Hello,
I'm working on a web application consuming web services with Axis2. Client
classes are generated from a WSDL file with the XMLBeans method.
The web services require NTLM authentication, which I set up in my application.
Everything's fine, the application works as expected (able to authenticate,
able to use services). Except in one case : when the NTLM password contains
accents, e.g. "myPasswordWithLetter_é". Does someone know about this, is this a
filed bug for Axis2 (I couldn't find anythind on it so far) ? Are there any
solutions to bypass it ?
Thanks
Pierre
More detailed information :
1. The services requested are Exchange Web Service ones. Again, it's working
fine for passwords without accents.
2. My authentication code is :
URL endpoint = new URL(...);
HttpTransportProperties.Authenticator authenticator = new
HttpTransportProperties.Authenticator();
authenticator.setAuthSchemes(Arrays.asList(HttpTransportProperties.Authenticator.NTLM));
authenticator.setUsername("user");
authenticator.setPassword("myPasswordWithLetter_é");
authenticator.setHost(endpoint.getHost());
authenticator.setPort(endpoint.getPort()!=-1? endpoint.getPort()
: endpoint.getProtocol().equalsIgnoreCase("https")? 443 :
80);
authenticator.setDomain(conf.getAgendaHttpAuthDomain());
stub._getServiceClient().getOptions().setProperty(HTTPConstants.AUTHENTICATE,
authenticator);
3. The password is showing healthy in Java, no encoding problem.
4. TCPMonitor shows similar behaviours with or without accents in the password
: 3 POST requests, only the last differing between the expected SOAP response
or the "HTTP 401.1 Unauthorized" seen below :
Application request
Server response
POST /EWS/Exchange.asmx HTTP/1.1
Content-Type: text/xml; charset=UTF-8
SOAPAction:
"http://schemas.microsoft.com/exchange/services/2006/messages/FindItem";<http://schemas.microsoft.com/exchange/services/2006/messages/FindItem>
User-Agent: Axis2
Host: vm-iodasxch:8989
Transfer-Encoding: chunked
322
<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope ...
HTTP/1.1 401 Unauthorized
Content-Length: 1897
Content-Type: text/html
Server: Microsoft-IIS/6.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Date: Mon, 27 Jun 2011 10:05:06 GMT
POST /EWS/Exchange.asmx HTTP/1.1
Content-Type: text/xml; charset=UTF-8
SOAPAction:
"http://schemas.microsoft.com/exchange/services/2006/messages/FindItem";<http://schemas.microsoft.com/exchange/services/2006/messages/FindItem>
User-Agent: Axis2
Transfer-Encoding: chunked
Authorization: NTLM TlRMTVNTUAABAAAABlIAAAgACAApAAAACQAJACAAABMT0NBTE
hPU1RJT0RBU1hDSA==
Host: localhost:8989
322
<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope ...
HTTP/1.1 401 Unauthorized
Content-Length: 1776
Content-Type: text/html
Server: Microsoft-IIS/6.0
WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADgAAAAGAoECgB4YkR3A1OQAAAAAAAA
AAM4AzgBAAAAABQLODgAAAA9JT0RBU1hDSAIAEABJAE8ARABBAFMAWABDAEgAAQAWAFY
ATQAtAEkATwBEAEEAUwBYAEMASAAEACgAaQBvAGQAYQBzAHgAYwBoAC4AZwBmAGkALgBw
AHIAaQB2AGEAdABlAAMAQAB2AG0ALQBpAG8AZABhAHMAeABjAGgALgBpAG8AZABhAHMAeAB
jAGgALgBnAGYAaQAuAHAAcgBpAHYAYQB0AGUABQAoAGkAbwBkAGEAcwB4AGMAaAAuAGcAZg
BpAC4AcAByAGkAdgBhAHQAZQAAAAAA
X-Powered-By: ASP.NET
Date: Mon, 27 Jun 2011 10:05:06 GMT
POST /EWS/Exchange.asmx HTTP/1.1
Content-Type: text/xml; charset=UTF-8
SOAPAction:
"http://schemas.microsoft.com/exchange/services/2006/messages/FindItem";<http://schemas.microsoft.com/exchange/services/2006/messages/FindItem>
User-Agent: Axis2
Transfer-Encoding: chunked
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAFYAAAAAAAAAbgAAAAgACABAAAAA
BQAFAEgAAAAJAAkATQAAAAAAAAuAAAABlIAAElPREFTWENIVEVTVDFMT0NBTEhPU
1QbF84penGv2i5dPWJzY1FKXnOm/wIvn0I=
Host: localhost:8989
322
<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope ...
HTTP/1.1 401 Unauthorized
Content-Length: 1776
Content-Type: text/html
Server: Microsoft-IIS/6.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Date: Mon, 27 Jun 2011 10:05:06 GMT
--
Cordialement,
Pierre Muller
Ce message et toutes les pièces jointes (ci-après le « message ») sont
confidentiels et établis à l'intention exclusive de ses destinataires. Toute
utilisation de ce message non conforme à sa destination, toute diffusion ou
toute publication, totale ou partielle, est interdite, sauf autorisation
expresse des parties. Si vous recevez ce message par erreur, merci de le
détruire sans en conserver de copie et d'en avertir immédiatement l'expéditeur.
Internet ne permettant pas de garantir l'intégrité de ce message, le groupe GFI
Informatique décline toute responsabilité au titre de ce message s'il a été
modifié, altéré, déformé ou falsifié. Par ailleurs et malgré toutes les
précautions prises pour éviter la présence de virus dans nos envois, nous vous
recommandons de prendre, de votre côté, les mesures permettant d'assurer la
non-introduction de virus dans votre système informatique.
This email message and any attachments ("the email") are confidential and
intended only for the recipient(s) indicated. If you are not an intended
recipient, please be advised that any use, dissemination, forwarding or copying
of this email whatsoever is prohibited without prior written consent. If you
have received this email in error, please delete it without saving a copy and
notify the sender immediately. Internet emails are not necessarily secured, and
GFI Informatique Group declines responsibility for any changes that may have
been made to this email after it was sent. While we take all reasonable
precautions to ensure that viruses are not transmitted via emails, we recommend
that you take your own measures to prevent viruses from entering your computer
system.
