[GRADLE-2650] HttpClient forces connection reset while attempting NTLM proxy authentication Created: 23/Jan/13 Updated: 06/Feb/15 Resolved: 24/Jan/13
|Known Issue Of:|
As related in the forums, certain configuration of authenticating proxy can cause HttpClient to enter an infinite loop, repeatedly re-attempting authentication of the same url.
Examining some log files in detail, it appears that the HttpClient is being reset in the middle of NTLM authentication: the first NTLM authorisation header is being sent and subsequent challenge is received, but the second authorisation request is never sent in response to the challenge.
At this point the debug logs for 1.4-rc-2 look like:
while the debug logs for 1.3 look like:
The following line looks suspicious in 1.4:
I think this might be related to the following fix that was put into HttpClient 4.2.3 (which we are not using):
|Comment by Daz DeBoer [ 24/Jan/13 ]|
HttpClient 4.2.2 does not correctly treat the default value of http.keepAlive ("true"). So if the system property is not set, "false" is assumed.
When http.keepAlive is "false", then proxy authentication is reset when a connection is closed, as happens in the middle of a 2 phase authentication protocol like NTLM.
When this happens, HttpClient reattempts the entire authentication process, leading to an infinite loop.
Gradle works-around this bug by always setting the "http.keepAlive" system property to "true".
|Comment by vijay gudimella [ 05/Dec/13 ]|
This is still a problem in 1.9 (it failed even in 1.6). Same dependencies requested from Maven, Leiningen works fine.
2:38:23.696 [DEBUG] [org.apache.http.impl.conn.DefaultClientConnectionOperator] Connecting to XX.XX.XX.XX:8080