Return-Path: 
 <dev-return-30785-apmail-hc-dev-archive=hc.apache.org@hc.apache.org>
X-Original-To: apmail-hc-dev-archive@www.apache.org
Delivered-To: apmail-hc-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id B73EE11BCF
	for <apmail-hc-dev-archive@www.apache.org>;
 Thu,  7 Aug 2014 10:07:12 +0000 (UTC)
Received: (qmail 28950 invoked by uid 500); 7 Aug 2014 10:07:12 -0000
Delivered-To: apmail-hc-dev-archive@hc.apache.org
Received: (qmail 28899 invoked by uid 500); 7 Aug 2014 10:07:12 -0000
Mailing-List: contact dev-help@hc.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@hc.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@hc.apache.org>
List-Post: <mailto:dev@hc.apache.org>
List-Id: <dev.hc.apache.org>
Reply-To: "HttpComponents Project" <dev@hc.apache.org>
Delivered-To: mailing list dev@hc.apache.org
Received: (qmail 28544 invoked by uid 99); 7 Aug 2014 10:07:12 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 07 Aug 2014 10:07:12 +0000
Date: Thu, 7 Aug 2014 10:07:12 +0000 (UTC)
From: "Sander Smith (JIRA)" <jira@apache.org>
To: dev@hc.apache.org
Message-ID: <JIRA.12730785.1406725333598.33403.1407406032094@arcas>
In-Reply-To: <JIRA.12730785.1406725333598@arcas>
References: <JIRA.12730785.1406725333598@arcas>
Subject: [jira] [Commented] (HTTPCLIENT-1532) Android Basic Authentication -
 the failure case
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


    [ https://issues.apache.org/jira/browse/HTTPCLIENT-1532?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14089094#comment-14089094 ] 

Sander Smith commented on HTTPCLIENT-1532:
------------------------------------------

Hey Oleg,

Thanks for fixing this so quickly.I'd be happy to test this for you, but
unfortunately I'm flying out on vacation in a few hours and not bringing
any development environment. If it can wait a week I can do it then.

Sander


On Thu, Aug 7, 2014 at 5:42 AM, Oleg Kalnichevski (JIRA) <jira@apache.org>




-- 
Sander A. Smith
President

Sericon Technology Inc.
71 Marquette Ave.
Toronto, Ontario M6A 1X8
(416)781-3988

Link to me on LinkedIn
http://www.linkedin.com/in/sandersmith

Learn about the dangers of home routers and how you can protect yourself
http://www.RouterCheck.com

http://www.sericontech.com


> Android Basic Authentication - the failure case
> -----------------------------------------------
>
>                 Key: HTTPCLIENT-1532
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1532
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: Android Port
>    Affects Versions: 4.3.3
>         Environment: HttpClient library on Android
>            Reporter: Sander Smith
>             Fix For: 4.3.5
>
>
> I'm writing an Android app and am using the HttpClient library for Android for all of the communication to the outside world. I've also taken  the guts of the app and written a Java main so that I can run from the command line using the regular library.
> Everything runs beautifully except for one thing: I need to do Basic Authentication, and the two platforms, Android and CLI react differently in the failure case. If Basic Authentication succeeds (e.g. the correct password is used) things run fine. However, in the case where an incorrect password is used I get a 401 on CLI (correct), but with the Android library I'm getting an exception thrown.
> I've debugged enough to watch what goes over the wire. 
> When I run CLI I see this:
>  http-outgoing-4 >> "GET / HTTP/1.1[\r][\n]"
>  http-outgoing-4 >> "User-Agent: xxx"
>  http-outgoing-4 >> "Host: 192.168.1.1[\r][\n]"
>  http-outgoing-4 >> "Connection: Keep-Alive[\r][\n]"
>  http-outgoing-4 >> "Accept-Encoding: gzip,deflate[\r][\n]"
>  http-outgoing-4 >> "Authorization: Basic YWRtaW46YWRtaW4=[\r][\n]"
>  http-outgoing-4 >> "[\r][\n]"
>  http-outgoing-4 << "HTTP/1.0 401 Unauthorized[\r][\n]"
> Running on Android shows this:
>  http-outgoing-4 >> "GET / HTTP/1.1[\r][\n]"
>  http-outgoing-4 >> "User-Agent: xxx"
>  http-outgoing-4 >> "Host: 192.168.1.1[\r][\n]"
>  http-outgoing-4 >> "Connection: Keep-Alive[\r][\n]"
>  http-outgoing-4 >> "Accept-Encoding: gzip,deflate[\r][\n]"
>  http-outgoing-4 >> "Authorization: Basic YWRtaW46YWRtaW4=[\n]"
>  http-outgoing-4 >> "[\r][\n]"
>  http-outgoing-4 >> "[\r][\n]"
>  http-outgoing-4 << "end of stream"
>  http-outgoing-4: Close connection
> It appears that on Android the sequence of carriage returns and line feeds is not being sent properly, and the server is getting confused.
> It's also worth noting that when the correct password is being sent, the identical information is sent over the wire, but in both cases, an HTTP 200 is returned.
> So what's going on here? Why is behavior different on 2 different platforms? Is there a bug in the Android library?



--
This message was sent by Atlassian JIRA
(v6.2#6252)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org