[prev in list] [next in list] [prev in thread] [next in thread]
List: httpclient-commons-dev
Subject: DO NOT REPLY [Bug 34909] New: -
From: bugzilla () apache ! org
Date: 2005-05-13 15:49:44
Message-ID: 20050513154944.E442C2F2 () ajax ! apache ! org
[Download RAW message or body]
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=34909>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=34909
Summary: Digest authentication problem with domain\user username
format
Product: HttpClient
Version: 3.0 RC2
Platform: PC
OS/Version: Windows XP
Status: NEW
Severity: normal
Priority: P2
Component: Commons HttpClient
AssignedTo: httpclient-dev@jakarta.apache.org
ReportedBy: jhougent@wlgore.com
It seems like digest authentication, when used with a username of the format:
domain\username fails in httpclient-3.0-rc2.
I did confirm that digest authentication does work by connecting to a local
Apache HTTP 2.0 server, using just a username and password (no domain\username).
However, it does not support the MD5-sess algorithm, and the server I am getting
the failure from is using MD5-sess.
It may turn out the username is not causing the problem, but one thing is
consistent--I can connect to the site in the logs below using httpclient-2.0.2.
It fails when I use identical Java code, with the addition of AuthScope, when
using httpclient-3.0-rc2. I will also attach Java code that reproduces the problem.
The following are wire and debug logs from httpclient-2.0.2 and
httpclient-3.0-rc2 respectively. The first one connects and gets an 'HTTP 200'
response. The second one, using 3.0-rc2 fails with an 'HTTP 401'.
LOGS
===============================================================
commons-httpclient-2.0.2 (works):
2005/05/13 11:05:15:185 EDT [DEBUG] HttpClient - Java version: 1.3.1
2005/05/13 11:05:15:185 EDT [DEBUG] HttpClient - Java vendor: IBM Corporation
2005/05/13 11:05:15:185 EDT [DEBUG] HttpClient - Java class path:
2005/05/13 11:05:15:205 EDT [DEBUG] HttpClient - Operating system name: Windows XP
2005/05/13 11:05:15:205 EDT [DEBUG] HttpClient - Operating system architecture: x86
2005/05/13 11:05:15:205 EDT [DEBUG] HttpClient - Operating system version: 5.1
2005/05/13 11:05:15:205 EDT [DEBUG] HttpClient - SUN 1.2: SUN (DSA key/parameter
generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates;
JKS keystore)
2005/05/13 11:05:15:205 EDT [DEBUG] HttpClient - SunJCE 1.22: SunJCE Provider
(implements DES, Triple DES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5, HMAC-SHA1)
2005/05/13 11:05:15:205 EDT [DEBUG] HttpClient - SunJSSE 1.0303: Sun JSSE
provider(implements RSA Signatures, PKCS12, SunX509 key/trust factories, SSLv3,
TLSv1)
2005/05/13 11:05:20:893 EDT [DEBUG] HttpConnection - HttpConnection.setSoTimeout(0)
2005/05/13 11:05:20:893 EDT [DEBUG] HttpMethodBase - Execute loop try 1
