[
https://issues.apache.org/jira/browse/AXIS2C-1244?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12674250#action_12674250
]
iancgood edited comment on AXIS2C-1244 at 2/17/09 8:09 AM:
-----------------------------------------------------------
This is still happening in 1.5.0 and is a serious show-stopper for anyone using
basic http auth in their web services. Has anyone looked into a fix?
In: src/core/transport/http/sender/http_sender.c
To clarify, it looks like, for BASIC authentication, lines 1020 .. 1040 are
executed, in particular lines 1035 and 1038 [the send/receive]. Then, in the
else {} portion after the 1042..1098 if block, the send/receive is executed
again, with the same parameters.
I think changing line 1042 to else if () will make the code work as intended,
as it looks like lines 1020..1106 should be one logic block
if(force_http_auth) ...
else if(force_http_auth_with_head) ...
else ...
was (Author: iancgood):
This is still happening in 1.5.0 and is a serious show-stopper for anyone
using basic http auth in their web services. Has anyone looked into a fix?
> Axis2/C HTTP transport sends SOAP calls twice when using BASIC auth
> -------------------------------------------------------------------
>
> Key: AXIS2C-1244
> URL: https://issues.apache.org/jira/browse/AXIS2C-1244
> Project: Axis2-C
> Issue Type: Bug
> Components: transport/http
> Affects Versions: 1.4.0
> Environment: Linux i686
> Reporter: Chris Rose
> Assignee: S.Uthaiyashankar
> Priority: Blocker
> Fix For: 1.6.0
>
>
> When I send a SOAP request using the built-in HTTP transport using HTTP-Basic
> authentication, the request ends up being sent two times. I've verified this
> with tcpmon, and I've stepped into the code to see that it's happening.
> The code that's doing this is in the 1.4.0 unix release tarball, in
> src/core/transport/http/sender/http_sender.c at line 973 (where
> force_http_auth is true due to an earlier call to
> axis2_options_set_http_auth_info with auth type = Basic) and then later in
> the false branch of the check on line 995, which starts on line 1054 of
> http_sender.c.
> The status code values from the initial calls don't seem to be checked,
> because they've plainly succeeded at this point.
> This is a dead-in-the-water blocker for us, with a release to a client coming
> up in four days. I don't have the time to upgrade to 1.5.0 on all of our
> tested platforms (because we're shipping this on Solaris as well, and that
> requires some patches to Axis2/C that we've got done for 1.4.0 and will be
> sending in one of these days). I realize it's a bit presumptuous, but could
> someone suggest a patch to this that would allow me to proceed?
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
