Issue metadata
Sign in to add a comment
|
NTLM Authentication failing on Android WebView Version 49
Reported by
ssivakum...@gmail.com,
Feb 29 2016
|
||||||||||||||||||||||
Issue descriptionExample URL: time.tecolote.com Steps to reproduce the problem: 1. Create an Android Application that uses the Android WebView 2. Access a site that requires NTLM authentication (time.tecolote.com) Code to replicate the issue - WebView webView = (WebView) findViewById(R.id.webview); webView.setWebViewClient(new WebViewClient(){ @Override public void onReceivedHttpAuthRequest(WebView view, HttpAuthHandler handler, String host, String realm) { Log.i("NTLM", "NTLM auth requested!"); super.onReceivedHttpAuthRequest(view, handler, host, realm); } }); webView.loadUrl("http://time.tecolote.com/"); What is the expected behavior? The onReceivedHttpAuthRequest() callback in WebViewClient should be invoked What went wrong? The onReceivedHttpAuthRequest() callback in WebViewClient is NOT invoked and the WebView is unable to authenticate to NTLM sites. Did this work before? Yes Version 48 Chrome version: 49.0.2623.63 Channel: beta OS Version: 5.0 Flash Version: Possible related to https://bugs.chromium.org/p/chromium/issues/detail?id=581721
,
Feb 29 2016
,
Feb 29 2016
Tentatively marking as RB-Beta given impact and marking for M49 given the issue description. Selim, ping me if you don't think this should gate.
,
Feb 29 2016
I think release block beta is proper. I will look at this today. Dgn you were looking at and modifying auth stuff for kerberos. any opinions here?
,
Feb 29 2016
,
Mar 1 2016
asanka@, any advise to trobleshoot this? I did a bisect and it is approximately the range kerberos stuff landed. https://chromium.googlesource.com/chromium/src/+log/49.0.2579.0..49.0.2589.0?pretty=fuller&n=10000
,
Mar 1 2016
+aberent
,
Mar 1 2016
Strange, AFAIK only basic and digest auth were supported on WebView before. I changed the way the HttpAuthHandler is created in https://codereview.chromium.org/1492943002, and explicitly set basic, digest and negotiate as supported schemes (in aw_url_request_context_getter.cc). That might be the cause.
,
Mar 1 2016
yeah I saw that, I think negotiate also contains NTLM, but definitely no expert on that. I actually changed it and forced to be NTLM and nothing changed.
,
Mar 1 2016
There's a distinct NTLM scheme separate from Negotiate On Tue, Mar 1, 2016 at 5:42 PM sgurun@chromium.org via Monorail < monorail@chromium.org> wrote:
,
Mar 1 2016
the actual range is: https://chromium.googlesource.com/chromium/src/+log/49.0.2579.0..49.0.2589.0?pretty=fuller&n=10000 Either your change or aberent's change has the likelihood of being the cause.
,
Mar 1 2016
thanks Chris. sorry, I pasted the wrong link https://chromium.googlesource.com/chromium/src/+log/49.0.2584.0..49.0.2585.0?pretty=fuller&n=10000 actually I think aberent's change is out. Your's is the only culprit :)
,
Mar 1 2016
yes reverting dgn's https://codereview.chromium.org/1492943002 made it work. There were a zillion number of conflicts in just 4 files though. Oh boy.