2005/05/13 11:05:20:913 EDT [DEBUG] header - >> "GET
/CustomerData-30/CustomerDataService.asmx HTTP/1.1[\r][\n]"
2005/05/13 11:05:20:913 EDT [DEBUG] HttpMethodBase - Adding Host request header
2005/05/13 11:05:20:913 EDT [DEBUG] header - >> "User-Agent: Jakarta
Commons-HttpClient/2.0.2[\r][\n]"
2005/05/13 11:05:20:913 EDT [DEBUG] header - >> "Host:
mappoint-css.partners.extranet.microsoft.com[\r][\n]"
2005/05/13 11:05:21:173 EDT [DEBUG] header - >> "[\r][\n]"
2005/05/13 11:05:21:273 EDT [DEBUG] header - << "HTTP/1.1 401 Unauthorized[\r][\n]"
2005/05/13 11:05:21:273 EDT [DEBUG] header - << "Content-Length: 1656[\r][\n]"
2005/05/13 11:05:21:283 EDT [DEBUG] header - << "Content-Type: text/html[\r][\n]"
2005/05/13 11:05:21:283 EDT [DEBUG] header - << "Server: Microsoft-IIS/6.0[\r][\n]"
2005/05/13 11:05:21:283 EDT [DEBUG] header - << "WWW-Authenticate: Digest
qop="auth",algorithm=MD5-sess,nonce="b2a83a38cd57c501af3ad2c91f189512060524424ffc2b818 \
c9920db15cd247a9d47cf5a789d63c6",opaque="1704373a505e74c4ec692978e5c1a539",charset=utf-8,realm="Digest"[\r][\n]"
2005/05/13 11:05:21:283 EDT [DEBUG] header - << "X-Powered-By: ASP.NET[\r][\n]"
2005/05/13 11:05:21:283 EDT [DEBUG] header - << "Date: Fri, 13 May 2005 15:05:37
GMT[\r][\n]"
2005/05/13 11:05:21:283 EDT [DEBUG] HttpMethodBase - Authorization required
2005/05/13 11:05:21:283 EDT [DEBUG] HttpAuthenticator - Authenticating with the
'Digest' authentication realm at mappoint-css.partners.extranet.microsoft.com
2005/05/13 11:05:21:283 EDT [DEBUG] DigestScheme - Using qop method auth
2005/05/13 11:05:21:283 EDT [DEBUG] HttpMethodBase - HttpMethodBase.execute():
Server demanded authentication credentials, will try again.
2005/05/13 11:05:21:293 EDT [DEBUG] HttpMethodBase - Resorting to protocol
version default close connection policy
2005/05/13 11:05:21:293 EDT [DEBUG] HttpMethodBase - Should NOT close
connection, using HTTP/1.1.
2005/05/13 11:05:21:293 EDT [DEBUG] HttpMethodBase - Execute loop try 2
2005/05/13 11:05:21:293 EDT [DEBUG] header - >> "GET
/CustomerData-30/CustomerDataService.asmx HTTP/1.1[\r][\n]"
2005/05/13 11:05:21:293 EDT [DEBUG] HttpMethodBase - Request to add Host header
ignored: header already added
2005/05/13 11:05:21:293 EDT [DEBUG] header - >> "User-Agent: Jakarta
Commons-HttpClient/2.0.2[\r][\n]"
2005/05/13 11:05:21:293 EDT [DEBUG] header - >> "Host:
mappoint-css.partners.extranet.microsoft.com[\r][\n]"
2005/05/13 11:05:21:293 EDT [DEBUG] header - >> "Authorization: Digest
username="domain\user", realm="Digest",
nonce="b2a83a38cd57c501af3ad2c91f189512060524424ffc2b818c9920db15cd247a9d47cf5a789d63c6",
uri="/CustomerData-30/CustomerDataService.asmx", qop="auth",
algorithm="MD5-sess", nc=00000001, cnonce="393a8abf65cd20f85ffdf46a9273b28b",
response="854bf54261112caf2e86652276cb2ce6",
