Thanks Oleg. On having a look at httpcommons client 4.1.2 code (org.apache.http.impl.auth.NTLMEngineImpl.Type3Message class line no 943) I realized that the last questions would apply here too. Since the code is computing only the LM response I assume this would mean that LAN Manager authentication would be used (instead of NTLM v1 or NTLM v2). Do you know of any scenario where such an NT_AUTH message (Type3) would get rejected with an authentication error? Note that the LmCompatibilityLevel registry key value on the domain controller is 1 and that on the server is 2.
Thank you. olegk wrote: > > On Wed, 2011-08-24 at 23:03 +0530, amit shah wrote: >> In the NTLM protocol implementation from httpclient 3.1 >> (org.apache.commons.httpclient.auth.NTLM) the NTLM Response Fields are >> always empty (the NtChallengeResponseLen and NtChallengeResponseMaxLen >> are >> set to 0 while NtChallengeResponseBufferOffset is set to finalLength). I >> have a couple of questions on this >> >> 1. What is the reason of not computing NTLM Challenge Response? >> 2. We are facing an issue on one of the windows environments where NTLM >> authentication fails with an error - username or password is incorrect. >> When >> comparing the authentication headers generated from commons httpclient >> and >> the NTLM protocol implementation from JDK 1.5.15 (using Wireshark) I >> found >> the NTLM response data being empty. Does this mean that commons http >> client >> 3.1 only supports LAN Manager authentication and it does NOT support NTLM >> authentication? If so then a >> HKLM\SYSTEM\CurrentControlSet\Control\Lsa\LmCompatibilityLevel >> registry key value of 4 or 5 on a windows domain controller machine would >> mean that commons http client NTLM authentication would not work for a >> domain account right? >> >> Thank you. > > Amit, > > Support for Httpclient 3.1 has been discontinued. Please consider > upgrading to HttpClient 4.1.x > > Oleg > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > > -- View this message in context: http://old.nabble.com/Commons-HTTP-Client-3.1---NTLM-Response-Empty-tp32328334p32358599.html Sent from the HttpClient-User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
