hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Harald Kirsch (Updated) (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HTTPCLIENT-1129) Redirect and Kerberos authentication in conflict
Date Tue, 27 Sep 2011 15:59:11 GMT

     [ https://issues.apache.org/jira/browse/HTTPCLIENT-1129?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Harald Kirsch updated HTTPCLIENT-1129:

    Attachment: wiresharkFrom401.txt

The file logFrom401Example.txt contains the logs you requested. The same session can be found
logged with wireshark in wiresharkFrom401.txt.

Further the examples.txt contains the relevant code snippets we use. One triggers the 401.
In the meantime we found one more workaround. Both workarounds are shown in exmples.txt. One
uses NoReuseStrategy and the other explicitly sets the port 80 and protocol http.

> Redirect and Kerberos authentication in conflict
> ------------------------------------------------
>                 Key: HTTPCLIENT-1129
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1129
>             Project: HttpComponents HttpClient
>          Issue Type: Wish
>          Components: HttpClient
>    Affects Versions: 4.1.2
>            Reporter: Harald Kirsch
>         Attachments: examples.txt, logFrom401Example.txt, wiresharkFrom401.txt
> We are using the HttpClient to connect to a Website that uses Kerberos-Authentication.
> Beware this trigger word: Kerberos! I think this is *not* the problem, but please read
> Here is the sequence of events:
> Client: GET /
> Server: Unauthorized.
> Client: GET / and includes authentication.
> Server: 302 to /something on the same host (this shows that in principle authentication
> Client: GET /something,  does not include authentication
> Server: Unauthorized
> Client quits with 401-Unauthorized.
> I would have expected one of the following instead:
> 1) Client immediately sends authorization information with the redirected GET /something
> 2) Client re-requests the /something with authorization after 401-Unauthorized.
> We could get around the problem by setting the ConnectionReuseStrategy to a constant
> It would be great if someone could tell me if HttpClient works as expected or whether
there is a bug or misconfiguration lurking.
> Thanks,
> Harald.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org

View raw message