opaque="1704373a505e74c4ec692978e5c1a539"[\r][\n]"
2005/05/13 11:05:21:293 EDT [DEBUG] header - >> "[\r][\n]"
2005/05/13 11:05:21:994 EDT [DEBUG] header - << "HTTP/1.1 200 OK[\r][\n]"HTTP
result: 200
===========================================================
commons-httpclient-3.0-rc2 (does not work):
2005/05/13 11:16:54:881 EDT [DEBUG] DefaultHttpParams - -Set parameter
http.useragent = Jakarta Commons-HttpClient/3.0-rc2
2005/05/13 11:16:54:881 EDT [DEBUG] DefaultHttpParams - -Set parameter
http.protocol.version = HTTP/1.1
2005/05/13 11:16:54:881 EDT [DEBUG] DefaultHttpParams - -Set parameter
http.connection-manager.class = class
org.apache.commons.httpclient.SimpleHttpConnectionManager
2005/05/13 11:16:54:891 EDT [DEBUG] DefaultHttpParams - -Set parameter
http.protocol.cookie-policy = rfc2109
2005/05/13 11:16:54:891 EDT [DEBUG] DefaultHttpParams - -Set parameter
http.protocol.element-charset = US-ASCII
2005/05/13 11:16:54:891 EDT [DEBUG] DefaultHttpParams - -Set parameter
http.protocol.content-charset = ISO-8859-1
2005/05/13 11:16:54:891 EDT [DEBUG] DefaultHttpParams - -Set parameter
http.method.retry-handler =
org.apache.commons.httpclient.DefaultHttpMethodRetryHandler@5048d78c
2005/05/13 11:16:54:891 EDT [DEBUG] DefaultHttpParams - -Set parameter
http.dateparser.patterns = [EEE, dd MMM yyyy HH:mm:ss zzz, EEEE, dd-MMM-yy
HH:mm:ss zzz, EEE MMM d HH:mm:ss yyyy, EEE, dd-MMM-yyyy HH:mm:ss z, EEE,
dd-MMM-yyyy HH-mm-ss z, EEE, dd MMM yy HH:mm:ss z, EEE dd-MMM-yyyy HH:mm:ss z,
EEE dd MMM yyyy HH:mm:ss z, EEE dd-MMM-yyyy HH-mm-ss z, EEE dd-MMM-yy HH:mm:ss
z, EEE dd MMM yy HH:mm:ss z, EEE,dd-MMM-yy HH:mm:ss z, EEE,dd-MMM-yyyy HH:mm:ss
z, EEE, dd-MM-yyyy HH:mm:ss z]
2005/05/13 11:16:54:911 EDT [DEBUG] HttpClient - -Java version: 1.3.1
2005/05/13 11:16:54:911 EDT [DEBUG] HttpClient - -Java vendor: IBM Corporation
2005/05/13 11:16:54:911 EDT [DEBUG] HttpClient - -Java class path:
2005/05/13 11:16:54:941 EDT [DEBUG] HttpClient - -Operating system name: Windows XP
2005/05/13 11:16:54:941 EDT [DEBUG] HttpClient - -Operating system architecture: x86
2005/05/13 11:16:54:941 EDT [DEBUG] HttpClient - -Operating system version: 5.1
2005/05/13 11:16:54:941 EDT [DEBUG] HttpClient - -SUN 1.2: SUN (DSA
key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509
certificates; JKS keystore)
2005/05/13 11:16:54:951 EDT [DEBUG] HttpClient - -SunJCE 1.22: SunJCE Provider
(implements DES, Triple DES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5, HMAC-SHA1)
2005/05/13 11:16:54:951 EDT [DEBUG] HttpClient - -SunJSSE 1.0303: Sun JSSE
provider(implements RSA Signatures, PKCS12, SunX509 key/trust factories, SSLv3,
TLSv1)
2005/05/13 11:16:54:961 EDT [DEBUG] HttpConnection - -Open connection to
mappoint-css.partners.extranet.microsoft.com:443
2005/05/13 11:17:00:629 EDT [DEBUG] header - ->> "GET
