JDK-6628661 : NTLM-authentication doesn't work with non-ASCII letters
  • Type: Bug
  • Component: core-libs
  • Sub-Component: java.net
  • Affected Version: 6
  • Priority: P2
  • Status: Closed
  • Resolution: Fixed
  • OS: windows_xp
  • CPU: x86
  • Submitted: 2007-11-12
  • Updated: 2011-05-18
  • Resolved: 2011-05-18
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 6 JDK 7
6u10Fixed 7 b25Fixed
Description
FULL PRODUCT VERSION :
java version "1.6.0_02"
Java(TM) SE Runtime Environment (build 1.6.0_02-b06)
Java HotSpot(TM) Client VM (build 1.6.0_02-b06, mixed mode, sharing)


ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows XP [Version 5.1.2600]

A DESCRIPTION OF THE PROBLEM :
The NTLM-authentication in HTTPUrlConnection doesn't work if the windows password contains non-ASCII letters.
 
Reason: "NTLMAuthSequence.c" contains the function "Java_sun_net_www_protocol_http_NTLMAuthSequence_getCredentialsHandle"
that encodes the password in UTF-8 and sends it to the Windows API function "AcquireCredentialsHandleA" with the flag
"SEC_WINNT_AUTH_IDENTITY_ANSI"
And so a "��" (ä) converts to c3 a4. But e4 is expected -> �� in ANSI




REPRODUCIBILITY :
This bug can be reproduced always.

CUSTOMER SUBMITTED WORKAROUND :
Password with ASCII letters

Comments
SUGGESTED FIX src/windows/native/sun/net/www/protocol/http/NTLMAuthSequence.c ------- NTLMAuthSequence.c ------- 42a43 > #include "jni_util.h" 120,122c121,123 < CHAR *pUser = 0; < CHAR *pDomain = 0; < CHAR *pPassword = 0; --- > const CHAR *pUser = 0; > const CHAR *pDomain = 0; > const CHAR *pPassword = 0; 129c130,132 < pUser = (CHAR *)(*env)->GetStringUTFChars(env, user, &isCopy); --- > pUser = JNU_GetStringPlatformChars(env, user, &isCopy); > if (pUser == NULL) > return 0; // pending Exception 132c135,140 < pDomain = (CHAR *)(*env)->GetStringUTFChars(env, domain, &isCopy); --- > pDomain = JNU_GetStringPlatformChars(env, domain, &isCopy); > if (pDomain == NULL) { > if (pUser != NULL) > JNU_ReleaseStringPlatformChars(env, user, pUser); > return 0; // pending Exception > } 135c143,150 < pPassword = (CHAR *)(*env)->GetStringUTFChars(env, password, &isCopy); --- > pPassword = JNU_GetStringPlatformChars(env, password, &isCopy); > if (pPassword == NULL) { > if (pUser != NULL) > JNU_ReleaseStringPlatformChars(env, user, pUser); > if (pDomain != NULL) > JNU_ReleaseStringPlatformChars(env, domain, pDomain); > return 0; // pending Exception > } 169a185,192 > /* Release resources held by JNU_GetStringPlatformChars */ > if (pUser != NULL) > JNU_ReleaseStringPlatformChars(env, user, pUser); > if (pPassword != NULL) > JNU_ReleaseStringPlatformChars(env, password, pPassword); > if (pDomain != NULL) > JNU_ReleaseStringPlatformChars(env, domain, pDomain); >
14-11-2007

EVALUATION The native implementation of getCredentialsHandle should use JNU_GetStringPlatformChars to convert the jstring to the locale specific native C string.
13-11-2007