hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Roland Weber <http-as...@dubioso.net>
Subject Re: Help on Digest Auth
Date Sat, 27 Jan 2007 14:11:30 GMT
Hi Chuck,

>   OK, so the first page in realm requires the challenge-response
> -- but what about the following pages?  I need to access pages on
> a web-server/device that appears to only challenge on the /index.html
> page.  It will not reply with the contents of any other page if
> the request for it doesn't have the 
>    
>   Authorization: Digest username="****" ...
>    
>   request header.  I see this from sniffing out the headers when
> connected to the device via firefox or IE.  Oleg said in an earlier
> reply, only Basic can be preemptive -- but is that for just the
> first page?  The request-challenge-request is fine for the first page.
>  Please, someone, tell me how to make the HTTPClient "remember"
> it already has the Authorization from the previous request!

I'm afraid you'll have to dig very deep into the HttpClient auth
code to make this work. This is in the class comment for DigestScheme:

 TODO: make class more stateful regarding repeated authentication requests

Digest is rarely used which would give this a very low priority.
But I'm not familiar with that part of the code, so I may be wrong.

Some thoughts if you feel like taking on this task:
- implement your own version of the DigestScheme and
  make it remember the challenge (or whatever you need)
- copy the instance from the AuthState of the previously
  executed method to that of the next method to be executed
http://jakarta.apache.org/commons/httpclient/apidocs/org/apache/commons/httpclient/HttpMethodBase.html#getHostAuthState()

hope that helps,
  Roland


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org


Mime
View raw message