hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: pre-emptive authentication for digest authentication
Date Wed, 27 Oct 2004 18:31:47 GMT
John,

Actually preemptive Digest authentication may not necessarily be a very
good idea. Once I already had to comment on this subject. Please excuse
my laziness and refer to this archived discussion thread:

http://marc.theaimsgroup.com/?l=httpclient-commons-dev&m=108983065628847&w=2

Hope this helps

Oleg


On Wed, 2004-10-27 at 07:05, Jesus M. Salvo Jr. wrote:
> The target server that I am POSTing to requires digest authentication.
> I was trying out:
> 
>     httpClient.getState().setAuthenticationPreemptive(true);
> 
> However, it turns out that HttpClient was first trying out Basic 
> authentication before using Digest authentication.
> Which makes sense I guess since I have not really told it what 
> authentication method to use first.
> 
> Is there a way to force HttpClient to firsty try digest authentication 
> ... or to try any specific authentication method first ?
> 
> Section 3.3 ( third paragraph ) of RFC 2617 also allows pre-emptively 
> sending the Authorization header for digest authentication.
> 
> 
> John
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: httpclient-dev-help@jakarta.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-dev-help@jakarta.apache.org


Mime
View raw message