Bug 583150 - NTLM Authentication needs to be supported for accessing Content Source via a proxy server
NTLM Authentication needs to be supported for accessing Content Source via a ...
Status: NEW
Product: JBoss Operations Network
Classification: JBoss
Component: Content (Show other bugs)
JON 2.4.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: RHQ Project Maintainer
Mike Foley
: FutureFeature
Depends On:
  Show dependency treegraph
Reported: 2010-04-16 16:06 EDT by Larry O'Leary
Modified: 2016-02-21 19:57 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed:
Type: Feature Request
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Error/stack from Content Source synch request (4.95 KB, text/plain)
2010-04-16 16:06 EDT, Larry O'Leary
no flags Details
Excerpt from RHQ server log file showing NTLM Auth failure (21.70 KB, application/octet-stream)
2010-04-16 16:07 EDT, Larry O'Leary
no flags Details

  None (edit)
Description Larry O'Leary 2010-04-16 16:06:23 EDT
Created attachment 407186 [details]
Error/stack from Content Source synch request

Description of problem:
JONā€™s connectivity to the Customer Support Portal (CSP) currently does not
support NTLM proxy authentication.  This presents a very big problem with using content management features to pull patches and perform upgrades when RHQ server is installed in a secure envrionment that uses a proxy server that requires NTLM authentication.  

Version-Release number of selected component (if applicable):
Originally on JON 2.2.0

Additional info:
Originally error reported by user:

I was getting below error in log after I did changes for Proxy settings
and restarted the jon-server.

Proxy settings are:-

Proxy-Host: myproxy.host.com
Proxy-port: 8080

00:21:22,211 ERROR [HttpMethodDirector] Credentials cannot be used for NTLM authentication: org.apache.commons.httpclient.UsernamePasswordCredentials

See attached error and log excerpts for stacks.
Comment 1 Larry O'Leary 2010-04-16 16:07:20 EDT
Created attachment 407189 [details]
Excerpt from RHQ server log file showing NTLM Auth failure
Comment 2 Corey Welton 2010-09-20 21:46:17 EDT
mazz - is this a known issue? what would it take to fix?
Comment 3 John Mazzitelli 2010-09-21 09:28:01 EDT
I have no idea what this would entail to fix this. I'm not familiar with the CSP server-side plugin's connection code but I assume it means utilizing some other connection library rather than apache commons to do this. I suspect this is still a problem because we've not done any work on the CSP plugin in a while.
Comment 4 James Livingston 2011-01-09 23:32:09 EST
According to http://hc.apache.org/httpclient-3.x/authentication.html#NTLM, all that needs to be done is replace the UsernamePasswordCredentials object in JBossSoftwareContentSourceAdapter.configureProxy() with a NTCredentials object, setting the Host and Domain. Obviously that requires some additional UI to collect them too.
Comment 5 John Mazzitelli 2012-02-01 12:23:52 EST
stefan would have a better feel for what it would take to implement this. he recently revamped the content subsystem and looked at the server plugins.

Note You need to log in before you can comment on or make changes to this bug.