Mailing-List: contact commons-dev-help@jakarta.apache.org; run by ezmlm
Precedence: bulk
Reply-To: "Jakarta Commons Developers List" <commons-dev@jakarta.apache.org>
From: "Vincent Massol" <vmassol@octo.com>
To: "'Jakarta Commons Developers List'" <commons-dev@jakarta.apache.org>
Subject: RE: [HttpClient][Request] Ability to debranch some logic
Date: Mon, 5 Aug 2002 08:27:59 +0100
Organization: OCTO Technology
Message-ID: <006301c23c51$a5eaef10$0200a8c0@octovma>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit
In-Reply-To: <3D4B67B3.4CB3DB4A@sympatico.ca>
Importance: Normal


> -----Original Message-----
> From: jsdever [mailto:jsdever] On Behalf Of Jeff Dever
> Sent: 03 August 2002 06:19
> To: Jakarta Commons Developers List
> Cc: dion@multitask.com.au
> Subject: Re: [HttpClient][Request] Ability to debranch some logic
> 
> Hey Vincent,
> 
> I spent about 6 hours refactoring that method before I guessed at your
> problem.

thanks

> The current behaviour surrounding authentication is:
> 1) create the http method
> 2) if preemptive authentication is turned on, an authenticate header
is
> added
> 3) the method is executed
> 4) If a 401 is received, the authentication header is added
> 4.1) the method is re executed
> 4.2) if a 401 is received again, execute gives up and returns a 401
error
> code.
> 
> So I am guessing that somewhere you are setting the correct
authentication
> credentials for the realm that you are making the request on because
you
> are
> getting a 200-OK response.  So if you want to get a 401, dont set any
> valid
> credentials.  

Hum. That's strange. I have checked again my code and I don't see any
authentication/credentials being set up at all ...

Question: What is preemptive authentication?

> If that does not work, we'll get you a new nightly and work
> with
> you on it.
> 
> I beleive that I have a fix for you infinite loop problem as well.  I
have
> not
> committed it yet as I want to polish it a bit and get the other guys
to
> look it
> over first.  It could still have another method factored out of it but
I
> didn't
> want to change the world in a day ;-)
> 

Thanks
-Vincent

> 
> Vincent Massol wrote:
> 
> > dIon,
> >
> > Thanks. I am probably blind but I can't find an example of any 401
test
> > in the URL you provided (authentication). I can test all response
codes
> > fine with HttpClient except 401, hence my initial email.
> >
> > Here is the HttpClient code that is involved (I think) :
> >
> >             if (HttpStatus.SC_UNAUTHORIZED == statusCode) {
> >                 Header wwwauth =
getResponseHeader("WWW-Authenticate");
> >                 if (null != wwwauth) {
> > [some code to send another request to authenticate]
> >
> > I haven't followed closely the code but I don't see any code to
debranch
> > this. For redirects it works fine as the code is :
> >
> >             } else if (HttpStatus.SC_MOVED_TEMPORARILY == statusCode
||
> >                HttpStatus.SC_MOVED_PERMANENTLY == statusCode ||
> >                HttpStatus.SC_TEMPORARY_REDIRECT == statusCode) {
> >                 if (getFollowRedirects()) {
> > [...]
> >
> > thus getFollowRedirects() returns false is HttpClient is set not to
> > follow redirects.
> >
> > As I don't follow all the code for authentication, can someone from
> > HttpClient tell me if it is possible to test a 401 response coming
from
> > the server without HttpClient intercepting it ?
> >
> > Thanks
> > -Vincent
> 
> 
> --
> To unsubscribe, e-mail:   <mailto:commons-dev-
> unsubscribe@jakarta.apache.org>
> For additional commands, e-mail: <mailto:commons-dev-
> help@jakarta.apache.org>


--
To unsubscribe, e-mail:   <mailto:commons-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:commons-dev-help@jakarta.apache.org>