is the global brand name of FINEOS Corporation Limited and its affiliated group companies worldwide. The information contained in this e-mail is confidential, may be privileged and is intended only for the use of the recipient named above. If you are not the intended recipient or a representative of the intended recipient, you have received this e-mail in error and must not copy, use or disclose the contents of this e-mail to anybody else. If you have received this e-mail in error, please notify the sender immediately by return e-mail and permanently delete the copy you received. This e-mail has been swept for computer viruses. However, you should carry out your own virus checks. Registered in Ireland, No. 205721. http://www.FINEOS.com __________________________________________________________
