Windows proxy installation failed

Poster Content
pjr
nk4um Moderator
Posts: 827
October 5, 2011 14:19NTLM and Apache not what it seems at face value

Hi Kevin,

Thanks for your diligent help diagnosing the problem yesterday. I've done some reading and it appears that we have been a little misled by the public statement that Apache Client offers "full support for NTLMv1, NTLMv2, and NTLM2 Session authentication out of the box".

Searching around I came across this...

http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/src/site/apt/ntlm.apt

With this relevant line

HttpClient as of version 4.1 supports NTLMv1 and NTLMv2 authentication protocols out of the box using a custom authentication engine. However, there are still known compatibility issues with newer Microsoft products as the default NTLM engine implementation is still relatively new. One can also use JCIFS as an alternative, more established and mature NTLM engine developed by Samba project.

So with this insight I've reinstated a previous revision of the HTTP client library that uses JCIFS for NTLM authentication factory.

Please can you give the following module a try...

http://temp.1060research.com/2011/10/urn.org.netkernel.client.http-apache4.1.2-jcifs-trunk.jar

Fingers crossed this will be compatible with your proxy again.

Cheers,

Peter

Like · Post Reply
pjr
nk4um Moderator
Posts: 827
October 4, 2011 10:54Oh no not again!

Hi Kevin - this is very frustrating. I thought we'd finally sorted this out once and for all. Not sure if your using NK4 or the preview of NK5 but either way the base line is that http-client library hasn't been changed for some time.

As a pre-emptive measure I've created a build of the http-client module using the very latest Apache HTTP Client 4.1.2. Please can you download this module and swap the entry in your modules.xml to point to this jar instead...

http://temp.1060research.com/2011/10/urn.org.netkernel.client.http-apache4.1.2-trunk.jar

In the Apache client changelogs there is one reported error with NTLM that has been fixed. But no mention of any difference between XP and Win7, and the error looks unlikely to be related. But still, please give this latest build a try.

In the meantime, it would also be valuable to see exactly what Windows 7 is reporting - the reason for the parse error is that the http client is coming back with a page from the proxy but not the resource we expected.

So can you please take the following steps.

  1. Turn on the visualizer
  2. Try to manually sync apposite http://localhost:1060/tools/apposite/admin/ (click the synchronize button).
  3. Turn off the visualizer and save the synchronize request trace and send it to us so we can take a look at the details.

Like you I really though these Windows NTLM proxy issues were behind us. Certainly the apache library claims to support a wide-range of NTLM specifications. Maybe there's a new spec in Windows7 - MS don't publish a spec for NTLM so who knows?

Cheers,

Peter

Like · Post Reply
kansberry
nk4um User
Posts: 41
October 3, 2011 19:47Windows proxy installation failed

I had this issue in the past. When I install NetKernel behind our company firewall I get the following warning and Apposite does not work, nor do the news feeds. I thought Peter fixed this in 4.1.1, but it has reappeared. The only thing I have different is my client is now a Window 7 machine. Before it was Windows XP.

Kevin

Here is the warning from the "FirstTimeSync" operation:

