tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Christophe Dupriez" <christophe.dupr...@poisoncentre.be>
Subject Tomcat 6.0.18, POST request.ContentLength() is 0 when entering the Authenticator
Date Thu, 20 Nov 2008 00:07:59 GMT
Hi Tomcat Developpers!

Few days ago I provided an NTLM Authenticator. My users reported that their POST requests
are now without content.
I traced and I can confirm that, when entering the NtlmAuthenticator.authenticate method,
request.ContentLength() is -1 for GET transactions (and it works) but it is 0 for POST.
At the very entrance of BasicAuthenticator.authenticate,  request.ContentLength() is -1 for
GET transactions (and it works) but the real length is there for POST.

So I can have 50 GET transactions without any problems : the NTLM authentication is done once
with the first transaction. Then, if a POST comes, it will be 0 length.

Any idea of what may be happening? As I did not found any real dependency on the word "BASIC"
within Tomcat source, I am wondering if lower level Java Run Time could test explicitely the
authentication method and "forget" to manage the ContentLength? It seems that some people
have problem with FORM authentication. Could it be a similar problem?

The patch file is accessible:
http://www.destin.be/tomcat/NtlmAuthentication.patch

The new authenticator class is accessible:
http://www.destin.be/tomcat/NtlmAuthenticator.java

Wishing you a very nice week,

Christophe Dupriez
Centre Antipoisons - Antigifcentrum
C/o Hôpital Central de la Base Reine Astrid
   Rue Bruyn - 1120 Bruxelles - Belgique
tel 32-(0)2.264.96.36 fax 32-(0)2.264.96.46
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message