hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kalnichevski, Oleg" <oleg.kalnichev...@bearingpoint.com>
Subject RE: Posting XML over authenticated connection using SSL
Date Tue, 18 May 2004 13:15:41 GMT

Lee Francis,

Now it hit me. 

When credentials are explicitly set to be used with a given host and/or realm only, there'll
never be used for preemptive authentication for security reasons. The credentials will be
used to respond to a direct authorization challenge originating from the specified host/realm.

client.getState().setCredentials(realm, host, upc);

You have got to provide default credentials in order for HttpClient to be able to send credentials
preemptively

client.getState().setCredentials(null, null, upc);

This should do the trick

Oleg

-----Original Message-----
From: Lee Francis Wilhelmsen [mailto:leefw@start.no]
Sent: Tuesday, May 18, 2004 15:03
To: Commons HttpClient Project
Subject: RE: Posting XML over authenticated connection using SSL


> Since you appear to be passing a custom HttpState object to the HttpClient#executeMethod
these lines of code have no effect of what so ever on the method's execution
>
> client.getState().setAuthenticationPreemptive(true);
> client.getState().setCredentials(realm, host, upc);
 >
> Try this instead
>
> httpState.setAuthenticationPreemptive(true);
> httpState.setCredentials(realm, host, upc);
> status = client.executeMethod(hostConfiguration, method, httpState);
>
> HTH
>
> Oleg

Sorry, it seems I 've made a mistake when showing you my example code in
  my prevous mail. I'm calling
	client.executeMethod(method);
and not
	client.executeMethod(hostConfiguration, method, httpState);
in my code.

Don't understand why the Authorization header isn't being sent in the
first request as expected when setting setAuthenticationPreemptive(true)

Any ideas?

Regards
Lee Francis

---------------------------------------------------------------------
To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org


***************************************************************************************************
The information in this email is confidential and may be legally privileged.  Access to this
email by anyone other than the intended addressee is unauthorized.  If you are not the intended
recipient of this message, any review, disclosure, copying, distribution, retention, or any
action taken or omitted to be taken in reliance on it is prohibited and may be unlawful. 
If you are not the intended recipient, please reply to or forward a copy of this message to
the sender and delete the message, any attachments, and any copies thereof from your system.
***************************************************************************************************

---------------------------------------------------------------------
To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org


Mime
View raw message