Endpoint FirstTimeSync post-commission failed: <ex> 

<ex>
 <id>org.netkernel.layer0.nkf.NKFException</id>
</ex>
<ex>
 <id>RequestFrameException</id>
 <request>SOURCE res:/tools/apposite/admin/repo/updateService as Object</request>
</ex>
<ex>
 <id>SubrequestException</id>
 <space>Apposite Core Application</space>
 <endpointId>apposite:updateService</endpointId>
 <endpoint>MapperOverlay</endpoint>
 <ex>
  <id>org.netkernel.layer0.nkf.NKFException</id>
  <stack>
   <level>org.netkernel.layer0.nkf.impl.NKFContextImpl.issueKernelRequest() line:507</level>
   <level>org.netkernel.layer0.nkf.impl.NKFContextImpl.issueRequestForResponse() line:406</level>
   <level>org.netkernel.module.standard.builtin.mapper.MapperConfig$Mapping.onRequest() line:487</level>
   <level>org.netkernel.module.standard.builtin.mapper.MapperConfig.onRequest() line:227</level>
   <level>org.netkernel.module.standard.endpoint.ConfiguredOverlayImpl.onRequest() line:219</level>
   <level>org.netkernel.layer0.nkf.impl.NKFEndpointImpl.onAsyncRequest() line:93</level>
   <level>... 30 more</level>
  </stack>
 </ex>
</ex>
<ex>
 <id>RequestFrameException</id>
 <request>SOURCE active:groovy+operator@res%3A/app/apposite/admin/repo/updateService.gy as Object</request>
</ex>
<ex>
 <id>SubrequestException</id>
 <space>Lang / Groovy  (private)</space>
 <endpointId>GroovyRuntime</endpointId>
 <endpoint>GroovyRuntime</endpoint>
 <ex>
  <id>Unhandled Exception in GroovyRuntime</id>
  <location>res:/app/apposite/admin/repo/updateService.gy line:2</location>
 </ex>
 <ex>
  <id>org.netkernel.layer0.nkf.NKFException</id>
 </ex>
</ex>
<ex>
 <id>RequestFrameException</id>
 <request>SOURCE active:appositeProcUpdate as Object</request>
</ex>
<ex>
 <id>SubrequestException</id>
 <space>Package / Core Services  (private)</space>
 <endpointId>ep:SJ00BP-UA0BD6</endpointId>
 <endpoint>MapperOverlay</endpoint>
 <ex>
  <id>org.netkernel.layer0.nkf.NKFException</id>
  <stack>
   <level>org.netkernel.layer0.nkf.impl.NKFContextImpl.issueKernelRequest() line:507</level>
   <level>org.netkernel.layer0.nkf.impl.NKFContextImpl.issueRequestForResponse() line:406</level>
   <level>org.netkernel.module.standard.builtin.mapper.MapperConfig$Mapping.onRequest() line:487</level>
   <level>org.netkernel.module.standard.builtin.mapper.MapperConfig.onRequest() line:227</level>
   <level>org.netkernel.module.standard.endpoint.ConfiguredOverlayImpl.onRequest() line:219</level>
   <level>org.netkernel.layer0.nkf.impl.NKFEndpointImpl.onAsyncRequest() line:93</level>
   <level>... 56 more</level>
  </stack>
 </ex>
</ex>
<ex>
 <id>RequestFrameException</id>
 <request>SOURCE active:groovy+operator@res%3A/org/netkernel/packge/data/proc/updateProc.gy as Object</request>
</ex>
<ex>
 <id>SubrequestException</id>
 <space>Lang / Groovy  (private)</space>
 <endpointId>GroovyRuntime</endpointId>
 <endpoint>GroovyRuntime</endpoint>
 <ex>
  <id>Unhandled Exception in GroovyRuntime</id>
  <location>res:/org/netkernel/packge/data/proc/updateProc.gy line:37</location>
 </ex>
 <ex>
  <id>org.netkernel.layer0.nkf.NKFException</id>
 </ex>
</ex>
<ex>
 <id>RequestFrameException</id>
 <request>SOURCE active:pkiVerify+operand@pbv%3Aoperand+publicKeyCertificate@active%3AappositeRepoPublicKey%2Bid%402+signature@pbv%3Asignature as Object</request>
</ex>
<ex>
 <id>SubrequestException</id>
 <space>Security Utilities  (private)</space>
 <endpointId>PKIVerifyCert</endpointId>
 <endpoint>SignVerifyAccessor</endpoint>
 <ex>
  <id>java.lang.NumberFormatException</id>
  <message>For input string: &quot;&lt;H&quot;</message>
  <stack>
   <level>java.lang.NumberFormatException.forInputString() line:-1</level>
   <level>java.lang.Integer.parseInt() line:-1</level>
   <level>org.netkernel.layer0.util.Utils.fromHexString() line:774</level>
   <level>org.ten60.netkernel.security.endpoint.SignVerifyAccessor.onSource() line:68</level>
   <level>org.netkernel.module.standard.endpoint.StandardAccessorImpl.onRequest() line:222</level>
   <level>org.netkernel.layer0.nkf.impl.NKFEndpointImpl.onAsyncRequest() line:93</level>
   <level>... 82 more</level>
  </stack>
 </ex>
</ex>

</ex>

Like · Post Reply