JDK-7150092 : NTLM authentication fail if user specified a different realm
- Type: Bug
- Component: core-libs
- Sub-Component: java.net
- Affected Version: 9
- Priority: P4
- Status: Resolved
- Resolution: Fixed
- OS: linux
- CPU: x86
- Submitted: 2012-03-01
- Updated: 2017-05-24
- Resolved: 2014-07-09
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 6 | JDK 7 | JDK 8 | JDK 9 | Other |
|---|---|---|---|---|
| 6u105Fixed | 7u91Fixed | 8u40Fixed  |
9 b23Fixed |
openjdk7uFixed |
Related Reports
|
Duplicate :
|
Description
FULL PRODUCT VERSION :
java version "1.7.0_03"
Java(TM) SE Runtime Environment (build 1.7.0_03-b04)
Java HotSpot(TM) 64-Bit Server VM (build 22.1-b02, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Linux cde 2.6.18-238.19.1.el5.centos.plus #1 SMP Mon Jul 18 10:05:09 EDT 2011 x86_64 x86_64 x86_64 GNU/Linux
A DESCRIPTION OF THE PROBLEM :
I can't authenticate with NTLM server. Same code does work in java 1.6, but isn't running in java 1.7.
When I try "conn.getInputStream()" i receive this error:
java.net.ProtocolException: Server redirected too many times (20)
REGRESSION. Last worked in version 6u29
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Try running provided simple code against the NTML server.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
You shold receive the requested url.
ACTUAL -
There were no result, only ProtocolException.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
Exception in thread "main" java.net.ProtocolException: Server redirected too many times (20)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1622)
at ntlm.Main.getAuthenticatedResponse(Main.java:55)
at ntlm.Main.main(Main.java:30)
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
package ntlm;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.Authenticator;
import java.net.HttpURLConnection;
import java.net.PasswordAuthentication;
import java.net.URL;
public class Main {
public static void main(String[] args) throws Exception
{
String urlStr = "http://put_here_ntlm_server_address";
String domain = "SIMPLE_DOMAIN";
String userName = "SIMPLE_USERNAME";
String password = "SIMPLE_PASSWORD";
String responseText = getAuthenticatedResponse(urlStr, domain, userName, password);
System.out.println("response: " + responseText);
}
private static String getAuthenticatedResponse(final String urlStr, final String domain, final String userName, final String password) throws IOException
{
StringBuilder response = new StringBuilder();
Authenticator.setDefault(new Authenticator() {
@Override
public PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication(domain + "\\" + userName, password.toCharArray());
}
});
URL urlRequest = new URL(urlStr);
HttpURLConnection conn = (HttpURLConnection) urlRequest.openConnection();
conn.setInstanceFollowRedirects(true);
conn.setAllowUserInteraction(true);
conn.setDoOutput(true);
conn.setDoInput(true);
conn.setRequestMethod("GET");
InputStream stream = conn.getInputStream();
BufferedReader in = new BufferedReader(new InputStreamReader(stream));
String str = "";
while ((str = in.readLine()) != null) {
response.append(str);
}
in.close();
return response.toString();
}
}
---------- END SOURCE ----------