HTTP negotiation fails from Windows to Linux HTTP negotiation fails from Windows to Linux curl curl

HTTP negotiation fails from Windows to Linux


http hadoop curl kerberos spnego

The answer is very easy in this case. Curl on Windows is compiled with SSPI. When SSPI is requested to perform SPNEGO, it tries Kerberos, which fails here. Likely "Server not found in database" (use Wireshark) and then falls back to NTLM. It sends a raw NTLM token to your JGSS-backed server which rejects the token because

  1. This is not a SPNEGO wrapped token, but a raw NTLM token
  2. Java does not support NTLM

Here is sample code how to intercept this and respond with a meaningful message. Raise an issue with Hadoop.

Moreover, your Curl version 7.19.7 on Linux is extremely old and unsecure, you should upgrade immediately AND the SPNEGO Authenticator on Jetty is broken because it does not respond with a context-completion token. To sum up, the entire authentication should not be trusted because it is faulty. See RFC 7546.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last