search

ashenchowthee / zaproxy

Automatically exported from code.google.com/p/zaproxy
0 stars 0 forks source link

NTLM autification failed. #1342

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
Hi team,
Thank you for your supporting us.
I described issue as below;

<Overview>
I couldn't start security scan on NTLM authentication base web site on Windows 
Server

<What steps will reproduce the problem?>
1. Configure Authentication property as  follows
     Authentication Method : HTTP/NTLM Authentication
     Add webserver URL (xxx.yyy.zzz) to "Hostname", specify "443" to Port 
     Not specified any other field
2. Configure Users property as follows;
     UserName : demo1
     Enabled : Yes
     Username : Domain\demo1
     Password : password
3. Configure Forced User as follows;
     Specify : demo1
4. Configure Session management as follows;
     Session Manegement Method : Http Authentication Session Management
5. Start Dynamic Scan
6. Code 401, Reason Unauthorized will be appeared

<What is the expected output? What do you see instead?>
Expected Result : code 200, reason  OK
Actual Result   : code 401, reason Unauthorized

<What version of the product are you using? On what operating system?>
OWASP ZAP Version 2.3.1, OS Windows Server 2003,2008 and 2012, IIS 6.0, 7.0 and 
7.5, Language : ja-jp

<Please provide any additional information below.>
Could you please let us know how to configure correctry for NTLM authentication 
base we site?

Original issue reported on code.google.com by iehiro.s...@gmail.com on 19 Sep 2014 at 7:30

Attachments:

GoogleCodeExporter commented 9 years ago 
Was "Forced User Mode" [1] enabled before step 5?
Is the authentication working with other components? (e.g. spider, manual 
requests, proxied requests, ...)

If the authentication is working with other components, could you try again 
with the latest weekly release [1]? This might be a duplicate of Issue 1291.

[1] 
https://code.google.com/p/zaproxy/wiki/HelpUiTltoolbar#/_Force_User_Mode_On_/_Of
f
[2] https://code.google.com/p/zaproxy/wiki/Downloads#ZAP_Weekly

Original comment by THC...@gmail.com on 19 Sep 2014 at 8:00

GoogleCodeExporter commented 9 years ago 
>weekly release [1]
should be:
weekly release [2]

Original comment by THC...@gmail.com on 19 Sep 2014 at 8:02

GoogleCodeExporter commented 9 years ago 
Thank you for your comments.
I will check your advise as soon as possible.

Original comment by iehiro.s...@gmail.com on 19 Sep 2014 at 8:06

GoogleCodeExporter commented 9 years ago 
Hi team,

Force User Mode is ON. But it also "Force Usermode is Off" is same result. 

Spider scan feedback below;
Processed  : Green
Method : Get
Flags : SEED

I think my configuration is not correct.
Do you have any advise for me?

Original comment by iehiro.s...@gmail.com on 19 Sep 2014 at 8:15

GoogleCodeExporter commented 9 years ago 
So, you're getting 401 responses with the spider too?

Could you try without the domain ("Domain\") in the user name?

Original comment by THC...@gmail.com on 19 Sep 2014 at 8:33

GoogleCodeExporter commented 9 years ago 
Note that you should use the weekly release in any case otherwise you might get 
the 401 responses even with the authentication correctly configured.

Original comment by THC...@gmail.com on 19 Sep 2014 at 8:48

GoogleCodeExporter commented 9 years ago 
Thank you for you support.

I tried without the domain. But I got same result. 
Spider screen does not show any code.
I will try to latest release.
I will let you know the result.

Original comment by iehiro.s...@gmail.com on 19 Sep 2014 at 8:55

GoogleCodeExporter commented 9 years ago 
Hi team,

I tried this on latest release of 9-15.
I'm sorry but I got same result.
Do you have furthor more item to I should try?

Best regards,

Original comment by iehiro.s...@gmail.com on 19 Sep 2014 at 10:12

GoogleCodeExporter commented 9 years ago 
The only way to check what's wrong, now, is by looking at the the wire log as 
it contains all the data exchanged during the authentication (if it's really 
trying to authenticate).

