[jira] [Comment Edited] (HTTPCLIENT-2086) NTLM Message parse Error
[ https://issues.apache.org/jira/browse/HTTPCLIENT-2086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17148405#comment-17148405 ] Michael Wagner edited comment on HTTPCLIENT-2086 at 6/30/20, 8:05 AM: -- As for me, the PR fixed the problem, and authentication works! was (Author: maffelbaffel): As for me, the PR fixed the problem, and authentication works! > NTLM Message parse Error > > > Key: HTTPCLIENT-2086 > URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2086 > Project: HttpComponents HttpClient > Issue Type: Bug >Affects Versions: 5.0 >Reporter: Michael Wagner >Priority: Minor > Fix For: 5.0.2 > > Attachments: screenshot-1.png > > Time Spent: 20m > Remaining Estimate: 0h > > My Authentication endpoint returns an NTLM Message header like this: > {code} > "WWW-Authenticate: NTLM > TlRMTVNTUAACBgAGADgF.QByAGcALgBkAGUABwAIAMG9LHviQtYBAA==" > {code} > Upon reading this header with {{AuthChallengeParser}} hc parses this field > using the code in [line > 70|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L70]: > {code} > if (!cursor.atEnd() && buffer.charAt(cursor.getPos()) == EQUAL_CHAR) { > cursor.updatePos(cursor.getPos() + 1); > final String value = tokenParser.parseValue(buffer, cursor, > DELIMITER); > return new BasicNameValuePair(token, value); > } > {code} > When reading the first "=" char of the message, it interprets the value as a > key-value pair. The first part of the NTLM message being the key and the > second "=" the value. > [Later|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L126] > an AuthChallenge is later created with > {code} > new AuthChallenge(challengeType, schemeName, null, params.size() > 0 ? params > : null); > {code} > where {{value}} is null and params a list containing the NTLM message without > the equals signs. > Without the "==" the next auth step fails. -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org For additional commands, e-mail: dev-h...@hc.apache.org
[jira] [Comment Edited] (HTTPCLIENT-2086) NTLM Message parse Error
[ https://issues.apache.org/jira/browse/HTTPCLIENT-2086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17139525#comment-17139525 ] Eric Kerwin edited comment on HTTPCLIENT-2086 at 6/18/20, 4:03 PM: --- I'd love to assist if I could actually help. I've been looking at the parser and it seems like you might want the scheme, as [~michael-o] mentions above, control the parsing. I am not an expert on NTLM at all, but it looks like its challenge response should not be tokenized, here's my challenge: {code:java} NTLM TlRMTVNTUAACADgBggiiS0u2y+0O6WI4BgEAAA8={code} I'm currently working on a forked version so I can provide a PR once I have an NTLM parser ready. Is this a waste of my (and more importantly, your) time? was (Author: ekerwin): I'd love to assist if I could actually help. I've been looking at the parser and it seems like you might want the scheme, as [~michael-o] mentions above. I am not an expert on NTLM at all, but it looks like its challenge response should not be tokenized, here's my challenge: {code:java} NTLM TlRMTVNTUAACADgBggiiS0u2y+0O6WI4BgEAAA8={code} I'm currently working on a forked version so I can provide a PR once I have an NTLM parser ready. Is this a waste of my (and more importantly, your) time? > NTLM Message parse Error > > > Key: HTTPCLIENT-2086 > URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2086 > Project: HttpComponents HttpClient > Issue Type: Bug >Affects Versions: 5.0 >Reporter: Michael Wagner >Priority: Minor > Attachments: screenshot-1.png > > > My Authentication endpoint returns an NTLM Message header like this: > {code} > "WWW-Authenticate: NTLM > TlRMTVNTUAACBgAGADgF.QByAGcALgBkAGUABwAIAMG9LHviQtYBAA==" > {code} > Upon reading this header with {{AuthChallengeParser}} hc parses this field > using the code in [line > 70|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L70]: > {code} > if (!cursor.atEnd() && buffer.charAt(cursor.getPos()) == EQUAL_CHAR) { > cursor.updatePos(cursor.getPos() + 1); > final String value = tokenParser.parseValue(buffer, cursor, > DELIMITER); > return new BasicNameValuePair(token, value); > } > {code} > When reading the first "=" char of the message, it interprets the value as a > key-value pair. The first part of the NTLM message being the key and the > second "=" the value. > [Later|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L126] > an AuthChallenge is later created with > {code} > new AuthChallenge(challengeType, schemeName, null, params.size() > 0 ? params > : null); > {code} > where {{value}} is null and params a list containing the NTLM message without > the equals signs. > Without the "==" the next auth step fails. -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org For additional commands, e-mail: dev-h...@hc.apache.org
