Return-Path: 
 <dev-return-30485-apmail-hc-dev-archive=hc.apache.org@hc.apache.org>
X-Original-To: apmail-hc-dev-archive@www.apache.org
Delivered-To: apmail-hc-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id DA1D211678
	for <apmail-hc-dev-archive@www.apache.org>;
 Thu, 12 Jun 2014 12:31:02 +0000 (UTC)
Received: (qmail 1073 invoked by uid 500); 12 Jun 2014 12:31:02 -0000
Delivered-To: apmail-hc-dev-archive@hc.apache.org
Received: (qmail 1036 invoked by uid 500); 12 Jun 2014 12:31:02 -0000
Mailing-List: contact dev-help@hc.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@hc.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@hc.apache.org>
List-Post: <mailto:dev@hc.apache.org>
List-Id: <dev.hc.apache.org>
Reply-To: "HttpComponents Project" <dev@hc.apache.org>
Delivered-To: mailing list dev@hc.apache.org
Received: (qmail 1025 invoked by uid 99); 12 Jun 2014 12:31:02 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 12 Jun 2014 12:31:02 +0000
Date: Thu, 12 Jun 2014 12:31:02 +0000 (UTC)
From: "Oleg Kalnichevski (JIRA)" <jira@apache.org>
To: dev@hc.apache.org
Message-ID: <JIRA.12690154.1390350983894.117044.1402576262694@arcas>
In-Reply-To: <JIRA.12690154.1390350983894@arcas>
References: <JIRA.12690154.1390350983894@arcas>
Subject: [jira] [Updated] (HTTPCLIENT-1451) HttpClient does not store
 response cookies on a 401
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


     [ https://issues.apache.org/jira/browse/HTTPCLIENT-1451?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Oleg Kalnichevski updated HTTPCLIENT-1451:
------------------------------------------

    Fix Version/s:     (was: 4.4 Final)
                   5.0

> HttpClient does not store response cookies on a 401
> ---------------------------------------------------
>
>                 Key: HTTPCLIENT-1451
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1451
>             Project: HttpComponents HttpClient
>          Issue Type: Improvement
>          Components: HttpAuth
>    Affects Versions: 4.3.2
>            Reporter: Richard Sand
>            Priority: Minor
>             Fix For: 5.0
>
>
> Using HttpClient 4.3.2 to call a Web Service which is secured with BASIC authentication. The server responds to the initial request with a 401 response but also includes a cookie.
> The HttpClient does not place response cookies into the cookie store until after it has completed the subsequent request with the Authorize header, but the server rejects the authentication if the cookie is missing. 
> To work around this I had to disable the authentication capability in the HttpClientContext and manually check for the 401 response code, and then send a followup request with a manually set Authorize header.
> So in the use case where the HttpClient is automatically sending a followup request with credentials in response to a 401, the client should place the cookies from the original response into the cookie store immediately, rather than waiting for after the response to the credentials (the 2nd response).



--
This message was sent by Atlassian JIRA
(v6.2#6252)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org