We've got an Apache Camel (2.13.2) app that uses http4 to communicate with a webserver, using NTLM for auth.
The endpoint is defined as (pseudo):
...
.to("http4://thegreat.server.com/uri?authUsername=" + user + "&authPassword=" + pass 
   + "&authenticationPreemptive=true&authMethod=NTLM&authDomain=DOMAIN&authHost=host")
.to("otherEndpoint");
This works well as long as the pass variable contains "non-special" chars.
However, if the pass contains for example "abcd&def" - Camel will intepret the ampersand as a query parameter separator, as it should.
But url encoding the ampersand (i.e "abcd%26def") makes no difference at all?
We still end up with Camel invoking the endpoint "http://thegreat.server.com/uri?authMethod=NTLM&def=", with a truncated password.
Is there something obvious we're missing out on, or does this kind of look like a bug?
Thanks.
See the Camel documentation how to configure endpoint uris
There is a section that covers about passwords, eg you should use the RAW() syntax.
So it would be something a like
.to("http4://thegreat.server.com/uri?authUsername=" + user + "&authPassword=RAW(" + pass 
   + ")&authenticationPreemptive=true&authMethod=NTLM&authDomain=DOMAIN&authHost=host")
.to("otherEndpoint");
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With