org.apache.commons.httpclient.auth.InvalidCredentialsException

There are no available Samebug tips for this exception. Do you have an idea how to solve this issue? A short tip would help users who saw this issue last week.

  • We have a similar issue as described in JENKINS-3350 _Connect to update center via HTTP proxy that requires NTLM authentication_ But our proxy does not require NTLM authentication, it just likes it best. I found this out via reading the log entries generated by the apache httpclient during an attempt to download a plugin. There you can read {code} Dec 15, 2015 12:43:02 PM FINE org.apache.commons.httpclient.auth.AuthChallengeProcessor selectAuthScheme Supported authentication schemes in the order of preference: [ntlm, digest, basic] Dec 15, 2015 12:43:02 PM INFO org.apache.commons.httpclient.auth.AuthChallengeProcessor selectAuthScheme ntlm authentication scheme selected Dec 15, 2015 12:43:02 PM FINE org.apache.commons.httpclient.auth.AuthChallengeProcessor processChallenge Using authentication scheme: ntlm Dec 15, 2015 12:43:02 PM FINE org.apache.commons.httpclient.auth.AuthChallengeProcessor processChallenge Authorization challenge processed ... Dec 15, 2015 12:43:02 PM SEVERE org.apache.commons.httpclient.HttpMethodDirector authenticate Credentials cannot be used for NTLM authentication: org.apache.commons.httpclient.UsernamePasswordCredentials org.apache.commons.httpclient.auth.InvalidCredentialsException: Credentials cannot be used for NTLM authentication: org.apache.commons.httpclient.UsernamePasswordCredentials at org.apache.commons.httpclient.auth.NTLMScheme.authenticate(NTLMScheme.java:332) at org.apache.commons.httpclient.HttpMethodDirector.authenticateProxy(HttpMethodDirector.java:320) {code} To highlight it * Supported authentication schemes in the order of preference: ntlm, digest, basic * ntlm authentication scheme selected - automatically by apache http client So in our case we could get around all this hassle if there was an option on the proxy page to define the authentication scheme the http client shall use. If I find the time I will have a look if I can propose a pull request. I have attached a small draft how it could look like !jenkins-auth-scheme.png|thumbnail! Why the priority major? For me it is rather cumbersome to manually download all plugins in order to upload them into jenkins via the internal plugin upload page. Moreover the nice feature of the self-updating jenkins is broken for us.
    via by Christian Effertz,
  • We have a similar issue as described in JENKINS-3350 _Connect to update center via HTTP proxy that requires NTLM authentication_ But our proxy does not require NTLM authentication, it just likes it best. I found this out via reading the log entries generated by the apache httpclient during an attempt to download a plugin. There you can read {code} Dec 15, 2015 12:43:02 PM FINE org.apache.commons.httpclient.auth.AuthChallengeProcessor selectAuthScheme Supported authentication schemes in the order of preference: [ntlm, digest, basic] Dec 15, 2015 12:43:02 PM INFO org.apache.commons.httpclient.auth.AuthChallengeProcessor selectAuthScheme ntlm authentication scheme selected Dec 15, 2015 12:43:02 PM FINE org.apache.commons.httpclient.auth.AuthChallengeProcessor processChallenge Using authentication scheme: ntlm Dec 15, 2015 12:43:02 PM FINE org.apache.commons.httpclient.auth.AuthChallengeProcessor processChallenge Authorization challenge processed ... Dec 15, 2015 12:43:02 PM SEVERE org.apache.commons.httpclient.HttpMethodDirector authenticate Credentials cannot be used for NTLM authentication: org.apache.commons.httpclient.UsernamePasswordCredentials org.apache.commons.httpclient.auth.InvalidCredentialsException: Credentials cannot be used for NTLM authentication: org.apache.commons.httpclient.UsernamePasswordCredentials at org.apache.commons.httpclient.auth.NTLMScheme.authenticate(NTLMScheme.java:332) at org.apache.commons.httpclient.HttpMethodDirector.authenticateProxy(HttpMethodDirector.java:320) {code} To highlight it * Supported authentication schemes in the order of preference: ntlm, digest, basic * ntlm authentication scheme selected - automatically by apache http client So in our case we could get around all this hassle if there was an option on the proxy page to define the authentication scheme the http client shall use. If I find the time I will have a look if I can propose a pull request. I have attached a small draft how it could look like !jenkins-auth-scheme.png|thumbnail! Why the priority major? For me it is rather cumbersome to manually download all plugins in order to upload them into jenkins via the internal plugin upload page. Moreover the nice feature of the self-updating jenkins is broken for us.
    via by Christian Effertz,
  • Slack notification plugin error proxy
    via GitHub by jbravo
    ,
  • The issue appears to be HTTP Client using username/password credentials instead of NTLM. Jan 15, 2014 12:56:08 PM INFO org.apache.commons.httpclient.auth.AuthChallengeProcessor selectAuthScheme ntlm authentication scheme selected Jan 15, 2014 12:56:08 PM SEVERE org.apache.commons.httpclient.HttpMethodDirector authenticate Credentials cannot be used for NTLM authentication: org.apache.commons.httpclient.UsernamePasswordCredentials org.apache.commons.httpclient.auth.InvalidCredentialsException: Credentials cannot be used for NTLM authentication: org.apache.commons.httpclient.UsernamePasswordCredentials at org.apache.commons.httpclient.auth.NTLMScheme.authenticate(NTLMScheme.java:332) at org.apache.commons.httpclient.HttpMethodDirector.authenticateHost(HttpMethodDirector.java:282) at org.apache.commons.httpclient.HttpMethodDirector.authenticate(HttpMethodDirector.java:234) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:170) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.checkCredentials(CliGitAPIImpl.java:1597) at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandWithCredentials(CliGitAPIImpl.java:957) at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandWithCredentials(CliGitAPIImpl.java:922) at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.getHeadRev(CliGitAPIImpl.java:1438) at hudson.plugins.git.UserRemoteConfig$DescriptorImpl.doCheckUrl(UserRemoteConfig.java:154) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:298) at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:161) at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:96) at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:120) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:728) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:858) at org.kohsuke.stapler.MetaClass$6.doDispatch(MetaClass.java:248) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:728) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:858) at org.kohsuke.stapler.MetaClass$6.doDispatch(MetaClass.java:248) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:728) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:858) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:631) at org.kohsuke.stapler.Stapler.service(Stapler.java:225) at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:686) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1494) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:96) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:88) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:48) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84) at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:174) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at jenkins.security.ApiTokenFilter.doFilter(ApiTokenFilter.java:64) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) at org.eclipse.jetty.server.Server.handle(Server.java:370) at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:949) at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1011) at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644) at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235) at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668) at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918) at java.lang.Thread.run(Thread.java:695) Jan 15, 2014 12:56:08 PM INFO org.apache.commons.httpclient.HttpMethodDirector processWWWAuthChallenge Failure authenticating with NTLM <any realm>@domain.com
    via by Tim McGee,
  • Frequent exception from TaskManager plugin
    via by Unknown author,
  • Jira Connection Fails
    via by Unknown author,
    • org.apache.commons.httpclient.auth.InvalidCredentialsException: Credentials cannot be used for NTLM authentication: org.apache.commons.httpclient.UsernamePasswordCredentials at org.apache.commons.httpclient.auth.NTLMScheme.authenticate(NTLMScheme.java:332) at org.apache.commons.httpclient.HttpMethodDirector.authenticateProxy(HttpMethodDirector.java:320)

    Users with the same issue

    Unknown visitor
    Unknown visitor1 times, last one,