hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Will Johnson" <willjohnsonsea...@gmail.com>
Subject RE: Reuse Digest authentication nonce
Date Wed, 06 May 2009 17:00:43 GMT
I don't need preemptive digest authentication (although that is cool/scary).
The first request should be challenged but subsequent get/post/etc should
reuse the authenticate header.

- will

-----Original Message-----
From: Oleg Kalnichevski [mailto:olegk@apache.org] 
Sent: Wednesday, May 06, 2009 11:36 AM
To: HttpClient User Discussion
Subject: Re: Reuse Digest authentication nonce

On Wed, May 06, 2009 at 11:06:48AM -0400, Will Johnson wrote:
> I'm trying to get DIGEST authentication nonce working and running into
some
> trouble.  I've seen this message:
> 
>  
> 
>
http://markmail.org/message/yvyitckstgdunwtm#query:httpclient%20digest%20reu
> se%20nonce+page:1+mid:2ttnrnm3u2pb73av+state:results
> 
>  
> 
> which seems to indicate that 3.0+ would fix the issue however I'm still
> having issues.  I have tried setting preemptive authentication = true and
> using 100: Expect-Continue with no success.  This is going against a
simple
> Jetty install that I have validated works with reusable nonce's via
Firefox
> + Live HTTP-Headers.
> 
> 

Only HttpClient 4.0 is preemptive Disgest authentication capable. There will
be
no luck with HttpClient 3.x.

If you do not mind upgrading you can use this sample application as a
starting
point.

http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/httpclient/s
rc/examples/org/apache/http/examples/client/ClientPreemptiveDigestAuthentica
tion.java

Hope this helps

Oleg

 
> 
> My code looks like:
> 
>  
> 
> HttpClient client = new HttpClient();
> 
> Credentials defaultcreds = new UsernamePasswordCredentials("admin",
> "admin");
> 
> client.getState().setCredentials(new AuthScope(AuthScope.ANY_HOST,
> AuthScope.ANY_PORT, AuthScope.ANY_REALM), defaultcreds);
> 
>  
> 
> // this chellenges/authenticates as expected
> 
> GetMethod get = new GetMethod("http://localhost:8888/somePath?cgi=true");
> 
> int ret = client.executeMethod(get);
> 
> get.releaseConnection();
> 
>  
> 
> // this challenges again which it should not
> 
> GetMethod get2 = new
GetMethod("http://localhost:8888/somePath?cgi=false");
> 
> int ret = client.executeMethod(get2);
> 
> get2.releaseConnection();
> 
>  
> 
> the header output for the second request is below (the first goes as
> expected)
> 
>  
> 
> 2009-05-06 10:48:34,082 DEBUG header - >> "GET /somePath?cgi=false
> HTTP/1.1[\r][\n]"
> 
> 2009-05-06 10:48:34,082 DEBUG HttpMethodBase - Adding Host request header
> 
> 2009-05-06 10:48:34,082 DEBUG header - >> "User-Agent: Jakarta
> Commons-HttpClient/3.1[\r][\n]"
> 
> 2009-05-06 10:48:34,082 DEBUG header - >> "Host: localhost:8888[\r][\n]"
> 
> 2009-05-06 10:48:34,082 DEBUG header - >> "[\r][\n]"
> 
> 2009-05-06 10:48:34,082 DEBUG header - << "HTTP/1.1 401
> Unauthorized[\r][\n]"
> 
> 2009-05-06 10:48:34,082 DEBUG header - << "HTTP/1.1 401
> Unauthorized[\r][\n]"
> 
> 2009-05-06 10:48:34,082 DEBUG header - << "WWW-Authenticate: Digest
> realm="myRealm", domain="/somePath",
> nonce="IrplFiEBAABqPEprp4CAx3+1R/F+nerW", algorithm=MD5,
qop="auth"[\r][\n]"
> 
> 2009-05-06 10:48:34,082 DEBUG header - << "Content-Type: text/html;
> charset=iso-8859-1[\r][\n]"
> 
> 2009-05-06 10:48:34,082 DEBUG header - << "Cache-Control:
> must-revalidate,no-cache,no-store[\r][\n]"
> 
> 2009-05-06 10:48:34,082 DEBUG header - << "Content-Length: 1383[\r][\n]"
> 
> 2009-05-06 10:48:34,082 DEBUG header - << "Server: Jetty(6.1.15)[\r][\n]"
> 
> 2009-05-06 10:48:34,082 DEBUG header - << "[\r][\n]"
> 
> 2009-05-06 10:48:34,082 DEBUG HttpMethodDirector - Authorization required
> 
>  
> 
> Any help is greatly appreciated.
> 
>  
> 
> -          will
> 
>  
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


Mime
View raw message