Hello!! I am using Axis 1.3, tomcat 5.5.12, java 1.5.
I am using client-deploy.wsdd so my axis client can use Http 1.1. I am also using commonsHTTPclient-3.0-rc4.jar and commonsCodec-1-3.jar. My web service is using those two handlers for authentication: <requestFlow name="checks"> <handler type="java:org.apache.axis.handlers.SimpleAuthenticationHandler"/> <handler type="java:org.apache.axis.handlers.SimpleAuthorizationHandler"/> </requestFlow>. I also set the userName and password for my Call object. Also set setMaintainSession(true). The problem is: When the client sends the message it is not authorized (HTTP/1.1 401 Unauthorized). But the client sends automatically the same message again, and now it is authorized. Running ethereal I saw in the Http Header that in the first message there is not a "Authorization: Basic + some hexadecimal stuff" entry. The Http header response has the follow entry: WWW-Authenticate: Basic realm="AXIS". I did not set this realm at any place (tomcat configuration file or the axis server side). At the axis fault string I have: <faultstring>User 'null' not authenticated (unknown user)</faultstring>. As I said I set the user name and password (Ah, the user name and password exists at users.lst). Only one detail. Debugging I saw that in the messageContext object, at the client side, that the user name and password were empty. So in my stub I also set userName and password for the messageContext. See the code below: _call.getMessageContext().setUsername(userName); _call.getMessageContext().setPassword(passWord); The second message, that is the first one sent again, goes with the Authorization entry at the Http header. The credentials, user name and password, are correct. So , the message is authorized. At last, when I use http 1.0 I do not have authentication problem and duplication of message problem. With this problem, when I use http 1.1 my web service is slower than with http 1.0!! Could anyone help me? What is going on? Thx, Fabrizzio Cabral de Lacerda