Bug 583150

Summary: NTLM Authentication needs to be supported for accessing Content Source via a proxy server
Product: [JBoss] JBoss Operations Network Reporter: Larry O'Leary <loleary>
Component: ContentAssignee: RHQ Project Maintainer <rhq-maint>
Status: CLOSED EOL QA Contact: Mike Foley <mfoley>
Severity: medium Docs Contact:
Priority: medium    
Version: JON 2.4.0CC: joallen, jshaughn, loleary
Target Milestone: ---Keywords: FutureFeature
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-06-17 14:47:29 UTC Type: Feature Request
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Error/stack from Content Source synch request
none
Excerpt from RHQ server log file showing NTLM Auth failure none

Description Larry O'Leary 2010-04-16 20:06:23 UTC
Created attachment 407186 [details]
Error/stack from Content Source synch request

Description of problem:
JON’s connectivity to the Customer Support Portal (CSP) currently does not
support NTLM proxy authentication.  This presents a very big problem with using content management features to pull patches and perform upgrades when RHQ server is installed in a secure envrionment that uses a proxy server that requires NTLM authentication.  


Version-Release number of selected component (if applicable):
Originally on JON 2.2.0

Additional info:
Originally error reported by user:

I was getting below error in log after I did changes for Proxy settings
and restarted the jon-server.

Proxy settings are:-

Proxy-Host: myproxy.host.com
Proxy-port: 8080

00:21:22,211 ERROR [HttpMethodDirector] Credentials cannot be used for NTLM authentication: org.apache.commons.httpclient.UsernamePasswordCredentials
...

See attached error and log excerpts for stacks.

Comment 1 Larry O'Leary 2010-04-16 20:07:20 UTC
Created attachment 407189 [details]
Excerpt from RHQ server log file showing NTLM Auth failure

Comment 2 Corey Welton 2010-09-21 01:46:17 UTC
mazz - is this a known issue? what would it take to fix?

Comment 3 John Mazzitelli 2010-09-21 13:28:01 UTC
I have no idea what this would entail to fix this. I'm not familiar with the CSP server-side plugin's connection code but I assume it means utilizing some other connection library rather than apache commons to do this. I suspect this is still a problem because we've not done any work on the CSP plugin in a while.

Comment 4 James Livingston 2011-01-10 04:32:09 UTC
According to http://hc.apache.org/httpclient-3.x/authentication.html#NTLM, all that needs to be done is replace the UsernamePasswordCredentials object in JBossSoftwareContentSourceAdapter.configureProxy() with a NTCredentials object, setting the Host and Domain. Obviously that requires some additional UI to collect them too.

Comment 5 John Mazzitelli 2012-02-01 17:23:52 UTC
stefan would have a better feel for what it would take to implement this. he recently revamped the content subsystem and looked at the server plugins.

Comment 8 Filip Brychta 2019-06-17 14:47:29 UTC
JBoss ON is coming to the end of its product life cycle. For more information regarding this transition, see https://access.redhat.com/articles/3827121.
This bug report/request is being closed. If you feel this issue should not be closed or requires further review, please create a new bug report against the latest supported JBoss ON 3.3 version.