United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
Bug ID: 6628661 NTLM-authentication doesn't work with non-ASCII letters
6628661 : NTLM-authentication doesn't work with non-ASCII letters

Details
Type:
Bug
Submit Date:
2007-11-12
Status:
Closed
Updated Date:
2011-05-18
Project Name:
JDK
Resolved Date:
2011-05-18
Component:
core-libs
OS:
windows_xp
Sub-Component:
java.net
CPU:
x86
Priority:
P2
Resolution:
Fixed
Affected Versions:
6
Fixed Versions:
7

Related Reports
Backport:
JDK-2155859 - NTLM-authentication doesn't work with non-ASCII letters

Sub Tasks

Description
FULL PRODUCT VERSION :
java version "1.6.0_02"
Java(TM) SE Runtime Environment (build 1.6.0_02-b06)
Java HotSpot(TM) Client VM (build 1.6.0_02-b06, mixed mode, sharing)


ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows XP [Version 5.1.2600]

A DESCRIPTION OF THE PROBLEM :
The NTLM-authentication in HTTPUrlConnection doesn't work if the windows password contains non-ASCII letters.
 
Reason: "NTLMAuthSequence.c" contains the function "Java_sun_net_www_protocol_http_NTLMAuthSequence_getCredentialsHandle"
that encodes the password in UTF-8 and sends it to the Windows API function "AcquireCredentialsHandleA" with the flag
"SEC_WINNT_AUTH_IDENTITY_ANSI"
And so a "??" (ä) converts to c3 a4. But e4 is expected -> ?? in ANSI




REPRODUCIBILITY :
This bug can be reproduced always.

CUSTOMER SUBMITTED WORKAROUND :
Password with ASCII letters

Comments
SUGGESTED FIX

src/windows/native/sun/net/www/protocol/http/NTLMAuthSequence.c

------- NTLMAuthSequence.c -------
42a43
> #include "jni_util.h"
120,122c121,123
<     CHAR        *pUser = 0;
<     CHAR        *pDomain = 0;
<     CHAR        *pPassword = 0;
---
>     const CHAR      *pUser = 0;
>     const CHAR      *pDomain = 0;
>     const CHAR      *pPassword = 0;
129c130,132
<         pUser = (CHAR *)(*env)->GetStringUTFChars(env, user, &isCopy);
---
>         pUser = JNU_GetStringPlatformChars(env, user, &isCopy);
>         if (pUser == NULL)
>             return 0;  // pending Exception
132c135,140
<         pDomain = (CHAR *)(*env)->GetStringUTFChars(env, domain, &isCopy);
---
>         pDomain = JNU_GetStringPlatformChars(env, domain, &isCopy);
>         if (pDomain == NULL) {
>             if (pUser != NULL)
>                 JNU_ReleaseStringPlatformChars(env, user, pUser);
>             return 0;  // pending Exception
>         }
135c143,150
<         pPassword = (CHAR *)(*env)->GetStringUTFChars(env, password, &isCopy);
---
>         pPassword = JNU_GetStringPlatformChars(env, password, &isCopy);
>         if (pPassword == NULL) {
>             if (pUser != NULL)
>                 JNU_ReleaseStringPlatformChars(env, user, pUser);
>             if (pDomain != NULL)
>                 JNU_ReleaseStringPlatformChars(env, domain, pDomain);
>             return 0;  // pending Exception
>         }
169a185,192
>     /* Release resources held by JNU_GetStringPlatformChars */
>     if (pUser != NULL)
>         JNU_ReleaseStringPlatformChars(env, user, pUser);
>     if (pPassword != NULL)
>         JNU_ReleaseStringPlatformChars(env, password, pPassword);
>     if (pDomain != NULL)
>         JNU_ReleaseStringPlatformChars(env, domain, pDomain);
>
2007-11-14 
EVALUATION

The native implementation of getCredentialsHandle should use JNU_GetStringPlatformChars to convert the jstring to the locale specific native C string.
2007-11-13


Hardware and Software, Engineered to Work Together