diff --git a/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java b/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java index bc7412b0f..b2fb4c957 100644 --- a/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java +++ b/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java @@ -624,7 +624,7 @@ final class NTLMEngineImpl implements NTLMEngine { final MD4 md4 = new MD4(); md4.update(unicodePassword); return md4.getOutput(); - } catch (java.io.UnsupportedEncodingException e) { + } catch (UnsupportedEncodingException e) { throw new NTLMEngineException("Unicode not supported: " + e.getMessage(), e); } } @@ -641,9 +641,11 @@ final class NTLMEngineImpl implements NTLMEngine { final HMACMD5 hmacMD5 = new HMACMD5(ntlmHash); // Upper case username, upper case domain! hmacMD5.update(user.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked")); - hmacMD5.update(domain.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked")); + if (domain != null) { + hmacMD5.update(domain.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked")); + } return hmacMD5.getOutput(); - } catch (java.io.UnsupportedEncodingException e) { + } catch (UnsupportedEncodingException e) { throw new NTLMEngineException("Unicode not supported! " + e.getMessage(), e); } } @@ -660,9 +662,11 @@ final class NTLMEngineImpl implements NTLMEngine { final HMACMD5 hmacMD5 = new HMACMD5(ntlmHash); // Upper case username, mixed case target!! hmacMD5.update(user.toUpperCase(Locale.US).getBytes("UnicodeLittleUnmarked")); - hmacMD5.update(domain.getBytes("UnicodeLittleUnmarked")); + if (domain != null) { + hmacMD5.update(domain.getBytes("UnicodeLittleUnmarked")); + } return hmacMD5.getOutput(); - } catch (java.io.UnsupportedEncodingException e) { + } catch (UnsupportedEncodingException e) { throw new NTLMEngineException("Unicode not supported! " + e.getMessage(), e); } } @@ -981,7 +985,7 @@ final class NTLMEngineImpl implements NTLMEngine { hostBytes = unqualifiedHost != null? unqualifiedHost.getBytes("ASCII") : null; domainBytes = unqualifiedDomain != null ? unqualifiedDomain .toUpperCase(Locale.US).getBytes("ASCII") : null; - } catch (java.io.UnsupportedEncodingException e) { + } catch (UnsupportedEncodingException e) { throw new NTLMEngineException("Unicode unsupported: " + e.getMessage(), e); } } @@ -1104,7 +1108,7 @@ final class NTLMEngineImpl implements NTLMEngine { if (bytes.length != 0) { try { target = new String(bytes, "UnicodeLittleUnmarked"); - } catch (java.io.UnsupportedEncodingException e) { + } catch (UnsupportedEncodingException e) { throw new NTLMEngineException(e.getMessage(), e); } } diff --git a/httpclient/src/test/java/org/apache/http/impl/client/integration/TestClientAuthenticationFakeNTLM.java b/httpclient/src/test/java/org/apache/http/impl/client/integration/TestClientAuthenticationFakeNTLM.java index 09cae31bd..684b39bdc 100644 --- a/httpclient/src/test/java/org/apache/http/impl/client/integration/TestClientAuthenticationFakeNTLM.java +++ b/httpclient/src/test/java/org/apache/http/impl/client/integration/TestClientAuthenticationFakeNTLM.java @@ -99,7 +99,13 @@ public class TestClientAuthenticationFakeNTLM extends IntegrationTestBase { response.getStatusLine().getStatusCode()); } - static class NtlmType2ResponseHandler implements HttpRequestHandler { + static class NtlmType2MessageResponseHandler implements HttpRequestHandler { + + private final String authenticateHeaderValue; + + public NtlmType2MessageResponseHandler(final String type2Message) { + this.authenticateHeaderValue = "NTLM " + type2Message; + } public void handle( final HttpRequest request, @@ -113,16 +119,42 @@ public class TestClientAuthenticationFakeNTLM extends IntegrationTestBase { if (!request.containsHeader(HttpHeaders.AUTHORIZATION)) { response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "NTLM"); } else { - response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "NTLM TlRMTVNTUAACAA" + - "AADAAMADgAAAAzwoICLgEjRWfCicKrw43DrwAAAAAAAAAAAAAAAAAAAAAGAHAX" + - "AAAAD1MAZQByAHYAZQByAA=="); + response.setHeader(HttpHeaders.WWW_AUTHENTICATE, authenticateHeaderValue); } } } @Test - public void testNTLMType2() throws Exception { - this.localServer.register("*", new NtlmType2ResponseHandler()); + public void testNTLMv1Type2Message() throws Exception { + this.localServer.register("*", new NtlmType2MessageResponseHandler("TlRMTVNTUAACAA" + + "AADAAMADgAAAAzggLiASNFZ4mrze8AAAAAAAAAAAAAAAAAAAAABgBwFwAAAA9T" + + "AGUAcgB2AGUAcgA=")); + this.localServer.start(); + + final BasicCredentialsProvider credsProvider = new BasicCredentialsProvider(); + credsProvider.setCredentials(AuthScope.ANY, + new NTCredentials("test", "test", null, null)); + + this.httpclient = HttpClients.custom() + .setDefaultCredentialsProvider(credsProvider) + .build(); + + final HttpContext context = HttpClientContext.create(); + + final HttpHost targethost = getServerHttp(); + final HttpGet httpget = new HttpGet("/"); + + final HttpResponse response = this.httpclient.execute(targethost, httpget, context); + EntityUtils.consume(response.getEntity()); + Assert.assertEquals(HttpStatus.SC_UNAUTHORIZED, + response.getStatusLine().getStatusCode()); + } + + @Test + public void testNTLMv2Type2Message() throws Exception { + this.localServer.register("*", new NtlmType2MessageResponseHandler("TlRMTVNTUAACAA" + + "AADAAMADgAAAAzgoriASNFZ4mrze8AAAAAAAAAACQAJABEAAAABgBwFwAAAA9T" + + "AGUAcgB2AGUAcgACAAwARABvAG0AYQBpAG4AAQAMAFMAZQByAHYAZQByAAAAAAA=")); this.localServer.start(); final BasicCredentialsProvider credsProvider = new BasicCredentialsProvider();