To enable the wire log you need to do the following modifications to 
log4j.properties file (located in ZAP's default directory or the directory 
manually specified [1]):
The following line has to be added:
log4j.logger.httpclient.wire.header=DEBUG

and the following line changed:
log4j.logger.org.apache.commons.httpclient=ERROR

replace ERROR with DEBUG.

The log will contain the content of the HTTP request/response headers and other 
useful debug messages which should help identify the issue.
Note that you might need to remove/obfuscate any sensitive information.

After enabling the wire log you need to spider/active scan again (which should 
reproduce the authentication failures) and provide the file zap.log (attached 
here or by other means).
The file zap.log is located in the same directory as the log4j.properties file.

[1] https://code.google.com/p/zaproxy/wiki/FAQconfig

Original comment by THC...@gmail.com on 19 Sep 2014 at 11:05

GoogleCodeExporter commented 9 years ago 
Thank you for your supporting us.
Here are Zap.log after changing log4j.properties;

---------------------------------------------
2014-09-23 01:49:12,783 INFO  PluginFactory - loaded plugin Path Traversal
2014-09-23 01:49:12,783 INFO  PluginFactory - loaded plugin Remote File 
Inclusion
2014-09-23 01:49:12,783 INFO  PluginFactory - loaded plugin Server side include
2014-09-23 01:49:12,784 INFO  PluginFactory - loaded plugin Cross Site 
Scripting (Reflected)
2014-09-23 01:49:12,784 INFO  PluginFactory - loaded plugin Cross Site 
Scripting (Persistent)
2014-09-23 01:49:12,784 INFO  PluginFactory - loaded plugin SQL Injection
2014-09-23 01:49:12,784 INFO  PluginFactory - loaded plugin Server Side Code 
Injection Plugin
2014-09-23 01:49:12,785 INFO  PluginFactory - loaded plugin Remote OS Command 
Injection Plugin
2014-09-23 01:49:12,785 INFO  PluginFactory - loaded plugin Directory browsing
2014-09-23 01:49:12,785 INFO  PluginFactory - loaded plugin Secure page browser 
cache
2014-09-23 01:49:12,785 INFO  PluginFactory - loaded plugin External redirect
2014-09-23 01:49:12,786 INFO  PluginFactory - loaded plugin CRLF injection
2014-09-23 01:49:12,786 INFO  PluginFactory - loaded plugin Parameter tampering
2014-09-23 01:49:12,786 INFO  PluginFactory - loaded plugin Cross Site 
Scripting (Persistent) - Prime
2014-09-23 01:49:12,786 INFO  PluginFactory - loaded plugin Cross Site 
Scripting (Persistent) - Spider
2014-09-23 01:49:12,787 INFO  PluginFactory - loaded plugin Script active scan 
rules
2014-09-23 01:49:12,787 INFO  Scanner - scanner started
2014-09-23 01:49:12,841 INFO  HostProcess - start host http://xxx.yyy.zzz | 
TestPathTraversal strength MEDIUM threshold MEDIUM
2014-09-23 01:49:12,851 INFO  HostProcess - completed host/plugin 
http://xxx.yyy.zzz | TestPathTraversal in 0.009s
2014-09-23 01:49:12,852 INFO  HostProcess - start host http://xxx.yyy.zzz | 
TestRemoteFileInclude strength MEDIUM threshold MEDIUM
2014-09-23 01:49:12,855 INFO  HostProcess - completed host/plugin 
http://xxx.yyy.zzz | TestRemoteFileInclude in 0.003s
2014-09-23 01:49:12,855 INFO  HostProcess - start host http://xxx.yyy.zzz | 
TestServerSideInclude strength MEDIUM threshold MEDIUM
2014-09-23 01:49:12,858 INFO  HostProcess - completed host/plugin 
http://xxx.yyy.zzz | TestServerSideInclude in 0.003s
2014-09-23 01:49:12,859 INFO  HostProcess - start host http://xxx.yyy.zzz | 
