hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: Reuse Digest authentication nonce
Date Wed, 06 May 2009 17:10:24 GMT
On Wed, May 06, 2009 at 01:00:43PM -0400, Will Johnson wrote:
> I don't need preemptive digest authentication (although that is cool/scary).
> The first request should be challenged but subsequent get/post/etc should
> reuse the authenticate header.
> 

Please DO take a look at the sample, because this is precisely what it does. You do not have
to initialize the authentication scheme preemptively if you do not want to (most likely you
will not even be able to do so, because you will not have the nonce until challenged at least
once)

Oleg

> - will
> 
> -----Original Message-----
> From: Oleg Kalnichevski [mailto:olegk@apache.org] 
> Sent: Wednesday, May 06, 2009 11:36 AM
> To: HttpClient User Discussion
> Subject: Re: Reuse Digest authentication nonce
> 
> On Wed, May 06, 2009 at 11:06:48AM -0400, Will Johnson wrote:
> > I'm trying to get DIGEST authentication nonce working and running into
> some
> > trouble.  I've seen this message:
> > 
> >  
> > 
> >
> http://markmail.org/message/yvyitckstgdunwtm#query:httpclient%20digest%20reu
> > se%20nonce+page:1+mid:2ttnrnm3u2pb73av+state:results
> > 
> >  
> > 
> > which seems to indicate that 3.0+ would fix the issue however I'm still
> > having issues.  I have tried setting preemptive authentication = true and
> > using 100: Expect-Continue with no success.  This is going against a
> simple
> > Jetty install that I have validated works with reusable nonce's via
> Firefox
> > + Live HTTP-Headers.
> > 
> > 
> 
> Only HttpClient 4.0 is preemptive Disgest authentication capable. There will
> be
> no luck with HttpClient 3.x.
> 
> If you do not mind upgrading you can use this sample application as a
> starting
> point.
> 
> http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/httpclient/s
> rc/examples/org/apache/http/examples/client/ClientPreemptiveDigestAuthentica
> tion.java
> 
> Hope this helps
> 
> Oleg
> 
>  
> > 
> > My code looks like:
> > 
> >  
> > 
> > HttpClient client = new HttpClient();
> > 
> > Credentials defaultcreds = new UsernamePasswordCredentials("admin",
> > "admin");
> > 
> > client.getState().setCredentials(new AuthScope(AuthScope.ANY_HOST,
> > AuthScope.ANY_PORT, AuthScope.ANY_REALM), defaultcreds);
> > 
> >  
> > 
> > // this chellenges/authenticates as expected
> > 
> > GetMethod get = new GetMethod("http://localhost:8888/somePath?cgi=true");
> > 
> > int ret = client.executeMethod(get);
> > 
> > get.releaseConnection();
> > 
> >  
> > 
> > // this challenges again which it should not
> > 
> > GetMethod get2 = new
> GetMethod("http://localhost:8888/somePath?cgi=false");
> > 
> > int ret = client.executeMethod(get2);
> > 
> > get2.releaseConnection();
> > 
> >  
> > 
> > the header output for the second request is below (the first goes as
> > expected)
> > 
> >  
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - >> "GET /somePath?cgi=false
> > HTTP/1.1[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG HttpMethodBase - Adding Host request header
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - >> "User-Agent: Jakarta
> > Commons-HttpClient/3.1[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - >> "Host: localhost:8888[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - >> "[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - << "HTTP/1.1 401
> > Unauthorized[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - << "HTTP/1.1 401
> > Unauthorized[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - << "WWW-Authenticate: Digest
> > realm="myRealm", domain="/somePath",
> > nonce="IrplFiEBAABqPEprp4CAx3+1R/F+nerW", algorithm=MD5,
> qop="auth"[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - << "Content-Type: text/html;
> > charset=iso-8859-1[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - << "Cache-Control:
> > must-revalidate,no-cache,no-store[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - << "Content-Length: 1383[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - << "Server: Jetty(6.1.15)[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG header - << "[\r][\n]"
> > 
> > 2009-05-06 10:48:34,082 DEBUG HttpMethodDirector - Authorization required
> > 
> >  
> > 
> > Any help is greatly appreciated.
> > 
> >  
> > 
> > -          will
> > 
> >  
> > 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> For additional commands, e-mail: httpclient-users-help@hc.apache.org
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> For additional commands, e-mail: httpclient-users-help@hc.apache.org
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


Mime
View raw message