commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 11498] - Proxy authentication does not handle multiple multiple authentication schemes
Date Tue, 06 Aug 2002 14:13:54 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11498>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11498

Proxy authentication does not handle multiple multiple authentication schemes

jsdever@sympatico.ca changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |commons-
                   |                            |dev@jakarta.apache.org
         AssignedTo|commons-                    |jsdever@sympatico.ca
                   |dev@jakarta.apache.org      |
           Priority|Other                       |Medium
            Summary|Proxy authentication does   |Proxy authentication does
                   |not work correctly          |not handle multiple multiple
                   |                            |authentication schemes
   Target Milestone|---                         |2.0 milestone 1



------- Additional Comments From jsdever@sympatico.ca  2002-08-06 14:13 -------
This is definately a problem.  Not just an issue with the authenticate headers, 
but for many multivalued headerst.  There is talk of moving to regular 
expression pattern matching for parsing, but that will not be a 2.0 feature.  
However, we will correct this issue for the soonest possible timeframe, 2.0 
Milestone 1.

As for which authentication scheme to use when there are multiple 
authentication schemes:

<cite href="http://www.ietf.org/rfc/rfc2617.txt">
4.6 Weakness Created by Multiple Authentication Schemes
   An HTTP/1.1 server may return multiple challenges with a 401
   (Authenticate) response, and each challenge may use a different
   auth-scheme. A user agent MUST choose to use the strongest auth-
   scheme it understands and request credentials from the user based
   upon that challenge.
</cite>

The behaviour in the citation is *not* the current behaviour of HttpClient.

--
To unsubscribe, e-mail:   <mailto:commons-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:commons-dev-help@jakarta.apache.org>


Mime
View raw message