TestCrossSiteScriptV2 strength MEDIUM threshold MEDIUM
2014-09-23 01:49:12,862 INFO  HostProcess - completed host/plugin 
http://xxx.yyy.zzz | TestCrossSiteScriptV2 in 0.003s
2014-09-23 01:49:12,862 INFO  HostProcess - start host http://xxx.yyy.zzz | 
TestSQLInjection strength MEDIUM threshold MEDIUM
2014-09-23 01:49:12,865 INFO  HostProcess - completed host/plugin 
http://xxx.yyy.zzz | TestSQLInjection in 0.003s
2014-09-23 01:49:12,865 INFO  HostProcess - start host http://xxx.yyy.zzz | 
CodeInjectionPlugin strength MEDIUM threshold MEDIUM
2014-09-23 01:49:12,869 INFO  HostProcess - completed host/plugin 
http://xxx.yyy.zzz | CodeInjectionPlugin in 0.003s
2014-09-23 01:49:12,869 INFO  HostProcess - start host http://xxx.yyy.zzz | 
CommandInjectionPlugin strength MEDIUM threshold MEDIUM
2014-09-23 01:49:12,872 INFO  HostProcess - completed host/plugin 
http://xxx.yyy.zzz | CommandInjectionPlugin in 0.003s
2014-09-23 01:49:12,873 INFO  HostProcess - start host http://xxx.yyy.zzz | 
TestDirectoryBrowsing strength MEDIUM threshold MEDIUM
2014-09-23 01:49:12,944 INFO  HostProcess - completed host/plugin 
http://xxx.yyy.zzz | TestDirectoryBrowsing in 0.071s
2014-09-23 01:49:12,952 INFO  HostProcess - start host http://xxx.yyy.zzz | 
TestClientBrowserCache strength MEDIUM threshold MEDIUM
2014-09-23 01:49:12,956 INFO  HostProcess - completed host/plugin 
http://xxx.yyy.zzz | TestClientBrowserCache in 0.004s
2014-09-23 01:49:12,956 INFO  HostProcess - start host http://xxx.yyy.zzz | 
TestExternalRedirect strength MEDIUM threshold MEDIUM
2014-09-23 01:49:12,959 INFO  HostProcess - completed host/plugin 
http://xxx.yyy.zzz | TestExternalRedirect in 0.003s
2014-09-23 01:49:12,960 INFO  HostProcess - start host http://xxx.yyy.zzz | 
TestInjectionCRLF strength MEDIUM threshold MEDIUM
2014-09-23 01:49:12,963 INFO  HostProcess - completed host/plugin 
http://xxx.yyy.zzz | TestInjectionCRLF in 0.003s
2014-09-23 01:49:12,963 INFO  HostProcess - start host http://xxx.yyy.zzz | 
TestParameterTamper strength MEDIUM threshold MEDIUM
2014-09-23 01:49:12,966 INFO  HostProcess - completed host/plugin 
http://xxx.yyy.zzz | TestParameterTamper in 0.003s
2014-09-23 01:49:12,966 INFO  HostProcess - start host http://xxx.yyy.zzz | 
TestPersistentXSSPrime strength MEDIUM threshold MEDIUM
2014-09-23 01:49:12,969 INFO  HostProcess - completed host/plugin 
http://xxx.yyy.zzz | TestPersistentXSSPrime in 0.002s
2014-09-23 01:49:12,970 INFO  HostProcess - start host http://xxx.yyy.zzz | 
TestPersistentXSSSpider strength MEDIUM threshold MEDIUM
2014-09-23 01:49:13,006 INFO  HostProcess - completed host/plugin 
http://xxx.yyy.zzz | TestPersistentXSSSpider in 0.036s
2014-09-23 01:49:13,012 INFO  HostProcess - start host http://xxx.yyy.zzz | 
TestPersistentXSSAttack strength MEDIUM threshold MEDIUM
2014-09-23 01:49:13,025 INFO  HostProcess - completed host/plugin 
http://xxx.yyy.zzz | TestPersistentXSSAttack in 0.013s
2014-09-23 01:49:13,025 INFO  HostProcess - start host http://xxx.yyy.zzz | 
ScriptsActiveScanner strength MEDIUM threshold MEDIUM
2014-09-23 01:49:13,028 INFO  HostProcess - completed host/plugin 
http://xxx.yyy.zzz | ScriptsActiveScanner in 0.002s
2014-09-23 01:49:13,030 INFO  HostProcess - completed host http://xxx.yyy.zzz 
in 0.242s
2014-09-23 01:49:13,035 INFO  Scanner - scanner completed in 0.248s
-------------------------