[jira] [Comment Edited] (HTTPCLIENT-2086) NTLM Message parse Error
[ https://issues.apache.org/jira/browse/HTTPCLIENT-2086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17135741#comment-17135741 ] Michael Osipov edited comment on HTTPCLIENT-2086 at 6/15/20, 2:01 PM: -- Yes, that's the reason. Infact, RFC 2617 defines: {noformat} challenge = auth-scheme 1*SP 1#auth-param {noformat} which differs from what RFC 7235 does. This bascially means that NTLM and SPNEGO broke the RFC before 7235. was (Author: michael-o): Yes, that's the reason. Infact, RFC 2617 defines: {noformat} hallenge = auth-scheme 1*SP 1#auth-param {noformat} which differs from what RFC 7235 does. This bascially means that NTLM and SPNEGO broke the RFC before 7235. > NTLM Message parse Error > > > Key: HTTPCLIENT-2086 > URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2086 > Project: HttpComponents HttpClient > Issue Type: Bug >Affects Versions: 5.0 >Reporter: Michael Wagner >Priority: Minor > Attachments: screenshot-1.png > > > My Authentication endpoint returns an NTLM Message header like this: > {code} > "WWW-Authenticate: NTLM > TlRMTVNTUAACBgAGADgF.QByAGcALgBkAGUABwAIAMG9LHviQtYBAA==" > {code} > Upon reading this header with {{AuthChallengeParser}} hc parses this field > using the code in [line > 70|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L70]: > {code} > if (!cursor.atEnd() && buffer.charAt(cursor.getPos()) == EQUAL_CHAR) { > cursor.updatePos(cursor.getPos() + 1); > final String value = tokenParser.parseValue(buffer, cursor, > DELIMITER); > return new BasicNameValuePair(token, value); > } > {code} > When reading the first "=" char of the message, it interprets the value as a > key-value pair. The first part of the NTLM message being the key and the > second "=" the value. > [Later|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L126] > an AuthChallenge is later created with > {code} > new AuthChallenge(challengeType, schemeName, null, params.size() > 0 ? params > : null); > {code} > where {{value}} is null and params a list containing the NTLM message without > the equals signs. > Without the "==" the next auth step fails. -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org For additional commands, e-mail: dev-h...@hc.apache.org
[jira] [Comment Edited] (HTTPCLIENT-2086) NTLM Message parse Error
[ https://issues.apache.org/jira/browse/HTTPCLIENT-2086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17135508#comment-17135508 ] Michael Wagner edited comment on HTTPCLIENT-2086 at 6/15/20, 7:07 AM: -- Ops, you are right of course. I copied the wrong header. The endpoint returns a "{{WWW-Authenticate: NTLM TlRMTVNTUAACBgAGIAMG9LHviQtYBAA==}}" :) !screenshot-1.png|width=720,height=373! Notice how in my screenshot {{tokenOrParameter}} has a {{value}} of {{=}}. was (Author: maffelbaffel): Ops, you are right of course. I copied the wrong header. The endpoint returns a "{{WWW-Authenticate: NTLM TlRMTVNTUAACBgAGIAMG9LHviQtYBAA==}}" :) !screenshot-1.png|width=720,height=373! > NTLM Message parse Error > > > Key: HTTPCLIENT-2086 > URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2086 > Project: HttpComponents HttpClient > Issue Type: Bug >Affects Versions: 5.0 >Reporter: Michael Wagner >Priority: Minor > Attachments: screenshot-1.png > > > My Authentication endpoint returns an NTLM Message header like this: > {code} > "WWW-Authenticate: NTLM > TlRMTVNTUAACBgAGADgF.QByAGcALgBkAGUABwAIAMG9LHviQtYBAA==" > {code} > Upon reading this header with {{AuthChallengeParser}} hc parses this field > using the code in [line > 70|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L70]: > {code} > if (!cursor.atEnd() && buffer.charAt(cursor.getPos()) == EQUAL_CHAR) { > cursor.updatePos(cursor.getPos() + 1); > final String value = tokenParser.parseValue(buffer, cursor, > DELIMITER); > return new BasicNameValuePair(token, value); > } > {code} > When reading the first "=" char of the message, it interprets the value as a > key-value pair. The first part of the NTLM message being the key and the > second "=" the value. > [Later|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L126] > an AuthChallenge is later created with > {code} > new AuthChallenge(challengeType, schemeName, null, params.size() > 0 ? params > : null); > {code} > where {{value}} is null and params a list containing the NTLM message without > the equals signs. > Without the "==" the next auth step fails. -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org For additional commands, e-mail: dev-h...@hc.apache.org
