Reputation: 6271
Credentials cannot be used for NTLM authentication
I am getting
org.apache.commons.httpclient.auth.InvalidCredentialsException: Credentials cannot be used for NTLM authentication:
exception in eclipse
Whether it is possible mention eclipse to take system proxy settings directly?
public class HttpGetProxy {
private static final String PROXY_HOST = "proxy.****.com";
private static final int PROXY_PORT = 6050;
public static void main(String[] args) {
HttpClient client = new HttpClient();
HttpMethod method = new GetMethod("https://kodejava.org");
HostConfiguration config = client.getHostConfiguration();
config.setProxy(PROXY_HOST, PROXY_PORT);
String username = "*****";
String password = "*****";
Credentials credentials = new UsernamePasswordCredentials(username, password);
AuthScope authScope = new AuthScope(PROXY_HOST, PROXY_PORT);
client.getState().setProxyCredentials(authScope, credentials);
try {
client.executeMethod(method);
if (method.getStatusCode() == HttpStatus.SC_OK) {
String response = method.getResponseBodyAsString();
System.out.println("Response = " + response);
}
} catch (IOException e) {
e.printStackTrace();
} finally {
method.releaseConnection();
}
}
}
Exception:
Dec 08, 2017 1:41:39 PM org.apache.commons.httpclient.auth.AuthChallengeProcessor selectAuthScheme INFO: ntlm authentication scheme selected Dec 08, 2017 1:41:39 PM org.apache.commons.httpclient.HttpMethodDirector executeConnect SEVERE: Credentials cannot be used for NTLM authentication: org.apache.commons.httpclient.UsernamePasswordCredentials org.apache.commons.httpclient.auth.InvalidCredentialsException: Credentials cannot be used for NTLM authentication:
enter code hereorg.apache.commons.httpclient.UsernamePasswordCredentials at org.apache.commons.httpclient.auth.NTLMScheme.authenticate(NTLMScheme.java:332) at org.apache.commons.httpclient.HttpMethodDirector.authenticateProxy(HttpMethodDirector.java:320) at org.apache.commons.httpclient.HttpMethodDirector.executeConnect(HttpMethodDirector.java:491) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:391) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) at HttpGetProxy.main(HttpGetProxy.java:31)
Dec 08, 2017 1:41:39 PM org.apache.commons.httpclient.HttpMethodDirector processProxyAuthChallenge INFO: Failure authenticating with NTLM @proxy.****.com:6050
Upvotes: 12
Views: 19510
Answers (3)
Reputation: 15995
The Apache Commons HTTP client which you're using (org.apache.commons.httpclient) has support for NTLM via NTCredentials but it only supports NTLMv1 which is obsolete.
The best approach would be to upgrade to the new Apache HTTP client and use its NTCredentials instead. Here's a small example:
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.NTCredentials;
import org.apache.http.client.CredentialsProvider;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.glassfish.jersey.apache.connector.ApacheClientProperties;
import org.glassfish.jersey.apache.connector.ApacheConnectorProvider;
import org.glassfish.jersey.client.ClientConfig;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
ClientConfig clientConfig = new ClientConfig();
CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(AuthScope.ANY, new NTCredentials(username, password, null, null));
clientConfig.property(ApacheClientProperties.CREDENTIALS_PROVIDER, credentialsProvider);
clientConfig.connectorProvider(new ApacheConnectorProvider());
Client client = ClientBuilder.newClient(clientConfig);
(Source: How to send NTLM authenticated post request using jersey?)
Upvotes: 1
Reputation: 4094
According to the documentation the following authentication schemes are supported: Basic,Digest,NTLM,SPNEGO,Kerberos
In particular:
NTLM: NTLM is a proprietary authentication scheme developed by Microsoft and optimized for Windows platforms. NTLM is believed to be more secure than Digest.
So in order to avoid this warning use the following CredentialProvider:
CredentialsProvider provider = new BasicCredentialsProvider();
provider.setCredentials(AuthScope.ANY, new NTCredentials("user", "pwd", "", "domain"));
Upvotes: 1
Reputation: 195
I think you need to use credentials in the form of domain\username in the "username" field, for NTLM authentication to work properly.
Upvotes: 0
Related Questions
- Using NTLM authentication in Java applications
- NTLM authentication in HttpURLConnection not working in JRE but works in JDK environment
- Java URLConnection error with ntlm authentication, but only on Linux and only Java 7
- java - HttpClient doesn't authenticate with NTLM
- NTLM authentication fails after type 2 response
- NTLM Authentication with Active Directory using Java
- NTLM Authentication in Asp.net
- NTLM Authentication in a Web Application (java)
- Can't authenticate with different NTLM credentials in one session with java.net.URLConnection
- NTLM Window Authentication