axis-c-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ian Good (JIRA)" <j...@apache.org>
Subject [jira] Issue Comment Edited: (AXIS2C-1244) Axis2/C HTTP transport sends SOAP calls twice when using BASIC auth
Date Tue, 17 Feb 2009 16:10:59 GMT

    [ https://issues.apache.org/jira/browse/AXIS2C-1244?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12674250#action_12674250
] 

iancgood edited comment on AXIS2C-1244 at 2/17/09 8:09 AM:
-----------------------------------------------------------

This is still happening in 1.5.0 and is a serious show-stopper for anyone using basic http
auth in their web services. Has anyone looked into a fix?

In: src/core/transport/http/sender/http_sender.c

To clarify, it looks like, for BASIC authentication, lines 1020 .. 1040 are executed, in particular
lines 1035 and 1038 [the send/receive]. Then, in the else {} portion after the 1042..1098
if block, the send/receive is executed again, with the same parameters.

I think changing line 1042 to else if () will make the code work as intended, as it looks
like lines 1020..1106 should be one logic block

if(force_http_auth) ...
else if(force_http_auth_with_head) ...
else ...


      was (Author: iancgood):
    This is still happening in 1.5.0 and is a serious show-stopper for anyone using basic
http auth in their web services. Has anyone looked into a fix?
  
> Axis2/C HTTP transport sends SOAP calls twice when using BASIC auth
> -------------------------------------------------------------------
>
>                 Key: AXIS2C-1244
>                 URL: https://issues.apache.org/jira/browse/AXIS2C-1244
>             Project: Axis2-C
>          Issue Type: Bug
>          Components: transport/http
>    Affects Versions: 1.4.0
>         Environment: Linux i686
>            Reporter: Chris Rose
>            Assignee: S.Uthaiyashankar
>            Priority: Blocker
>             Fix For: 1.6.0
>
>
> When I send a SOAP request using the built-in HTTP transport using HTTP-Basic authentication,
the request ends up being sent two times.  I've verified this with tcpmon, and I've stepped
into the code to see that it's happening.
> The code that's doing this is in the 1.4.0 unix release tarball, in src/core/transport/http/sender/http_sender.c
at line 973 (where force_http_auth is true due to an earlier call to axis2_options_set_http_auth_info
with auth type = Basic) and then later in the false branch of the check on line 995, which
starts on line 1054 of http_sender.c.
> The status code values from the initial calls don't seem to be checked, because they've
plainly succeeded at this point.
> This is a dead-in-the-water blocker for us, with a release to a client coming up in four
days.  I don't have the time to upgrade to 1.5.0 on all of our tested platforms (because we're
shipping this on Solaris as well, and that requires some patches to Axis2/C that we've got
done for 1.4.0 and will be sending in one of these days).  I realize it's a bit presumptuous,
but could someone suggest a patch to this that would allow me to proceed?

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message