Happy New Year!
This is a known problem with HttpClient. Bug #15297 <http://issues.apache.org/bugzilla/show_bug.cgi?id=15297>. The plan is to add a configuration option for specifying the order in which auth challenges are processed. You should be able to work around this by using preemptive authentication, see HttpState.setAuthenticationPreemptive().
Mike
On Dec 31, 2003, at 10:42 AM, Blanc, Isabelle wrote:
Hi everybody :)
and first of all, I wish you all an happy new year :))
and now is my question/remark (i don't know if it's better to post it here, or in the user mailing list, or as a comment in bugzilla, but I don't want to cross post, so for now I post it only here - let me know if I should cross post or add a comment in bugzilla) :
- the proxy I had to go though was using NTLM, and I checkouted the HTTPCLIENT_2_0_BRANCH tag sources from cvs.
- then the sysadmin decided to open a door for me in the proxy that would use only basic authentication. So i though that replacing the NTCredentials with UsernamePasswordCredentials would be enough - and it wasn't. The code was still returning a 407 - which is weird with basic auth.
- I finally found out where the "error" was (and now it works fine - only for me tho), but I can't decide if it's because of the proxy (that returns a "wrong" answer) or because of commons/httpclient code :
* the proxy returns these challenges, in this order : ntlm - basic - kerberos - negotiate
* in HttpAuthenticator.selectAuthScheme, after having built the challengemap, you go like :
...
challenge = (String) challengemap.get("ntlm");
if (challenge != null) {
return new NTLMScheme(challenge);
}
challenge = (String) challengemap.get("digest");
if (challenge != null) {
return new DigestScheme(challenge);
}
challenge = (String) challengemap.get("basic");
if (challenge != null) {
return new BasicScheme(challenge);
}
...
I only commented out the 4 lines about NTLM (i know it's quick & dirty but .. i had to make it work before 2004 ;] !)
Anyway, does it mean that the proxy should NOT return any ntlm challenge if it expects a basic auth, even if it's for one single realm (all other realms (domains for ntlm) use NTLM auth) ?
Or does it mean there's something here in the code that needs to be twisted (like, the only challenge that actually has a "value" is the basic one : if i print the challenge map i get
ntlm--NTLM
basic--Basic realm="hidden-sorry"
kerberos--Kerberos
negotiate--Negotiate
) ??
that was my 2 cents .... hope you'll all have a nice nice new year's eve tonight :o) !
Isa
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
