[jira] [Comment Edited] (HTTPCLIENT-2086) NTLM Message parse Error
[
https://issues.apache.org/jira/browse/HTTPCLIENT-2086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17148405#comment-17148405
]
Michael Wagner edited comment on HTTPCLIENT-2086 at 6/30/20, 8:05 AM:
--
As for me, the PR fixed the problem, and authentication works!
was (Author: maffelbaffel):
As for me, the PR fixed the problem, and authentication works!
> NTLM Message parse Error
>
>
> Key: HTTPCLIENT-2086
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2086
> Project: HttpComponents HttpClient
> Issue Type: Bug
>Affects Versions: 5.0
>Reporter: Michael Wagner
>Priority: Minor
> Fix For: 5.0.2
>
> Attachments: screenshot-1.png
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> My Authentication endpoint returns an NTLM Message header like this:
> {code}
> "WWW-Authenticate: NTLM
> TlRMTVNTUAACBgAGADgF.QByAGcALgBkAGUABwAIAMG9LHviQtYBAA=="
> {code}
> Upon reading this header with {{AuthChallengeParser}} hc parses this field
> using the code in [line
> 70|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L70]:
> {code}
> if (!cursor.atEnd() && buffer.charAt(cursor.getPos()) == EQUAL_CHAR) {
> cursor.updatePos(cursor.getPos() + 1);
> final String value = tokenParser.parseValue(buffer, cursor,
> DELIMITER);
> return new BasicNameValuePair(token, value);
> }
> {code}
> When reading the first "=" char of the message, it interprets the value as a
> key-value pair. The first part of the NTLM message being the key and the
> second "=" the value.
> [Later|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L126]
> an AuthChallenge is later created with
> {code}
> new AuthChallenge(challengeType, schemeName, null, params.size() > 0 ? params
> : null);
> {code}
> where {{value}} is null and params a list containing the NTLM message without
> the equals signs.
> Without the "==" the next auth step fails.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
-
To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org
For additional commands, e-mail: dev-h...@hc.apache.org
[jira] [Comment Edited] (HTTPCLIENT-2086) NTLM Message parse Error
[
https://issues.apache.org/jira/browse/HTTPCLIENT-2086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17139525#comment-17139525
]
Eric Kerwin edited comment on HTTPCLIENT-2086 at 6/18/20, 4:03 PM:
---
I'd love to assist if I could actually help. I've been looking at the parser
and it seems like you might want the scheme, as [~michael-o] mentions above,
control the parsing.
I am not an expert on NTLM at all, but it looks like its challenge response
should not be tokenized, here's my challenge:
{code:java}
NTLM
TlRMTVNTUAACADgBggiiS0u2y+0O6WI4BgEAAA8={code}
I'm currently working on a forked version so I can provide a PR once I have an
NTLM parser ready. Is this a waste of my (and more importantly, your) time?
was (Author: ekerwin):
I'd love to assist if I could actually help. I've been looking at the parser
and it seems like you might want the scheme, as [~michael-o] mentions above.
I am not an expert on NTLM at all, but it looks like its challenge response
should not be tokenized, here's my challenge:
{code:java}
NTLM
TlRMTVNTUAACADgBggiiS0u2y+0O6WI4BgEAAA8={code}
I'm currently working on a forked version so I can provide a PR once I have an
NTLM parser ready. Is this a waste of my (and more importantly, your) time?
> NTLM Message parse Error
>
>
> Key: HTTPCLIENT-2086
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2086
> Project: HttpComponents HttpClient
> Issue Type: Bug
>Affects Versions: 5.0
>Reporter: Michael Wagner
>Priority: Minor
> Attachments: screenshot-1.png
>
>
> My Authentication endpoint returns an NTLM Message header like this:
> {code}
> "WWW-Authenticate: NTLM
> TlRMTVNTUAACBgAGADgF.QByAGcALgBkAGUABwAIAMG9LHviQtYBAA=="
> {code}
> Upon reading this header with {{AuthChallengeParser}} hc parses this field
> using the code in [line
> 70|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L70]:
> {code}
> if (!cursor.atEnd() && buffer.charAt(cursor.getPos()) == EQUAL_CHAR) {
> cursor.updatePos(cursor.getPos() + 1);
> final String value = tokenParser.parseValue(buffer, cursor,
> DELIMITER);
> return new BasicNameValuePair(token, value);
> }
> {code}
> When reading the first "=" char of the message, it interprets the value as a
> key-value pair. The first part of the NTLM message being the key and the
> second "=" the value.
> [Later|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L126]
> an AuthChallenge is later created with
> {code}
> new AuthChallenge(challengeType, schemeName, null, params.size() > 0 ? params
> : null);
> {code}
> where {{value}} is null and params a list containing the NTLM message without
> the equals signs.