/CustomerData-30/CustomerDataService.asmx HTTP/1.1[\r][\n]"
2005/05/13 11:17:00:629 EDT [DEBUG] HttpMethodBase - -Adding Host request header
2005/05/13 11:17:00:639 EDT [DEBUG] header - ->> "User-Agent: Jakarta
Commons-HttpClient/3.0-rc2[\r][\n]"
2005/05/13 11:17:00:639 EDT [DEBUG] header - ->> "Host:
mappoint-css.partners.extranet.microsoft.com[\r][\n]"
2005/05/13 11:17:00:639 EDT [DEBUG] header - ->> "[\r][\n]"
2005/05/13 11:17:00:989 EDT [DEBUG] header - -<< "HTTP/1.1 401 Unauthorized[\r][\n]"
2005/05/13 11:17:00:999 EDT [DEBUG] header - -<< "Content-Length: 1656[\r][\n]"
2005/05/13 11:17:00:999 EDT [DEBUG] header - -<< "Content-Type: text/html[\r][\n]"
2005/05/13 11:17:00:999 EDT [DEBUG] header - -<< "Server: Microsoft-IIS/6.0[\r][\n]"
2005/05/13 11:17:00:999 EDT [DEBUG] header - -<< "WWW-Authenticate: Digest
qop="auth",algorithm=MD5-sess,nonce="c66759cace57c5016cf5645c6dee5b649ed29067f652939d6 \
aaf7239310bb333eeb0153783ae445f",opaque="e7e259c137b65766c971d6cfc4115789",charset=utf-8,realm="Digest"[\r][\n]"
2005/05/13 11:17:00:999 EDT [DEBUG] header - -<< "X-Powered-By: ASP.NET[\r][\n]"
2005/05/13 11:17:00:999 EDT [DEBUG] header - -<< "Date: Fri, 13 May 2005
15:16:51 GMT[\r][\n]"
2005/05/13 11:17:00:999 EDT [DEBUG] HttpMethodDirector - -Authorization required
2005/05/13 11:17:01:009 EDT [DEBUG] AuthChallengeProcessor - -Supported
authentication schemes in the order of preference: [ntlm, digest, basic]
2005/05/13 11:17:01:009 EDT [DEBUG] AuthChallengeProcessor - -Challenge for ntlm
authentication scheme not available
2005/05/13 11:17:01:009 EDT [INFO] AuthChallengeProcessor - -digest
authentication scheme selected
2005/05/13 11:17:01:009 EDT [DEBUG] AuthChallengeProcessor - -Using
authentication scheme: digest
2005/05/13 11:17:01:009 EDT [DEBUG] AuthChallengeProcessor - -Authorization
challenge processed
2005/05/13 11:17:01:009 EDT [DEBUG] HttpMethodDirector - -Authentication scope:
DIGEST 'Digest'@mappoint-css.partners.extranet.microsoft.com:443
2005/05/13 11:17:01:009 EDT [DEBUG] HttpMethodDirector - -Retry authentication
2005/05/13 11:17:01:019 EDT [DEBUG] HttpMethodBase - -Resorting to protocol
version default close connection policy
2005/05/13 11:17:01:019 EDT [DEBUG] HttpMethodBase - -Should NOT close
connection, using HTTP/1.1
2005/05/13 11:17:01:019 EDT [DEBUG] HttpConnection - -Connection is locked.
Call to releaseConnection() ignored.
2005/05/13 11:17:01:019 EDT [DEBUG] HttpMethodDirector - -Authenticating with
DIGEST 'Digest'@mappoint-css.partners.extranet.microsoft.com:443
2005/05/13 11:17:01:019 EDT [DEBUG] HttpMethodParams - -Credential charset not
configured, using HTTP element charset
2005/05/13 11:17:01:019 EDT [DEBUG] DigestScheme - -Using qop method auth
2005/05/13 11:17:01:019 EDT [DEBUG] HttpConnection - -Connection is stale,
closing...