I also checked IIS log files;
It seems ZAP doesn't use any user infomation;
Here is IIS log
---------------------------------------------
2014-09-22 16:45:56 W3SVC1 192.168.100.3 GET /2180597202745312346 - 80 - 
126.15.49.235 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0;) 401 2 
2148074254
2014-09-22 16:45:56 W3SVC1 192.168.100.3 GET / - 80 - 126.15.49.235 
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0;) 401 2 2148074254
2014-09-22 16:45:56 W3SVC1 192.168.100.3 GET /pagerror.gif/ - 80 - 
126.15.49.235 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0;) 401 2 
2148074254
2014-09-22 16:45:56 W3SVC1 192.168.100.3 GET / - 80 - 126.15.49.235 
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0;) 401 2 2148074254
2014-09-22 16:45:56 W3SVC1 192.168.100.3 GET /pagerror.gif - 80 - 126.15.49.235 
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0;) 401 2 2148074254

Do you have any further information?

Best regards,

Original comment by iehiro.s...@gmail.com on 22 Sep 2014 at 5:08

GoogleCodeExporter commented 9 years ago 
I forgot to ask this before, did you set the target application in "Include in 
context"? Otherwise ZAP will not even try to authenticate.

Regarding the log, are you sure that you changed the correct log4j.properties 
file? I'm asking because the log does not contain the request/response headers 
nor other expected info.