> Without the "==" the next auth step fails.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
-
To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org
For additional commands, e-mail: dev-h...@hc.apache.org
[jira] [Comment Edited] (HTTPCLIENT-2086) NTLM Message parse Error
[
https://issues.apache.org/jira/browse/HTTPCLIENT-2086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17135741#comment-17135741
]
Michael Osipov edited comment on HTTPCLIENT-2086 at 6/15/20, 2:01 PM:
--
Yes, that's the reason. Infact, RFC 2617 defines:
{noformat}
challenge = auth-scheme 1*SP 1#auth-param
{noformat}
which differs from what RFC 7235 does. This bascially means that NTLM and
SPNEGO broke the RFC before 7235.
was (Author: michael-o):
Yes, that's the reason. Infact, RFC 2617 defines:
{noformat}
hallenge = auth-scheme 1*SP 1#auth-param
{noformat}
which differs from what RFC 7235 does. This bascially means that NTLM and
SPNEGO broke the RFC before 7235.
> NTLM Message parse Error
>
>
> Key: HTTPCLIENT-2086
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2086
> Project: HttpComponents HttpClient
> Issue Type: Bug
>Affects Versions: 5.0
>Reporter: Michael Wagner
>Priority: Minor
> Attachments: screenshot-1.png
>
>
> My Authentication endpoint returns an NTLM Message header like this:
> {code}
> "WWW-Authenticate: NTLM
> TlRMTVNTUAACBgAGADgF.QByAGcALgBkAGUABwAIAMG9LHviQtYBAA=="
> {code}
> Upon reading this header with {{AuthChallengeParser}} hc parses this field
> using the code in [line
> 70|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L70]:
> {code}
> if (!cursor.atEnd() && buffer.charAt(cursor.getPos()) == EQUAL_CHAR) {
> cursor.updatePos(cursor.getPos() + 1);
> final String value = tokenParser.parseValue(buffer, cursor,
> DELIMITER);
> return new BasicNameValuePair(token, value);
> }
> {code}
> When reading the first "=" char of the message, it interprets the value as a
> key-value pair. The first part of the NTLM message being the key and the
> second "=" the value.
> [Later|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L126]
> an AuthChallenge is later created with
> {code}
> new AuthChallenge(challengeType, schemeName, null, params.size() > 0 ? params
> : null);
> {code}
> where {{value}} is null and params a list containing the NTLM message without
> the equals signs.
> Without the "==" the next auth step fails.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
-
To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org
For additional commands, e-mail: dev-h...@hc.apache.org
[jira] [Comment Edited] (HTTPCLIENT-2086) NTLM Message parse Error
[
https://issues.apache.org/jira/browse/HTTPCLIENT-2086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17135508#comment-17135508
]
Michael Wagner edited comment on HTTPCLIENT-2086 at 6/15/20, 7:07 AM:
--
Ops, you are right of course. I copied the wrong header. The endpoint returns a
"{{WWW-Authenticate: NTLM TlRMTVNTUAACBgAGIAMG9LHviQtYBAA==}}" :)
!screenshot-1.png|width=720,height=373!
Notice how in my screenshot {{tokenOrParameter}} has a {{value}} of {{=}}.
was (Author: maffelbaffel):
Ops, you are right of course. I copied the wrong header. The endpoint returns a
"{{WWW-Authenticate: NTLM TlRMTVNTUAACBgAGIAMG9LHviQtYBAA==}}" :)
!screenshot-1.png|width=720,height=373!
> NTLM Message parse Error
>
>
> Key: HTTPCLIENT-2086
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2086
> Project: HttpComponents HttpClient
> Issue Type: Bug
>Affects Versions: 5.0
>Reporter: Michael Wagner
>Priority: Minor
> Attachments: screenshot-1.png
>
>
> My Authentication endpoint returns an NTLM Message header like this:
> {code}
> "WWW-Authenticate: NTLM
> TlRMTVNTUAACBgAGADgF.QByAGcALgBkAGUABwAIAMG9LHviQtYBAA=="
> {code}
> Upon reading this header with {{AuthChallengeParser}} hc parses this field
> using the code in [line
> 70|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L70]:
> {code}
> if (!cursor.atEnd() && buffer.charAt(cursor.getPos()) == EQUAL_CHAR) {
> cursor.updatePos(cursor.getPos() + 1);
> final String value = tokenParser.parseValue(buffer, cursor,
> DELIMITER);
> return new BasicNameValuePair(token, value);
> }
> {code}
> When reading the first "=" char of the message, it interprets the value as a
> key-value pair. The first part of the NTLM message being the key and the
> second "=" the value.
> [Later|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L126]
> an AuthChallenge is later created with
> {code}
> new AuthChallenge(challengeType, schemeName, null, params.size() > 0 ? params
> : null);
> {code}
> where {{value}} is null and params a list containing the NTLM message without
> the equals signs.
