Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id F1D54200BE8 for ; Thu, 8 Dec 2016 15:49:59 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id F096F160B1E; Thu, 8 Dec 2016 14:49:59 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 73C13160B1F for ; Thu, 8 Dec 2016 15:49:59 +0100 (CET) Received: (qmail 27874 invoked by uid 500); 8 Dec 2016 14:49:58 -0000 Mailing-List: contact issues-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list issues@cxf.apache.org Received: (qmail 27849 invoked by uid 99); 8 Dec 2016 14:49:58 -0000 Received: from arcas.apache.org (HELO arcas) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 08 Dec 2016 14:49:58 +0000 Received: from arcas.apache.org (localhost [127.0.0.1]) by arcas (Postfix) with ESMTP id 671EB2C03E3 for ; Thu, 8 Dec 2016 14:49:58 +0000 (UTC) Date: Thu, 8 Dec 2016 14:49:58 +0000 (UTC) From: "Silvan Hollenstein (JIRA)" To: issues@cxf.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Created] (CXF-7170) Support Multiple WWW-Authenticate Headers MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Thu, 08 Dec 2016 14:50:00 -0000 Silvan Hollenstein created CXF-7170: --------------------------------------- Summary: Support Multiple WWW-Authenticate Headers Key: CXF-7170 URL: https://issues.apache.org/jira/browse/CXF-7170 Project: CXF Issue Type: Bug Components: Transports Affects Versions: 3.1.8 Reporter: Silvan Hollenstein When the authorization type "Digest" is chosen, and the server responds with a 401 and multiple WWW-Authenticate headers, this will most probably lead to an error. Define Digest to be your authentication method: ... AuthorizationPolicy authPolicy = new AuthorizationPolicy(); authPolicy.setAuthorizationType("Digest"); ... The HTTPConduit will then create a DigestAuthSupplier. In... DigestAuthSupplier.getAuthorization(...) { ... HttpAuthHeader authHeader = new HttpAuthHeader(fullHeader); if (authHeader.authTypeIsDigest()) { ... } } the authHeader will have the "Basic", because it is the first in fullHeader. But this does not match of course with authHeader.authTypeIsDigest(), and then it will return null. The actual wrong thing is, imo, that the fullHeader is concatenated, instead of choosing the one auth header that matches the method we have defined. Furthermore, it would be nice when the suppliers were chosen automatically, based on what authentication methods the server offers. -- This message was sent by Atlassian JIRA (v6.3.4#6332)