hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Will Johnson" <willjohnsonsea...@gmail.com>
Subject RE: Reuse Digest authentication nonce
Date Wed, 06 May 2009 17:45:53 GMT
I did look at the sample and it does seem to indicate there is a way to do
this with v4 however that's not an option for me.  This seems like a really
fundamental thing for v1.3 to not do so I was hoping there was some
workaround.

- will

-----Original Message-----
From: Oleg Kalnichevski [mailto:olegk@apache.org] 
Sent: Wednesday, May 06, 2009 1:10 PM
To: HttpClient User Discussion
Subject: Re: Reuse Digest authentication nonce

On Wed, May 06, 2009 at 01:00:43PM -0400, Will Johnson wrote:
> I don't need preemptive digest authentication (although that is
cool/scary).
> The first request should be challenged but subsequent get/post/etc should
> reuse the authenticate header.
> 

Please DO take a look at the sample, because this is precisely what it does.
You do not have to initialize the authentication scheme preemptively if you
do not want to (most likely you will not even be able to do so, because you
will not have the nonce until challenged at least once)

Oleg

> - will
> 
> -----Original Message-----
> From: Oleg Kalnichevski [mailto:olegk@apache.org] 
> Sent: Wednesday, May 06, 2009 11:36 AM
> To: HttpClient User Discussion
> Subject: Re: Reuse Digest authentication nonce
> 
> On Wed, May 06, 2009 at 11:06:48AM -0400, Will Johnson wrote:
> > I'm trying to get DIGEST authentication nonce working and running into
> some
> > trouble.  I've seen this message:
> > 
> >  
> > 
> >
>
http://markmail.org/message/yvyitckstgdunwtm#query:httpclient%20digest%20reu
> > se%20nonce+page:1+mid:2ttnrnm3u2pb73av+state:results
> > 
> >  
> > 
> > which seems to indicate that 3.0+ would fix the issue however I'm still
> > having issues.  I have tried setting preemptive authentication = true
and
> > using 100: Expect-Continue with no success.  This is going against a
> simple
> > Jetty install that I have validated works with reusable nonce's via
> Firefox
> > + Live HTTP-Headers.
> > 
> > 
> 
> Only HttpClient 4.0 is preemptive Disgest authentication capable. There
will
> be
> no luck with HttpClient 3.x.
> 
> If you do not mind upgrading you can use this sample application as a
> starting
> point.
> 
>
http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/httpclient/s
>
rc/examples/org/apache/http/examples/client/ClientPreemptiveDigestAuthentica
> tion.java
> 
> Hope this helps
> 
> Oleg
> 
>  
> > 
> > My code looks like:
> > 
> >  
> > 
> > HttpClient client = new HttpClient();
> > 
> > Credentials defaultcreds = new UsernamePasswordCredentials("admin",
> > "admin");
> > 
> > client.getState().setCredentials(new AuthScope(AuthScope.ANY_HOST,
> > AuthScope.ANY_PORT, AuthScope.ANY_REALM), defaultcreds);
> > 
> >  
> > 
> > // this chellenges/authenticates as expected
> > 
> > GetMethod get = new
GetMethod("http://localhost:8888/somePath?cgi=true");
> > 
> > int ret = client.executeMethod(get);
> > 
> > get.releaseConnection();
> > 
> >  
> > 
> > // this challenges again which it should not
> > 
> > GetMethod get2 = new
> GetMethod("http://localhost:8888/somePath?cgi=false");
> > 
> > int ret = client.executeMethod(get2);
> > 
> > get2.releaseConnection();
> > 
> >  
> > 
> > the header output for the second request is below (the first goes as
> > expected)
> > 
> >  
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - >> "GET /somePath?cgi=false
> > HTTP/1.1[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG HttpMethodBase - Adding Host request
header
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - >> "User-Agent: Jakarta
> > Commons-HttpClient/3.1[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - >> "Host: localhost:8888[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - >> "[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - << "HTTP/1.1 401
> > Unauthorized[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - << "HTTP/1.1 401
> > Unauthorized[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - << "WWW-Authenticate: Digest
> > realm="myRealm", domain="/somePath",
> > nonce="IrplFiEBAABqPEprp4CAx3+1R/F+nerW", algorithm=MD5,
> qop="auth"[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - << "Content-Type: text/html;
> > charset=iso-8859-1[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - << "Cache-Control:
> > must-revalidate,no-cache,no-store[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - << "Content-Length: 1383[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - << "Server:
Jetty(6.1.15)[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - << "[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG HttpMethodDirector - Authorization
required
> > 
> >  
> > 
> > Any help is greatly appreciated.
> > 
> >  
> > 
> > -          will
> > 
> >  
> > 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> For additional commands, e-mail: httpclient-users-help@hc.apache.org
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> For additional commands, e-mail: httpclient-users-help@hc.apache.org
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


Mime
View raw message