It should contain something like:
2014-09-25 10:11:12,130 DEBUG DefaultHttpParams - Set parameter 
http.protocol.cookie-policy = ignoreCookies
2014-09-25 10:11:12,130 DEBUG HttpSender - sendAndReceive GET 
http://xxx.yyy.zzz/ start
2014-09-25 10:11:12,130 INFO  User - Authenticating user: demo1
2014-09-25 10:11:12,130 DEBUG HttpSender - Sending message to: 
http://xxx.yyy.zzz/
2014-09-25 10:11:12,130 DEBUG DefaultHttpParams - Set parameter 
http.protocol.version = HTTP/1.0
2014-09-25 10:11:12,130 DEBUG DefaultHttpParams - Set parameter 
http.protocol.version = HTTP/1.1
2014-09-25 10:11:12,130 DEBUG DefaultHttpParams - Set parameter 
http.protocol.cookie-policy = compatibility
2014-09-25 10:11:12,130 DEBUG MultiThreadedHttpConnectionManager - 
HttpConnectionManager.getConnection:  config = 
HostConfiguration[host=http://xxx.yyy.zzz, proxyHost=http://localhost:42381], 
timeout = 0
2014-09-25 10:11:12,130 DEBUG MultiThreadedHttpConnectionManager - Allocating 
new connection, hostConfig=HostConfiguration[host=http://xxx.yyy.zzz, 
proxyHost=http://localhost:42381]
2014-09-25 10:11:12,130 DEBUG HttpConnection - Open connection to 
localhost:42381
2014-09-25 10:11:12,130 DEBUG header - >> "GET http://xxx.yyy.zzz/ 
HTTP/1.1[\r][\n]"
2014-09-25 10:11:12,130 DEBUG HttpMethodBase - Adding Host request header
2014-09-25 10:11:12,130 DEBUG header - >> "User-Agent: Mozilla/5.0 (X11; 
Ubuntu; Linux x86_64; rv:32.0) Gecko/20100101 Firefox/32.0[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - >> "Accept: 
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - >> "Accept-Language: 
en-GB,en;q=0.5[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - >> "Connection: keep-alive[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - >> "Host: xxx.yyy.zzz[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - >> "Proxy-Connection: Keep-Alive[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - >> "[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - << "HTTP/1.1 401 Unauthorized[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - << "HTTP/1.1 401 Unauthorized[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - << "Connection: keep-alive[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - << "WWW-Authenticate: NTLM[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - << "Date: Thu, 25 Sep 2014 09:52:52 
GMT[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - << "Server: TEST/1.1[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - << "Content-Length: 0[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - << "[\r][\n]"
2014-09-25 10:11:12,130 DEBUG HttpMethodDirector - Authorization required
2014-09-25 10:11:12,130 DEBUG AuthChallengeProcessor - Supported authentication 
schemes in the order of preference: [ntlm, digest, basic, ntlm]
2014-09-25 10:11:12,130 INFO  AuthChallengeProcessor - ntlm authentication 
scheme selected
2014-09-25 10:11:12,130 DEBUG AuthChallengeProcessor - Using authentication 
scheme: ntlm
2014-09-25 10:11:12,130 DEBUG AuthChallengeProcessor - Authorization challenge 
processed
2014-09-25 10:11:12,130 DEBUG HttpMethodDirector - Authentication scope: NTLM 
<any realm>@xxx.yyy.zzz:80
2014-09-25 10:11:12,130 DEBUG HttpMethodDirector - Retry authentication
2014-09-25 10:11:12,130 DEBUG HttpMethodBase - Should NOT close connection in 
response to directive: keep-alive
2014-09-25 10:11:12,130 DEBUG HttpMethodDirector - Authenticating with NTLM 
<any realm>@xxx.yyy.zzz:80
2014-09-25 10:11:12,130 DEBUG header - >> "GET http://xxx.yyy.zzz/ 
HTTP/1.1[\r][\n]"
2014-09-25 10:11:12,130 DEBUG HttpMethodBase - Adding Host request header
2014-09-25 10:11:12,130 DEBUG header - >> "User-Agent: Mozilla/5.0 (X11; 
Ubuntu; Linux x86_64; rv:32.0) Gecko/20100101 Firefox/32.0[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - >> "Accept: 
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - >> "Accept-Language: 
en-GB,en;q=0.5[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - >> "Connection: keep-alive[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - >> "Proxy-Connection: Keep-Alive[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - >> "Authorization: NTLM 
TlRMTVNTUAABAAAAAYIIogAAAAAoAAAAAAAAACgAAAAFASgKAAAADw==[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - >> "Host: xxx.yyy.zzz[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - >> "[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - << "HTTP/1.1 401 Unauthorized[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - << "HTTP/1.1 401 Unauthorized[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - << "Connection: keep-alive[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - << "WWW-Authenticate: NTLM 
TlRMTVNTUAACAAAAAAAAADgAAAABggiikUFKDRT7Uj8AAAAAAAAAAAAAAAA4AAAABgEAAAAAAA8=[\r]
[\n]"
2014-09-25 10:11:12,130 DEBUG header - << "Date: Thu, 25 Sep 2014 09:52:52 
GMT[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - << "Server: TEST/1.1[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - << "Content-Length: 0[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - << "[\r][\n]"
2014-09-25 10:11:12,130 DEBUG HttpMethodDirector - Authorization required
2014-09-25 10:11:12,130 DEBUG AuthChallengeProcessor - Using authentication 
scheme: ntlm
2014-09-25 10:11:12,130 DEBUG AuthChallengeProcessor - Authorization challenge 
processed
2014-09-25 10:11:12,130 DEBUG HttpMethodDirector - Authentication scope: NTLM 
<any realm>@xxx.yyy.zzz:80
2014-09-25 10:11:12,130 DEBUG HttpMethodDirector - Retry authentication
2014-09-25 10:11:12,130 DEBUG HttpMethodBase - Should NOT close connection in 
response to directive: keep-alive
2014-09-25 10:11:12,130 DEBUG HttpMethodDirector - Authenticating with NTLM 
<any realm>@xxx.yyy.zzz:80
2014-09-25 10:11:12,130 DEBUG header - >> "GET http://xxx.yyy.zzz/ 
HTTP/1.1[\r][\n]"
2014-09-25 10:11:12,130 DEBUG HttpMethodBase - Adding Host request header
2014-09-25 10:11:12,130 DEBUG header - >> "User-Agent: Mozilla/5.0 (X11; 
Ubuntu; Linux x86_64; rv:32.0) Gecko/20100101 Firefox/32.0[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - >> "Accept: 
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - >> "Accept-Language: 
en-GB,en;q=0.5[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - >> "Connection: keep-alive[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - >> "Proxy-Connection: Keep-Alive[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - >> "Authorization: NTLM 
TlRMTVNTUAADAAAAGAAYAEgAAAAYABgAYAAAAAYABgB4AAAACgAKAH4AAAAIAAgAiAAAAAAAAACQAAAA
AYIIogUBKAoAAAAPmnAvYT0nhF4AAAAAAAAAAAAAAAAAAAAAKWs8XYsbKCwGCrlmSBvXo3QrVEbBAyQh
WABYAFgAZABlAG0AbwAxAE0AYQByAHMA[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - >> "Host: xxx.yyy.zzz[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - >> "[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - << "HTTP/1.1 200 OK[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - << "HTTP/1.1 200 OK[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - << "Connection: keep-alive[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - << "Date: Thu, 25 Sep 2014 09:52:52 
GMT[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - << "Server: TEST/1.1[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - << "Content-Length: 0[\r][\n]"
2014-09-25 10:11:12,130 DEBUG header - << "[\r][\n]"
2014-09-25 10:11:12,130 DEBUG DefaultHttpParams - Set parameter 
http.protocol.cookie-policy = ignoreCookies
2014-09-25 10:11:12,130 DEBUG HttpMethodBase - Buffering response body
2014-09-25 10:11:12,130 DEBUG HttpMethodBase - Should NOT close connection in 
response to directive: keep-alive
2014-09-25 10:11:12,130 DEBUG HttpConnection - Releasing connection back to 
connection manager.
2014-09-25 10:11:12,130 DEBUG MultiThreadedHttpConnectionManager - Freeing 
connection, hostConfig=HostConfiguration[host=http://xxx.yyy.zzz, 
proxyHost=http://localhost:42381]
2014-09-25 10:11:12,130 DEBUG IdleConnectionHandler - Adding connection at: 
1411638772502
2014-09-25 10:11:12,130 DEBUG MultiThreadedHttpConnectionManager - Notifying 
no-one, there are no waiting threads
2014-09-25 10:11:12,130 DEBUG HttpSender - SUCCESSFUL
2014-09-25 10:11:12,130 DEBUG HttpSender - sendAndReceive GET 
http://xxx.yyy.zzz/ took 89

Original comment by THC...@gmail.com on 25 Sep 2014 at 10:02

GoogleCodeExporter commented 9 years ago 
Another thing, in the log shows that you are accessing port 80 but in the 
configurations you set 443, is that correct? Shouldn't the port be the same 
(i.e. 80)?

Original comment by THC...@gmail.com on 25 Sep 2014 at 10:09

GoogleCodeExporter commented 9 years ago 
Did you manage to scan your web application iehiro? I'm dealing with the same 
issue. Can't scan my web site hosted in IIS even I configure authentication and 
username correctly.

Original comment by thuansol...@gmail.com on 26 Oct 2014 at 6:33

GoogleCodeExporter commented 9 years ago 
ZAP has been migrated to github

This issue will be on github issues with the same ID: 
https://github.com/zaproxy/zaproxy/issues

Original comment by psii...@gmail.com on 5 Jun 2015 at 9:17