hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 8140] - [httpclient] Incorrect credentials loop infinitely
Date Wed, 10 Aug 2005 08:15:10 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=8140>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=8140





------- Additional Comments From mguillemot@yahoo.fr  2005-08-10 10:14 -------
I use httpclient through htmlunit to call a page needing Basic authorization
using a wrong credential.

The htmlunit code is quite simple:
 final WebClient webClient = new WebClient();
 final DefaultCredentialsProvider cp = new DefaultCredentialsProvider();
 cp.addCredentials("toto", "tototo");
 webClient.setCredentialsProvider(cp);
 webClient.getPage(new URL("http://localhost:8080/jn/public/xml2/toto"));

basically it just sets the provided credential provider as parameter of the
HttpClient:
 client.getParams().setParameter( CredentialsProvider.PROVIDER,
getWebClient().getCredentialsProvider() );

The wirelog looks like:
[DEBUG] 10:03:59,371 httpclient.wire.header  - >> "GET /jn/public/xml2/toto
HTTP/1.1[\r][\n]"
[DEBUG] 10:03:59,372 httpclient.wire.header  - >> "User-Agent: Mozilla/4.0
(compatible; MSIE 6.0b; Windows 98)[\r][\n]"
[DEBUG] 10:03:59,372 httpclient.wire.header  - >> "Authorization: Basic
dG90bzp0b3RvdG8=[\r][\n]"
[DEBUG] 10:03:59,372 httpclient.wire.header  - >> "Host: localhost:8080[\r][\n]"
[DEBUG] 10:03:59,372 httpclient.wire.header  - >> "[\r][\n]"
[DEBUG] 10:03:59,385 httpclient.wire.header  - << "HTTP/1.1 401
Unauthorized[\r][\n]"
[DEBUG] 10:03:59,385 httpclient.wire.header  - << "Server:
Apache-Coyote/1.1[\r][\n]"
[DEBUG] 10:03:59,385 httpclient.wire.header  - << "Pragma: No-cache[\r][\n]"
[DEBUG] 10:03:59,385 httpclient.wire.header  - << "Cache-Control: no-cache[\r][\n]"
[DEBUG] 10:03:59,385 httpclient.wire.header  - << "Expires: Thu, 01 Jan 1970
01:00:00 CET[\r][\n]"
[DEBUG] 10:03:59,385 httpclient.wire.header  - << "WWW-Authenticate: Basic
realm="Jugendnetz restricted area"[\r][\n]"
[DEBUG] 10:03:59,385 httpclient.wire.header  - << "Content-Type:
text/html;charset=utf-8[\r][\n]"
[DEBUG] 10:03:59,385 httpclient.wire.header  - << "Content-Length: 952[\r][\n]"
[DEBUG] 10:03:59,385 httpclient.wire.header  - << "Date: Wed, 10 Aug 2005
08:03:58 GMT[\r][\n]"
[DEBUG] 10:03:59,388 httpclient.wire.header  - >> "GET /jn/public/xml2/toto
HTTP/1.1[\r][\n]"
[DEBUG] 10:03:59,389 httpclient.wire.header  - >> "User-Agent: Mozilla/4.0
(compatible; MSIE 6.0b; Windows 98)[\r][\n]"
[DEBUG] 10:03:59,389 httpclient.wire.header  - >> "Authorization: Basic
dG90bzp0b3RvdG8=[\r][\n]"
[DEBUG] 10:03:59,389 httpclient.wire.header  - >> "Host: localhost:8080[\r][\n]"
[DEBUG] 10:03:59,389 httpclient.wire.header  - >> "[\r][\n]"
[DEBUG] 10:03:59,393 httpclient.wire.header  - << "HTTP/1.1 401
Unauthorized[\r][\n]"
[DEBUG] 10:03:59,393 httpclient.wire.header  - << "Server:
Apache-Coyote/1.1[\r][\n]"
[DEBUG] 10:03:59,393 httpclient.wire.header  - << "Pragma: No-cache[\r][\n]"
[DEBUG] 10:03:59,393 httpclient.wire.header  - << "Cache-Control: no-cache[\r][\n]"
[DEBUG] 10:03:59,393 httpclient.wire.header  - << "Expires: Thu, 01 Jan 1970
01:00:00 CET[\r][\n]"
[DEBUG] 10:03:59,393 httpclient.wire.header  - << "WWW-Authenticate: Basic
realm="Jugendnetz restricted area"[\r][\n]"
[DEBUG] 10:03:59,394 httpclient.wire.header  - << "Content-Type:
text/html;charset=utf-8[\r][\n]"
[DEBUG] 10:03:59,394 httpclient.wire.header  - << "Content-Length: 952[\r][\n]"
[DEBUG] 10:03:59,394 httpclient.wire.header  - << "Date: Wed, 10 Aug 2005
08:03:58 GMT[\r][\n]"
[DEBUG] 10:03:59,396 httpclient.wire.header  - >> "GET /jn/public/xml2/toto
HTTP/1.1[\r][\n]"
[DEBUG] 10:03:59,397 httpclient.wire.header  - >> "User-Agent: Mozilla/4.0
(compatible; MSIE 6.0b; Windows 98)[\r][\n]"
[DEBUG] 10:03:59,397 httpclient.wire.header  - >> "Authorization: Basic
dG90bzp0b3RvdG8=[\r][\n]"
[DEBUG] 10:03:59,397 httpclient.wire.header  - >> "Host: localhost:8080[\r][\n]"
[DEBUG] 10:03:59,397 httpclient.wire.header  - >> "[\r][\n]"

etc... (allways the same thing again and again).

If you prefer, I can extract the problem from htmlunit and provide sample code
using only httpclient. I don't know how to provide a unit test for this: how
should the server part be simulated?
Looking at the code, it seems to me that in
org.apache.commons.httpclient.HttpMethodDirector (line 90 for v1.34) is
incorrect and should allow only 1 retry when credential has been provided:

 if (processAuthenticationResponse(method)) {
   LOG.debug("Retry authentication");
   retry = true;
 }

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-dev-help@jakarta.apache.org


Mime
View raw message