hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <o.kalnichev...@dplanet.ch>
Subject Re: EntityEnclosingMethod, 100-continue and 401 Unauthorized
Date Thu, 06 Feb 2003 06:58:52 GMT
Rob,
I am working on fixing the problem
Many thanks for tracking it down
Oleg

On Thu, 2003-02-06 at 00:21, Rob Owen wrote:
> The new EntityEnclosingMethod is great and looks like it might be able to support HTTP
1.0 servers with the 3 second wait for a 100-Continue response. There is a problem though
when using it against an authenticating server as follows:
> 
> 1. -> PUT /file HTTP/1.1 
>    contains Expect: 100-continue header but disregarded as the server 
>    needs authentication information
> 2. <- HTTP/1.0 401 Unauthorized
>    switches isHttp11 flag
> 3. Now it tries on loop 2
>    -> PUT /file HTTP/1.0 with authorization header
>    still contains Expect header, although a warning message about 
>    HTTP/1.0 not supporting Expect is written out 
> 4. 3 second timeout occurs, Expect header is removed and body is supposed 
>    to be sent
> 5. The body is not sent through writeRemainingRequestBody() as 
>    statusLine exists and statusCode is currently 401, and continue
>    has not been received.
> 6. isRetryNeeded is checked, which causes processAuthenticationResponse 
>    to find it has already authenticated to this realm (although it
>    never got a chance to check it out), and so the request is not 
>    retried. [A retry with the request now (without Expect header and 
>    correct authorization) would work.]
> 7. 401 Unauthorized is returned as the status.
> 
>  
> ------
> Rob Owen
> SAS Institute Inc.
> email: Rob.Owen@sas.com
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org
> 


Mime
View raw message