> Without the "==" the next auth step fails.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
-
To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org
For additional commands, e-mail: dev-h...@hc.apache.org
[jira] [Comment Edited] (HTTPCLIENT-2086) NTLM Message parse Error
[
https://issues.apache.org/jira/browse/HTTPCLIENT-2086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17135508#comment-17135508
]
Michael Wagner edited comment on HTTPCLIENT-2086 at 6/15/20, 7:04 AM:
--
Ops, you are right of course. I copied the wrong header. The endpoint returns a
"{{WWW-Authenticate: NTLM TlRMTVNTUAACBgAGIAMG9LHviQtYBAA==}}" :)
!screenshot-1.png|width=720,height=373!
was (Author: maffelbaffel):
Ops, you are right of course. I copied the wrong header. The endpoint returns a
"{{WWW-Authenticate: NTLM TlRMTVNTUAACBgAGIAMG9LHviQtYBAA==}}" :)
!screenshot-1.png|thumbnail!
> NTLM Message parse Error
>
>
> Key: HTTPCLIENT-2086
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2086
> Project: HttpComponents HttpClient
> Issue Type: Bug
>Affects Versions: 5.0
>Reporter: Michael Wagner
>Priority: Minor
> Attachments: screenshot-1.png
>
>
> My Authentication endpoint returns an NTLM Message header like this:
> {code}
> "WWW-Authenticate: NTLM
> TlRMTVNTUAACBgAGADgF.QByAGcALgBkAGUABwAIAMG9LHviQtYBAA=="
> {code}
> Upon reading this header with {{AuthChallengeParser}} hc parses this field
> using the code in [line
> 70|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L70]:
> {code}
> if (!cursor.atEnd() && buffer.charAt(cursor.getPos()) == EQUAL_CHAR) {
> cursor.updatePos(cursor.getPos() + 1);
> final String value = tokenParser.parseValue(buffer, cursor,
> DELIMITER);
> return new BasicNameValuePair(token, value);
> }
> {code}
> When reading the first "=" char of the message, it interprets the value as a
> key-value pair. The first part of the NTLM message being the key and the
> second "=" the value.
> [Later|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L126]
> an AuthChallenge is later created with
> {code}
> new AuthChallenge(challengeType, schemeName, null, params.size() > 0 ? params
> : null);
> {code}
> where {{value}} is null and params a list containing the NTLM message without
> the equals signs.
> Without the "==" the next auth step fails.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
-
To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org
For additional commands, e-mail: dev-h...@hc.apache.org
[jira] [Comment Edited] (HTTPCLIENT-2086) NTLM Message parse Error
[
https://issues.apache.org/jira/browse/HTTPCLIENT-2086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17135508#comment-17135508
]
Michael Wagner edited comment on HTTPCLIENT-2086 at 6/15/20, 7:03 AM:
--
Ops, you are right of course. I copied the wrong header. The endpoint returns a
"{{WWW-Authenticate: NTLM TlRMTVNTUAACBgAGIAMG9LHviQtYBAA==}}" :)
!screenshot-1.png|thumbnail!
was (Author: maffelbaffel):
Ops, you are right of course. I copied the wrong header. The endpoint returns a
"{{WWW-Authenticate: NTLM TlRMTVNTUAACBgAGIAMG9LHviQtYBAA==}}" :)
!screenshot-1.png!
> NTLM Message parse Error
>
>
> Key: HTTPCLIENT-2086
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2086
> Project: HttpComponents HttpClient
> Issue Type: Bug
>Affects Versions: 5.0
>Reporter: Michael Wagner
>Priority: Minor
> Attachments: screenshot-1.png
>
>
> My Authentication endpoint returns an NTLM Message header like this:
> {code}
> "WWW-Authenticate: NTLM
> TlRMTVNTUAACBgAGADgF.QByAGcALgBkAGUABwAIAMG9LHviQtYBAA=="
> {code}
> Upon reading this header with {{AuthChallengeParser}} hc parses this field
> using the code in [line
> 70|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L70]:
> {code}
> if (!cursor.atEnd() && buffer.charAt(cursor.getPos()) == EQUAL_CHAR) {
> cursor.updatePos(cursor.getPos() + 1);
> final String value = tokenParser.parseValue(buffer, cursor,
> DELIMITER);
> return new BasicNameValuePair(token, value);
> }
> {code}
> When reading the first "=" char of the message, it interprets the value as a
> key-value pair. The first part of the NTLM message being the key and the
> second "=" the value.
> [Later|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L126]
> an AuthChallenge is later created with
> {code}
> new AuthChallenge(challengeType, schemeName, null, params.size() > 0 ? params
> : null);
> {code}
> where {{value}} is null and params a list containing the NTLM message without
> the equals signs.
> Without the "==" the next auth step fails.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
-
To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org
For additional commands, e-mail: dev-h...@hc.apache.org
