I have a problem that changed from a small annoyance into a mayor issue and we're completely out of our depth.
We have a junit testframework that connects to an IIS webserver to perform tests. HttpURLConnection is used to make the connection. We knew that accounts got locked out for no reason, but we now know why.
Every time the framework makes contact with IIS, a bad password request is chalked up by the domain controller. The call itself, however, succeeds. Luckily "keep-alive" is on on the connection, so every next call succeeds as well. But if someone starts the framework five times in half an hour, his/her account is locked out for an hour.
Wireshark showed that the first connection goes as follows:
19 73.478583 ??.???.177.30 ??.???.163.107 HTTP/XML POST /home/<anonimized>/com.eibus.web.soap.Gateway.wcp HTTP/1.1
26 73.479751 ??.???.163.107 ??.???.177.30 HTTP HTTP/1.1 401 Unauthorized (text/html)
34 74.271637 ??.???.177.30 ??.???.163.107 HTTP/XML POST /home/<anonimized>/com.eibus.web.soap.Gateway.wcp HTTP/1.1 , NTLMSSP_NEGOTIATE
36 74.272105 ??.???.163.107 ??.???.177.30 HTTP HTTP/1.1 401 Unauthorized , NTLMSSP_CHALLENGE (text/html)
38 74.282902 ??.???.177.30 ??.???.163.107 HTTP/XML POST /home/<anonimized>/com.eibus.web.soap.Gateway.wcp HTTP/1.1 , NTLMSSP_AUTH, User: BUSINESS\<anonimized>
41 74.988154 ??.???.163.107 ??.???.177.30 HTTP/XML HTTP/1.1 200 OK
We believe it's that first anonymous login that is causing the Is there a way to make HttpURLConnection skip the first login an start with NTLMSSP_NEGOTIATE?
Any other hits are welcome.
