Bug ID: 7176784 Windows authentication not working on some computers

7176784 : Windows authentication not working on some computers

Details

Type:	Bug	Submit Date:	2012-06-13
Status:	Resolved	Updated Date:	2013-04-29
Project Name:	JDK	Resolved Date:	2012-06-27
Component:	core-libs	OS:	windows_7
Sub-Component:	java.net	CPU:	x86
Priority:	P2
Resolution:	Fixed
Affected Versions:	7u4
Fixed Versions:	8

Related Reports

Backport:	JDK-2226182 - Windows authentication not working on some computers
Backport:	JDK-8013490 - Windows authentication not working on some computers

Sub Tasks

Description

On some computers the windows authentication of Java is not working. 
On the same machine, the same user and the same HTTP URL the windows login 
is working in the brower. 

By debugging the problem, monitor the network monitor and find Java 
is not sending the third message of the NTLM handshake.

Look in Java sources and debug the problem, find that NTLMAuthSequence.getNextToken() 
return null in the error case. This result in follow exception:

Exception in thread "main" java.io.IOException: Internal authentication error

 at sun.net.www.protocol.http.ntlm.NTLMAuthSequence.getAuthHeader(Unknown Source)

 at TestNtlm.main(TestNtlm.java:29)

Attached a test program and the log output from the failing system.
Java version - 1.7.0_04-b22. It is not a regression and the problem occur on Java 6; 
however, after upgrade to 7u4 and the problem persistent.

The OS is a Windows 7 32 Bit.

Comments

EVALUATION

Trivially, increase the native buffer size from 512 to 1024.

JDK8 Changeset: 4a4a04bfeece
Author:    chegar
Date:      2012-06-25 14:19 +0100
URL:       http://hg.openjdk.java.net/jdk8/tl/jdk/rev/4a4a04bfeece

7176784: Windows authentication not working on some computers
Reviewed-by: michaelm

! src/windows/native/sun/net/www/protocol/http/ntlm/NTLMAuthSequence.c

2012-06-25

EVALUATION

From submitter:
  "They found the native sources from NTLMAuthSequence and create a test 
   program with this souces that print debug information. The cause of the 
   problem is that the call to pInitializeSecurityContext return with
   SEC_E_INSUFFICIENT_MEMORY.
 
   The cause of the problem seems that you use only a buffer of 512 bytes 
   for the security token. This is too small on computers with long names.
   There are 2 positions in the NTLMAuthSequence.c file with 512. If you 
   incremet this value then it should work in this case. Better will be if
   you use the allocation from InitializeSecurityContext."

2012-06-22

SELECT A COUNTRY/REGION
Africa Operation Argentina Australia Austria Bahrain Bangladesh Belgium & Luxembourg Belize Bhutan Bolivia Bosnia & Herzegovina Brasil Brunei Bulgaria Cambodia Canada - English Canada - French Chile China Colombia	Costa Rica Croatia Cyprus Czech Republic Denmark Ecuador Egypt Estonia Finland France Germany Greece Guatemala Honduras Hong Kong Hungary India Indonesia Iraq Ireland	Israel Italy Japan Jordan Kazakhstan Korea Kuwait Laos Latvia Lebanon Lithuania Malaysia Maldives Malta Mexico Moldova Nepal Netherlands New Zealand Nicaragua	Norway Oman Pakistan Panama Paraguay Peru Philippines Poland Portugal Puerto Rico Qatar Romania Russia Saudi Arabia Serbia & Montenegro Singapore Slovakia Slovenia South Africa Spain	Sri Lanka Sweden Switzerland -- French Switzerland -- German Taiwan Thailand Turkey Ukraine United Arab Emirates United Kingdom United States Uruguay Venezuela Vietnam Yemen

Hardware and Software, Engineered to Work Together