hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Richard Sand (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HTTPCLIENT-1451) HttpClient does not store response cookies on a 401
Date Wed, 22 Jan 2014 00:38:19 GMT
Richard Sand created HTTPCLIENT-1451:

             Summary: HttpClient does not store response cookies on a 401
                 Key: HTTPCLIENT-1451
                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1451
             Project: HttpComponents HttpClient
          Issue Type: Bug
          Components: HttpAuth
    Affects Versions: 4.3.2
            Reporter: Richard Sand
            Priority: Minor

Using HttpClient 4.3.2 to call a Web Service which is secured with BASIC authentication. The
server responds to the initial request with a 401 response but also includes a cookie.

The HttpClient does not place response cookies into the cookie store until after it has completed
the subsequent request with the Authorize header, but the server rejects the authentication
if the cookie is missing. 

To work around this I had to disable the authentication capability in the HttpClientContext
and manually check for the 401 response code, and then send a followup request with a manually
set Authorize header.

So in the use case where the HttpClient is automatically sending a followup request with credentials
in response to a 401, the client should place the cookies from the original response into
the cookie store immediately, rather than waiting for after the response to the credentials
(the 2nd response).

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org

View raw message