hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kalnichevski, Oleg" <oleg.kalnichev...@bearingpoint.com>
Subject RE: preemptive
Date Tue, 10 Jun 2003 18:17:54 GMT
Zulfi 

Both Digest & NTLM authentication schemes are connection oriented. Every time a new connection
is open to a Digest & NTLM protected resource, the user has to be re-authenticated. Per
default HttpClient does its best to keep connections alive, provided that the server supports
connection reuse, thus eliminating the need to re-authenticate the user. 

Since you are using Log4J toolkit you have to ensure it's been configured to log 'httpclient.wire'
and 'org.apache.commons.httpclient' category of events at DEBUG verbosity. Please refer to
commons-logging & Log4J documentation for details

Oleg

-----Original Message-----
From: Zulfi Umrani [mailto:zumrani@novell.com]
Sent: Tuesday, June 10, 2003 17:03
To: Kalnichevski, Oleg; commons-httpclient-dev@jakarta.apache.org
Subject: RE: preemptive


What do you mean by "eliminating the authentication overhead"? Does this
mean keeping the already Authenticated header and adding it next time
the URL is being invoked? I am using Apache Tomcat Server to host a
couple of protected URLs. One more Basic and other for Digest. I believe
it does the necessary connection management specified by the HTTP
1.0/1.1. For logging I execute the following before I do anything.
log4j-1.2.8 and commons-logging-1.0.2. I do not any other documentation
for logging. If you have a sample code which enables logging even to a
file, please send that to me. I am using JDK1.4  on Sun Solaris without
any container to run the client. So I do not think it is redirecting
stdout or stderr to somewhere else.

System.setProperty("org.apache.commons.logging.simplelog.defaultlog",
"debug"); 
System.setProperty("org.apache.commons.logging.Log",
"org.apache.commons.logging.impl.SimpleLog"); 
System.setProperty("org.apache.commons.logging.simplelog.showdatetime",
"true"); 
System.setProperty("org.apache.commons.logging.simplelog.log.httpclient.wire",
"debug"); 
System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.commons.httpclient",
"trace"); 


>>> oleg.kalnichevski@bearingpoint.com 6/10/2003 1:36:57 PM >>>
Zulfi,
Only Basic authentication scheme can be used preemptively. If you want
to eliminate the authentication overhead associated with Digest or NTLM
schemes you have to ensure that the HTTP server keeps connections alive
when possible.

Please get logging to work. That should not be too difficult. Please
note that application servers and servlet engines usually redirect
standard output and standard error. If you are unable to figure out what
is going you might want to use Log4j toolkit that allows greater control
over logging (for instance, you can specify a separate log file for a
specific category of events). We will not be able to help you unless we
can see the logs. 

Oleg

-----Original Message-----
From: Zulfi Umrani [mailto:zumrani@novell.com] 
Sent: Tuesday, June 10, 2003 16:27
To: commons-httpclient-dev@jakarta.apache.org 
Subject: RE: preemptive


By setting realm as null, the pre-emptive authentication worked! But,
it
sends a Basic Authorization header even if the URL is protected by
Digest! For Digest it is still making 2 trips in order to
authenticate.
Which is fine for the first request, but it repeats the same thing for
the second request as well. Is there a way to tell the state, method
or
client what kind of scheme is desired for pre-emptive authentication.
Sorry, no logs here as log did not work.

>>> oleg.kalnichevski@bearingpoint.com 6/10/2003 3:47:32 AM >>>
Zulfi,

Try setting both realm & host to null. That should do the trick

	HttpClient hc = new HttpClient();
	HttpState state = hc.getState();
	state.setAuthenticationPreemptive(true);
      // Set default credentials (realm & host are null)
	state.setCredentials(null, null, 
	    new UsernamePasswordCredentials("zulfi", "zulfi"));


Folks,

The present convention for setting a default set of credentials is
utterly confusing and needs to be redesigned in 2.1. I believe we
should
be using HttpState#setCredentials(HttpAuthRealm, Credentials) instead
of
HttpState#setCredentials(String, String, Credentials). We should also
provide a static final class to represent the default set of
credentials:

public static final HttpAuthRealm DEFAULT_AUTH_CREDENTIALS = new
HttpAuthRealm(null, null);

The end user code might look similar to that below

	state.setCredentials(DEFAULT_AUTH_CREDENTIALS, 
	    new UsernamePasswordCredentials("zulfi", "zulfi"));


Cheers

Oleg


-----Original Message-----
From: Zulfi Umrani [mailto:zumrani@novell.com] 
Sent: Tuesday, June 10, 2003 00:44
To: commons-httpclient-dev@jakarta.apache.org 
Subject: preemptive


Tried to use the Preemptive Authentication feature. Could not get it
to
work. I used the HttpState.setAuthenticationPreemptive(true); to set
the
preemptive authentication ON. It still send the first request without
the Authorization header. Code sample is below. Would like to know,
how
to set up the Pre-emptive Authentication.

package test;

import java.io.*;
import java.net.URL;

import org.apache.commons.httpclient.*;
import org.apache.commons.httpclient.methods.*;
import org.apache.commons.httpclient.auth.*;
import org.apache.commons.httpclient.util.*;

public class JCTest {
    public static void main(String[] args) throws Exception {
	test0();
	test0();
	return;
    }

    public static void test0() throws Exception {
	System.out.println("running test0");

	String urlstr = "http://localhost:9999/services1/test";
	URL url = new URL(urlstr);
	
	HttpClient hc = new HttpClient();
	HttpState state = hc.getState();
	state.setAuthenticationPreemptive(true);
	state.setCredentials("", url.getHost(), 
	    new UsernamePasswordCredentials("zulfi", "zulfi"));

	PostMethod post = new PostMethod(urlstr);
	post.setDoAuthentication(true);

	post.addRequestHeader("Connection", "Keep-Alive");
	post.addRequestHeader("Content-Length", ""+msg.length());
	post.addRequestHeader("Content-Type", "text/xml;
charset=utf-8");

	InputStream reqis = new ByteArrayInputStream(msg.getBytes());
	
	post.setRequestBody(reqis);

	HostConfiguration hconfig = new HostConfiguration();
	hconfig.setHost(new URI(urlstr));
	
	hc.executeMethod(hconfig, post);

	System.out.println(post.getResponseBodyAsString());
	System.out.println();
	    
    }
    
    private static String msg = "Text Message";

}


Thanks.

---------------------------------------------------------------------
To unsubscribe, e-mail:
commons-httpclient-dev-unsubscribe@jakarta.apache.org 
For additional commands, e-mail:
commons-httpclient-dev-help@jakarta.apache.org 


---------------------------------------------------------------------
To unsubscribe, e-mail:
commons-httpclient-dev-unsubscribe@jakarta.apache.org 
For additional commands, e-mail:
commons-httpclient-dev-help@jakarta.apache.org 


---------------------------------------------------------------------
To unsubscribe, e-mail:
commons-httpclient-dev-unsubscribe@jakarta.apache.org 
For additional commands, e-mail:
commons-httpclient-dev-help@jakarta.apache.org 


---------------------------------------------------------------------
To unsubscribe, e-mail:
commons-httpclient-dev-unsubscribe@jakarta.apache.org 
For additional commands, e-mail:
commons-httpclient-dev-help@jakarta.apache.org 


---------------------------------------------------------------------
To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org


Mime
View raw message