hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Oleg Kalnichevski (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HTTPCLIENT-1344) Userinfo Credentials in URI Should Not Default to Preemptive Authentication
Date Tue, 23 Apr 2013 11:31:16 GMT

     [ https://issues.apache.org/jira/browse/HTTPCLIENT-1344?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Oleg Kalnichevski updated HTTPCLIENT-1344:

    Fix Version/s: 4.3 Beta2

Is this behavior described anywhere? 

> Userinfo Credentials in URI Should Not Default to Preemptive Authentication
> ---------------------------------------------------------------------------
>                 Key: HTTPCLIENT-1344
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1344
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient
>    Affects Versions: 4.2.4
>            Reporter: James Leigh
>             Fix For: 4.3 Beta2
> When using a request like new HttpGet("http://user:pass@example.com/") HttpClient will
send along Authorization: Basic header with the first request (even if the server uses Digest
> The expected behaviour is for HttpClient to send a request with no user credentials at
all, wait for the server to send a 401 response. Then based on the supported auth scheme,
send another request with the credentials in a scheme that is supported by the server.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org

View raw message