hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Zulfi Umrani" <zumr...@novell.com>
Subject RE: preemptive
Date Tue, 10 Jun 2003 14:27:25 GMT
By setting realm as null, the pre-emptive authentication worked! But, it
sends a Basic Authorization header even if the URL is protected by
Digest! For Digest it is still making 2 trips in order to authenticate.
Which is fine for the first request, but it repeats the same thing for
the second request as well. Is there a way to tell the state, method or
client what kind of scheme is desired for pre-emptive authentication.
Sorry, no logs here as log did not work.

>>> oleg.kalnichevski@bearingpoint.com 6/10/2003 3:47:32 AM >>>
Zulfi,

Try setting both realm & host to null. That should do the trick

	HttpClient hc = new HttpClient();
	HttpState state = hc.getState();
	state.setAuthenticationPreemptive(true);
      // Set default credentials (realm & host are null)
	state.setCredentials(null, null, 
	    new UsernamePasswordCredentials("zulfi", "zulfi"));


Folks,

The present convention for setting a default set of credentials is
utterly confusing and needs to be redesigned in 2.1. I believe we should
be using HttpState#setCredentials(HttpAuthRealm, Credentials) instead of
HttpState#setCredentials(String, String, Credentials). We should also
provide a static final class to represent the default set of
credentials:

public static final HttpAuthRealm DEFAULT_AUTH_CREDENTIALS = new
HttpAuthRealm(null, null);

The end user code might look similar to that below

	state.setCredentials(DEFAULT_AUTH_CREDENTIALS, 
	    new UsernamePasswordCredentials("zulfi", "zulfi"));


Cheers

Oleg


-----Original Message-----
From: Zulfi Umrani [mailto:zumrani@novell.com] 
Sent: Tuesday, June 10, 2003 00:44
To: commons-httpclient-dev@jakarta.apache.org 
Subject: preemptive


Tried to use the Preemptive Authentication feature. Could not get it
to
work. I used the HttpState.setAuthenticationPreemptive(true); to set
the
preemptive authentication ON. It still send the first request without
the Authorization header. Code sample is below. Would like to know,
how
to set up the Pre-emptive Authentication.

package test;

import java.io.*;
import java.net.URL;

import org.apache.commons.httpclient.*;
import org.apache.commons.httpclient.methods.*;
import org.apache.commons.httpclient.auth.*;
import org.apache.commons.httpclient.util.*;

public class JCTest {
    public static void main(String[] args) throws Exception {
	test0();
	test0();
	return;
    }

    public static void test0() throws Exception {
	System.out.println("running test0");

	String urlstr = "http://localhost:9999/services1/test";
	URL url = new URL(urlstr);
	
	HttpClient hc = new HttpClient();
	HttpState state = hc.getState();
	state.setAuthenticationPreemptive(true);
	state.setCredentials("", url.getHost(), 
	    new UsernamePasswordCredentials("zulfi", "zulfi"));

	PostMethod post = new PostMethod(urlstr);
	post.setDoAuthentication(true);

	post.addRequestHeader("Connection", "Keep-Alive");
	post.addRequestHeader("Content-Length", ""+msg.length());
	post.addRequestHeader("Content-Type", "text/xml;
charset=utf-8");

	InputStream reqis = new ByteArrayInputStream(msg.getBytes());
	
	post.setRequestBody(reqis);

	HostConfiguration hconfig = new HostConfiguration();
	hconfig.setHost(new URI(urlstr));
	
	hc.executeMethod(hconfig, post);

	System.out.println(post.getResponseBodyAsString());
	System.out.println();
	    
    }
    
    private static String msg = "Text Message";

}


Thanks.

---------------------------------------------------------------------
To unsubscribe, e-mail:
commons-httpclient-dev-unsubscribe@jakarta.apache.org 
For additional commands, e-mail:
commons-httpclient-dev-help@jakarta.apache.org 


---------------------------------------------------------------------
To unsubscribe, e-mail:
commons-httpclient-dev-unsubscribe@jakarta.apache.org 
For additional commands, e-mail:
commons-httpclient-dev-help@jakarta.apache.org 


Mime
View raw message