,
Mar 2 2016
I think just adding "ntlm" to line 281 (std::vector<std::string> supported_schemes = {"basic", "digest", "negotiate"}) should work, but I don't know how long it will take me to test this. I'm now in MTV and need to fix my setup to try it away from my workstation
,
Mar 2 2016
already figured it out. compiling for testing now :)
,
Mar 2 2016
ok my previous try was wrong because I mistyped ntlm as NTLM :( now I added it properly, it started working. It turned out that the default auth negotiate hadnler was creating ntlm which I did not know https://code.google.com/p/chromium/codesearch#chromium/src/net/http/http_auth_handler_factory.cc&sq=package:chromium&l=53&rcl=1456835474
,
Mar 2 2016
,
Mar 2 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/687ddf92e191ac5de2c356c7faaf471d5a2ae787 commit 687ddf92e191ac5de2c356c7faaf471d5a2ae787 Author: Selim Gurun <sgurun@google.com> Date: Wed Mar 02 00:31:32 2016 Add ntlm to the list of auth protocols BUG= 590689 The trunk CL is landing at https://codereview.chromium.org/1754013002/ Review URL: https://codereview.chromium.org/1753713003 . Cr-Commit-Position: refs/branch-heads/2623@{#558} Cr-Branched-From: 92d77538a86529ca35f9220bd3cd512cbea1f086-refs/heads/master@{#369907} [modify] https://crrev.com/687ddf92e191ac5de2c356c7faaf471d5a2ae787/android_webview/browser/net/aw_url_request_context_getter.cc
,
Mar 2 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/6b20b223acdd7b11a164833e7772f4f75618321c commit 6b20b223acdd7b11a164833e7772f4f75618321c Author: sgurun <sgurun@chromium.org> Date: Wed Mar 02 01:03:29 2016 Add ntlm to the list of auth protocols BUG= 590689 Review URL: https://codereview.chromium.org/1754013002 Cr-Commit-Position: refs/heads/master@{#378638} [modify] https://crrev.com/6b20b223acdd7b11a164833e7772f4f75618321c/android_webview/browser/net/aw_url_request_context_getter.cc
,
Mar 2 2016
The following revision refers to this bug: https://chrome-internal.googlesource.com/bling/chromium.git/+/687ddf92e191ac5de2c356c7faaf471d5a2ae787 commit 687ddf92e191ac5de2c356c7faaf471d5a2ae787 Author: Selim Gurun <sgurun@google.com> Date: Wed Mar 02 00:31:32 2016
,
Mar 2 2016
,
Mar 2 2016
Your change meets the bar and is auto-approved for M50 (branch: 2661)
,
Mar 2 2016
Thanks Selim! Will this fix be part of WebView 49?
,
Mar 2 2016
yes
,
Mar 2 2016
The following revision refers to this bug: https://chrome-internal.googlesource.com/bling/chromium.git/+/6b20b223acdd7b11a164833e7772f4f75618321c commit 6b20b223acdd7b11a164833e7772f4f75618321c Author: sgurun <sgurun@chromium.org> Date: Wed Mar 02 01:03:29 2016
,
Mar 2 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/b1d8a8d216eaed8dab7c400bd8ff49152c808d13 commit b1d8a8d216eaed8dab7c400bd8ff49152c808d13 Author: Selim Gurun <sgurun@google.com> Date: Wed Mar 02 15:25:24 2016 Add ntlm to the list of auth protocols BUG= 590689 Review URL: https://codereview.chromium.org/1754013002 Cr-Commit-Position: refs/heads/master@{#378638} (cherry picked from commit 6b20b223acdd7b11a164833e7772f4f75618321c) Review URL: https://codereview.chromium.org/1756173002 . Cr-Commit-Position: refs/branch-heads/2661@{#44} Cr-Branched-From: ef6f6ae5e4c96622286b563658d5cd62a6cf1197-refs/heads/master@{#378081} [modify] https://crrev.com/b1d8a8d216eaed8dab7c400bd8ff49152c808d13/android_webview/browser/net/aw_url_request_context_getter.cc
,
Mar 2 2016
,
Mar 14 2016
From comment #6 - I did a bisect and it is approximately the range kerberos stuff landed. Does this mean that WebView now supports Kerberos authentication from version 49?
,
Mar 14 2016
Yes it does. You have to set some policies to enable it: https://www.chromium.org/administrators/policy-list-3#AuthAndroidNegotiateAccountType |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by cbentzel@chromium.org
, Feb 29 2016Labels: -Type-Bug -Pri-2 -Via-Wizard M-50 Type-Bug-Regression Pri-1