[HTTPCLIENT-2086] NTLM Message parse Error - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 5.0
Fix Version/s: 5.0.2
Component/s: None
Labels:
None

Description

My Authentication endpoint returns an NTLM Message header like this:

"WWW-Authenticate: NTLM TlRMTVNTUAACAAAABgAGADgAAAAF.....QByAGcALgBkAGUABwAIAMG9LHviQtYBAAAAAA=="

Upon reading this header with AuthChallengeParser hc parses this field using the code in line 70:

if (!cursor.atEnd() && buffer.charAt(cursor.getPos()) == EQUAL_CHAR) {
                cursor.updatePos(cursor.getPos() + 1);
                final String value = tokenParser.parseValue(buffer, cursor, DELIMITER);
                return new BasicNameValuePair(token, value);
}

When reading the first "=" char of the message, it interprets the value as a key-value pair. The first part of the NTLM message being the key and the second "=" the value. Later an AuthChallenge is later created with

new AuthChallenge(challengeType, schemeName, null, params.size() > 0 ? params : null);

where value is null and params a list containing the NTLM message without the equals signs.

Without the "==" the next auth step fails.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

screenshot-1.png
15/Jun/20 07:02
409 kB
Michael Wagner
ntlm working.txt
30/Jun/20 15:07
203 kB
Eric Kerwin
ntlm 407 log and stacktrace.txt
30/Jun/20 11:49
29 kB
Eric Kerwin

Issue Links

Blocked

HTTPCLIENT-2199 NTLM auth is failing while processing 2nd challenge response

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Michael Wagner

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 14/Jun/20 16:21

Updated:: 24/Jan/22 15:17

Resolved:: 01/Jul/20 10:30

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

1h 40m