Bug 583150
Summary: | NTLM Authentication needs to be supported for accessing Content Source via a proxy server | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [JBoss] JBoss Operations Network | Reporter: | Larry O'Leary <loleary> | ||||||
Component: | Content | Assignee: | RHQ Project Maintainer <rhq-maint> | ||||||
Status: | CLOSED EOL | QA Contact: | Mike Foley <mfoley> | ||||||
Severity: | medium | Docs Contact: | |||||||
Priority: | medium | ||||||||
Version: | JON 2.4.0 | CC: | joallen, jshaughn, loleary | ||||||
Target Milestone: | --- | Keywords: | FutureFeature | ||||||
Target Release: | --- | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Enhancement | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2019-06-17 14:47:29 UTC | Type: | Feature Request | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Attachments: |
|
Created attachment 407189 [details]
Excerpt from RHQ server log file showing NTLM Auth failure
mazz - is this a known issue? what would it take to fix? I have no idea what this would entail to fix this. I'm not familiar with the CSP server-side plugin's connection code but I assume it means utilizing some other connection library rather than apache commons to do this. I suspect this is still a problem because we've not done any work on the CSP plugin in a while. According to http://hc.apache.org/httpclient-3.x/authentication.html#NTLM, all that needs to be done is replace the UsernamePasswordCredentials object in JBossSoftwareContentSourceAdapter.configureProxy() with a NTCredentials object, setting the Host and Domain. Obviously that requires some additional UI to collect them too. stefan would have a better feel for what it would take to implement this. he recently revamped the content subsystem and looked at the server plugins. JBoss ON is coming to the end of its product life cycle. For more information regarding this transition, see https://access.redhat.com/articles/3827121. This bug report/request is being closed. If you feel this issue should not be closed or requires further review, please create a new bug report against the latest supported JBoss ON 3.3 version. |
Created attachment 407186 [details] Error/stack from Content Source synch request Description of problem: JON’s connectivity to the Customer Support Portal (CSP) currently does not support NTLM proxy authentication. This presents a very big problem with using content management features to pull patches and perform upgrades when RHQ server is installed in a secure envrionment that uses a proxy server that requires NTLM authentication. Version-Release number of selected component (if applicable): Originally on JON 2.2.0 Additional info: Originally error reported by user: I was getting below error in log after I did changes for Proxy settings and restarted the jon-server. Proxy settings are:- Proxy-Host: myproxy.host.com Proxy-port: 8080 00:21:22,211 ERROR [HttpMethodDirector] Credentials cannot be used for NTLM authentication: org.apache.commons.httpclient.UsernamePasswordCredentials ... See attached error and log excerpts for stacks.