hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From o.kalnichev...@dplanet.ch
Subject Re:EntityEnclosingMethod, 100-continue and 401 Unauthorized
Date Thu, 06 Feb 2003 16:38:26 GMT
I think I fixed the problem by making the EntityEnclosingMethod class check for the Expect
header and remove it if it is not supposed to be there

Could you please take the newest CVS snapshot for a spin and let ke know if the problem persists



>The new EntityEnclosingMethod is great and looks like it might be able to support HTTP
1.0 servers with the 3 second wait for a 100-Continue response. There is a problem though
when using it against an authenticating server as follows:
>1. -> PUT /file HTTP/1.1 
>   contains Expect: 100-continue header but disregarded as the server 
>   needs authentication information
>2. <- HTTP/1.0 401 Unauthorized
>   switches isHttp11 flag
>3. Now it tries on loop 2
>   -> PUT /file HTTP/1.0 with authorization header
>   still contains Expect header, although a warning message about 
>   HTTP/1.0 not supporting Expect is written out 
>4. 3 second timeout occurs, Expect header is removed and body is supposed 
>   to be sent
>5. The body is not sent through writeRemainingRequestBody() as 
>   statusLine exists and statusCode is currently 401, and continue
>   has not been received.
>6. isRetryNeeded is checked, which causes processAuthenticationResponse 
>   to find it has already authenticated to this realm (although it
>   never got a chance to check it out), and so the request is not 
>   retried. [A retry with the request now (without Expect header and 
>   correct authorization) would work.]
>7. 401 Unauthorized is returned as the status.
>Rob Owen
>SAS Institute Inc.
>email: Rob.Owen@sas.com
>To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org

View raw message