2005/05/13 11:17:01:019 EDT [DEBUG] HttpConnection - -Open connection to
mappoint-css.partners.extranet.microsoft.com:443
2005/05/13 11:17:01:110 EDT [DEBUG] header - ->> "GET
/CustomerData-30/CustomerDataService.asmx HTTP/1.1[\r][\n]"
2005/05/13 11:17:01:110 EDT [DEBUG] HttpMethodBase - -Adding Host request header
2005/05/13 11:17:01:110 EDT [DEBUG] header - ->> "User-Agent: Jakarta
Commons-HttpClient/3.0-rc2[\r][\n]"
2005/05/13 11:17:01:110 EDT [DEBUG] header - ->> "Authorization: Digest
username="domain\user", realm="Digest",
nonce="c66759cace57c5016cf5645c6dee5b649ed29067f652939d6aaf7239310bb333eeb0153783ae445f",
uri="/CustomerData-30/CustomerDataService.asmx",
response="9cab4fcdb2d09f57523aec80d7b51e95", qop="auth", nc=00000001,
cnonce="b27507ee79c880b2bb565d363598ce07", algorithm="MD5-sess",
opaque="e7e259c137b65766c971d6cfc4115789"[\r][\n]"
2005/05/13 11:17:01:120 EDT [DEBUG] header - ->> "Host:
mappoint-css.partners.extranet.microsoft.com[\r][\n]"
2005/05/13 11:17:01:120 EDT [DEBUG] header - ->> "[\r][\n]"
2005/05/13 11:17:01:540 EDT [DEBUG] header - -<< "HTTP/1.1 401 Unauthorized[\r][\n]"
2005/05/13 11:17:01:540 EDT [DEBUG] header - -<< "Content-Length: 1539[\r][\n]"
2005/05/13 11:17:01:540 EDT [DEBUG] header - -<< "Content-Type: text/html[\r][\n]"
2005/05/13 11:17:01:550 EDT [DEBUG] header - -<< "Server: Microsoft-IIS/6.0[\r][\n]"
2005/05/13 11:17:01:550 EDT [DEBUG] header - -<< "WWW-Authenticate: Digest
qop="auth",algorithm=MD5-sess,nonce="3296b0dace57c5012fe314f8c6f8cafd10abc7a61c09484b2 \
be5c7ef19ecb3c080da1f82c3f5a532",opaque="87578a7f0871280654aed868cb9497fb",charset=utf-8,realm="Digest"[\r][\n]"
2005/05/13 11:17:01:550 EDT [DEBUG] header - -<< "X-Powered-By: ASP.NET[\r][\n]"
2005/05/13 11:17:01:550 EDT [DEBUG] header - -<< "Date: Fri, 13 May 2005
15:17:19 GMT[\r][\n]"
2005/05/13 11:17:01:550 EDT [DEBUG] HttpMethodDirector - -Authorization required
2005/05/13 11:17:01:550 EDT [DEBUG] AuthChallengeProcessor - -Using
authentication scheme: digest
2005/05/13 11:17:01:550 EDT [DEBUG] AuthChallengeProcessor - -Authorization
challenge processed
2005/05/13 11:17:01:550 EDT [DEBUG] HttpMethodDirector - -Authentication scope:
DIGEST 'Digest'@mappoint-css.partners.extranet.microsoft.com:443
2005/05/13 11:17:01:550 EDT [DEBUG] HttpMethodDirector - -Credentials required
HTTP result: 401
2005/05/13 11:17:01:550 EDT [DEBUG] HttpMethodDirector - -Credentials provider
not available
2005/05/13 11:17:01:580 EDT [INFO] HttpMethodDirector - -Failure authenticating
with DIGEST 'Digest'@mappoint-css.partners.extranet.microsoft.com:443
2005/05/13 11:17:01:580 EDT [DEBUG] HttpMethodBase - -Buffering response body
2005/05/13 11:17:01:580 EDT [DEBUG] HttpMethodBase - -Resorting to protocol
version default close connection policy
2005/05/13 11:17:01:580 EDT [DEBUG] HttpMethodBase - -Should NOT close
connection, using HTTP/1.1
2005/05/13 11:17:01:580 EDT [DEBUG] HttpConnection - -Releasing connection back
to connection manager.
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-dev-help@jakarta.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic