Skip to content

Support NTLM auth #206

Closed
Closed
@swankjesse

Description

@swankjesse
Collaborator
No description provided.

Activity

swankjesse

swankjesse commented on Mar 22, 2014

@swankjesse
CollaboratorAuthor

After learning about NTLM, I don't think we want to implement it. I'm going to icebox this.

modified the milestones: Icebox, 3.0 on Mar 22, 2014
post2shyam

post2shyam commented on May 5, 2015

@post2shyam

Eagerly awaiting the NTLM support.

swankjesse

swankjesse commented on May 5, 2015

@swankjesse
CollaboratorAuthor

@post2shyam don't hold your breath! The NTLM technology is not a good fit for OkHttp: in particular it interferes with connection management. If you'd like to fork and see what you can build, I'm curious to see what it looks like.

swankjesse

swankjesse commented on May 5, 2015

@swankjesse
CollaboratorAuthor

Also maybe possible to do NTLM as an interceptor? Worth investigating at least.

SelvinPL

SelvinPL commented on Sep 29, 2015

@SelvinPL

Just a proof of concept: (NTLMEngineImpl is standalone version of org.apache.http.impl.auth.NTLMEngineImpl - removed all dependencies to org.apache.http.* and change org.apache.commons.codec.binary.Base64 to android Base64) - works fine with okhttp:2.4.0

usage:

final OkHttpClient client = new OkHttpClient();
client.setAuthenticator(new NTLMAuthenticator(usr, pwd, dom));

code:

public static class NTLMAuthenticator implements Authenticator {
    final NTLMEngineImpl engine = new NTLMEngineImpl();
    private final String domain;
    private final String username;
    private final String password;
    private final String ntlmMsg1;

    public NTLMAuthenticator(String username, String password, String domain) {
        this.domain = domain;
        this.username = username;
        this.password = password;
        String localNtlmMsg1 = null;
        try {
            localNtlmMsg1 = engine.generateType1Msg(null, null);
        } catch (Exception e) {
            e.printStackTrace();
        }
        ntlmMsg1 = localNtlmMsg1;
    }

    @Override
    public Request authenticate(Proxy proxy, Response response) throws IOException {
        final List<String> WWWAuthenticate = response.headers().values("WWW-Authenticate");
        if (WWWAuthenticate.contains("NTLM")) {
            return response.request().newBuilder().header("Authorization", "NTLM " + ntlmMsg1).build();
        }
        String ntlmMsg3 = null;
        try {
            ntlmMsg3 = engine.generateType3Msg(username, password, domain, "android-device", WWWAuthenticate.get(0).substring(5));
        } catch (Exception e) {
            e.printStackTrace();
        }
        return response.request().newBuilder().header("Authorization", "NTLM " + ntlmMsg3).build();
    }

    @Override
    public Request authenticateProxy(Proxy proxy, Response response) throws IOException {
        return null;
    }
}
sryuliwa

sryuliwa commented on Jun 27, 2016

@sryuliwa

great

swankjesse

swankjesse commented on Jul 10, 2016

@swankjesse
CollaboratorAuthor

No further action for us to take on this.

zetazaw

zetazaw commented on Jul 13, 2016

@zetazaw

@SelvinPL it works with Okhttp3.4.1 also. Thank you for enlightenment.

javichaques

javichaques commented on Nov 2, 2016

@javichaques

@SelvinPL @swankjesse
Hi, which library i need to import to work?

SelvinPL

SelvinPL commented on Nov 2, 2016

@SelvinPL

Non ... grab code from http://svn.apache.org/repos/asf/httpcomponents/httpclient/tags/4.5.2/httpclient/src/main/java/org/apache/http/impl/auth/NTLMEngineImpl.java ... make few obvious changes to get code compiled ... and that's it

27c27
< package org.apache.http.impl.auth;
---
> package org.apache.http.impl.standalone;
37a38
> import android.util.Base64;
39,43d39
< import org.apache.commons.codec.binary.Base64;
< import org.apache.http.Consts;
< import org.apache.http.annotation.NotThreadSafe;
< import org.apache.http.util.CharsetUtils;
< import org.apache.http.util.EncodingUtils;
51,52d46
< @NotThreadSafe
< final class NTLMEngineImpl implements NTLMEngine {
53a48,58
> public final class NTLMEngineImpl  {
>  public static class NTLMEngineException extends Exception{
> 
>      public NTLMEngineException(String message){
>          super(message);
>      }
> 
>      public NTLMEngineException(String message, Throwable e) {
>          super(message, e);
>      }
>  }
55c60
<     private static final Charset UNICODE_LITTLE_UNMARKED = CharsetUtils.lookup("UnicodeLittleUnmarked");
---
>     private static final Charset UNICODE_LITTLE_UNMARKED = Charset.forName("UnicodeLittleUnmarked");
57c62
<     private static final Charset DEFAULT_CHARSET = Consts.ASCII;
---
>     private static final Charset DEFAULT_CHARSET = Charset.forName("US-ASCII");
95c100
<         final byte[] bytesWithoutNull = "NTLMSSP".getBytes(Consts.ASCII);
---
>         final byte[] bytesWithoutNull = "NTLMSSP".getBytes(DEFAULT_CHARSET);
117c122
<      * @throws org.apache.http.HttpException
---
>      * @throws NTLMEngineException
584c589
<             final byte[] oemPassword = password.toUpperCase(Locale.ROOT).getBytes(Consts.ASCII);
---
>             final byte[] oemPassword = password.toUpperCase(Locale.ROOT).getBytes(DEFAULT_CHARSET);
590c595
<             final byte[] magicConstant = "KGS!@#$%".getBytes(Consts.ASCII);
---
>             final byte[] magicConstant = "KGS!@#$%".getBytes(DEFAULT_CHARSET);
821c826
<             messageContents = Base64.decodeBase64(messageBody.getBytes(DEFAULT_CHARSET));
---
>             messageContents = Base64.decode(messageBody.getBytes(DEFAULT_CHARSET), Base64.NO_WRAP);
960c965
<             return EncodingUtils.getAsciiString(Base64.encodeBase64(resp));
---
>             return Base64.encodeToString(resp, Base64.NO_WRAP);
1624c1629
<     @Override
---
> 
1631c1636
<     @Override
---
> 
eGorets

eGorets commented on Apr 9, 2017

@eGorets

Hi guys. does any one have ready-to-use NTLMEngineImpl.java class? I'm having difficules with modification of it. Project version of SDK is 24

zetazaw

zetazaw commented on Apr 10, 2017

@zetazaw

have you try @SelvinPL advice? otherwise you can trace apache lib and extract from it. I hope i can make a small lib soon.

14 remaining items

Loading
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

      Development

      No branches or pull requests

        Participants

        @swankjesse@yschimke@richmidwinter@SelvinPL@eGorets

        Issue actions

          Support NTLM auth · Issue #206 · square/okhttp