[jira] [Comment Edited] (HTTPCLIENT-2086) NTLM Message parse Error
[ https://issues.apache.org/jira/browse/HTTPCLIENT-2086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17135508#comment-17135508 ] Michael Wagner edited comment on HTTPCLIENT-2086 at 6/15/20, 7:04 AM: -- Ops, you are right of course. I copied the wrong header. The endpoint returns a "{{WWW-Authenticate: NTLM TlRMTVNTUAACBgAGIAMG9LHviQtYBAA==}}" :) !screenshot-1.png|width=720,height=373! was (Author: maffelbaffel): Ops, you are right of course. I copied the wrong header. The endpoint returns a "{{WWW-Authenticate: NTLM TlRMTVNTUAACBgAGIAMG9LHviQtYBAA==}}" :) !screenshot-1.png|thumbnail! > NTLM Message parse Error > > > Key: HTTPCLIENT-2086 > URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2086 > Project: HttpComponents HttpClient > Issue Type: Bug >Affects Versions: 5.0 >Reporter: Michael Wagner >Priority: Minor > Attachments: screenshot-1.png > > > My Authentication endpoint returns an NTLM Message header like this: > {code} > "WWW-Authenticate: NTLM > TlRMTVNTUAACBgAGADgF.QByAGcALgBkAGUABwAIAMG9LHviQtYBAA==" > {code} > Upon reading this header with {{AuthChallengeParser}} hc parses this field > using the code in [line > 70|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L70]: > {code} > if (!cursor.atEnd() && buffer.charAt(cursor.getPos()) == EQUAL_CHAR) { > cursor.updatePos(cursor.getPos() + 1); > final String value = tokenParser.parseValue(buffer, cursor, > DELIMITER); > return new BasicNameValuePair(token, value); > } > {code} > When reading the first "=" char of the message, it interprets the value as a > key-value pair. The first part of the NTLM message being the key and the > second "=" the value. > [Later|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L126] > an AuthChallenge is later created with > {code} > new AuthChallenge(challengeType, schemeName, null, params.size() > 0 ? params > : null); > {code} > where {{value}} is null and params a list containing the NTLM message without > the equals signs. > Without the "==" the next auth step fails. -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org For additional commands, e-mail: dev-h...@hc.apache.org
[jira] [Comment Edited] (HTTPCLIENT-2086) NTLM Message parse Error
[ https://issues.apache.org/jira/browse/HTTPCLIENT-2086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17135508#comment-17135508 ] Michael Wagner edited comment on HTTPCLIENT-2086 at 6/15/20, 7:03 AM: -- Ops, you are right of course. I copied the wrong header. The endpoint returns a "{{WWW-Authenticate: NTLM TlRMTVNTUAACBgAGIAMG9LHviQtYBAA==}}" :) !screenshot-1.png|thumbnail! was (Author: maffelbaffel): Ops, you are right of course. I copied the wrong header. The endpoint returns a "{{WWW-Authenticate: NTLM TlRMTVNTUAACBgAGIAMG9LHviQtYBAA==}}" :) !screenshot-1.png! > NTLM Message parse Error > > > Key: HTTPCLIENT-2086 > URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2086 > Project: HttpComponents HttpClient > Issue Type: Bug >Affects Versions: 5.0 >Reporter: Michael Wagner >Priority: Minor > Attachments: screenshot-1.png > > > My Authentication endpoint returns an NTLM Message header like this: > {code} > "WWW-Authenticate: NTLM > TlRMTVNTUAACBgAGADgF.QByAGcALgBkAGUABwAIAMG9LHviQtYBAA==" > {code} > Upon reading this header with {{AuthChallengeParser}} hc parses this field > using the code in [line > 70|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L70]: > {code} > if (!cursor.atEnd() && buffer.charAt(cursor.getPos()) == EQUAL_CHAR) { > cursor.updatePos(cursor.getPos() + 1); > final String value = tokenParser.parseValue(buffer, cursor, > DELIMITER); > return new BasicNameValuePair(token, value); > } > {code} > When reading the first "=" char of the message, it interprets the value as a > key-value pair. The first part of the NTLM message being the key and the > second "=" the value. > [Later|https://github.com/apache/httpcomponents-client/blob/3730b03a99308ff99769fdd60e80a43230cf5aac/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/AuthChallengeParser.java#L126] > an AuthChallenge is later created with > {code} > new AuthChallenge(challengeType, schemeName, null, params.size() > 0 ? params > : null); > {code} > where {{value}} is null and params a list containing the NTLM message without > the equals signs. > Without the "==" the next auth step fails. -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org For additional commands, e-mail: dev-h...@hc.apache.org