Lee Francis, Since you appear to be passing a custom HttpState object to the HttpClient#executeMethod these lines of code have no effect of what so ever on the method's execution
client.getState().setAuthenticationPreemptive(true); client.getState().setCredentials(realm, host, upc); Try this instead httpState.setAuthenticationPreemptive(true); httpState.setCredentials(realm, host, upc); status = client.executeMethod(hostConfiguration, method, httpState); HTH Oleg -----Original Message----- From: Lee Francis Wilhelmsen [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 18, 2004 14:19 To: Commons HttpClient Project Subject: Re: Posting XML over authenticated connection using SSL >> - The server responds saying not authorized with a realm value >> - HTTP Client then resends the post using the credentitals >> I have supplied (why doesn't it do this the first time?) > > This is the standard behaviour. You can enable preemtive authentication. Ok, so I found a setAuthenticationPreemptive(boolean) method in the HttpState object that I set before setting the credentials. However, my wire trace is still telling me that the HTTP Client API isn't sending the "Authorization" header until after a 401 response has been returned from the server first. The server is also returning a cookie which is used by the HTTP Client API but doesn't seem to have any effect on the authorization procedure even though it is sent to the server after the first successful request. The server still sends the 401 response. I'm sending a "Connection: close" header with every request to rectify a possible bug on the server. I don't know if this has anything to do with this. Here's what the code looks like: client.setStrictMode(false); UsernamePasswordCredentials upc = new UsernamePasswordCredentials(username, password); client.getState().setAuthenticationPreemptive(true); client.getState().setCredentials(realm, host, upc); PostMethod method = new PostMethod(url); method.addParameter("something", something); method.setHttp11(true); method.setDoAuthentication(true); method.setRequestHeader("Connection", "close"); DefaultMethodRetryHandler methodRetryHandler = new DefaultMethodRetryHandler(); method.setMethodRetryHandler(methodRetryHandler); status = client.executeMethod(hostConfiguration, method, httpState); Here's a part of the wire log illustrating the process for two requests (the first and second of a batch of many requests). As far as I can tell the log is telling me that HTTP Client is using two requests for every one nesessary. I can live with that, but I'd like to know why first. >> "POST /sting/StingServlet HTTP/1.1[\r][\n]" >> "Connection: close[\r][\n]" >> "User-Agent: Jakarta Commons-HttpClient/2.0final[\r][\n]" >> "Host: e-torg.no.ihost.com[\r][\n]" >> "Content-Length: 817[\r][\n]" >> "Content-Type: application/x-www-form-urlencoded[\r][\n]" >> "[\r][\n]" >> "something=first request removed" << "HTTP/1.1 401 Unauthorized [\r][\n]" << "Server: IBM HTTP Server/V5R3M0[\r][\n]" << "Date: Tue, 18 May 2004 11:00:01 GMT[\r][\n]" << "Connection: close[\r][\n]" << "Accept-Ranges: bytes[\r][\n]" << "Content-Type: text/html; charset=IBM-1047[\r][\n]" << "Content-Length: 282[\r][\n]" << "Last-Modified: Tue, 18 May 2004 11:00:01 GMT[\r][\n]" << "Expires: Tue, 18 May 2004 11:00:01 GMT[\r][\n]" << "Pragma: no-cache[\r][\n]" << "Cache-Control: no-cache[\r][\n]" << "WWW-Authenticate: Basic realm="STING_Restricted"[\r][\n]" << "<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY>Authentication failed.</BODY></HTML>" >> "POST /sting/StingServlet HTTP/1.1[\r][\n]" >> "Connection: close[\r][\n]" >> "User-Agent: Jakarta Commons-HttpClient/2.0final[\r][\n]" >> "Host: e-torg.no.ihost.com[\r][\n]" >> "Content-Length: 817[\r][\n]" >> "Content-Type: application/x-www-form-urlencoded[\r][\n]" >> "Authorization: Basic aTAweGRrOmVqYjl3aQ==[\r][\n]" >> "[\r][\n]" >> "something=first request removed" << "HTTP/1.1 200 ok [\r][\n]" << "Server: IBM HTTP Server/V5R3M0[\r][\n]" << "Date: Tue, 18 May 2004 11:00:03 GMT[\r][\n]" << "Connection: close[\r][\n]" << "Accept-Ranges: bytes[\r][\n]" << "Content-Type: text/xml[\r][\n]" << "Content-Length: 22264[\r][\n]" << "Last-Modified: Tue, 18 May 2004 11:00:03 GMT[\r][\n]" << "Expires: Thu, 01 Dec 1994 16:00:00 GMT[\r][\n]" << "Set-Cookie: sesessionid=9777DdKU6v_coYhba0G3GUEb;Path=/[\r][\n]" << "Cache-Control: no-cache="set-cookie,set-cookie2"[\r][\n]" << "<?xml version="1.0" encoding="UTF-8"?>[\n]" << "first xml response removed [\n]" >> "POST /sting/StingServlet HTTP/1.1[\r][\n]" >> "Connection: close[\r][\n]" >> "User-Agent: Jakarta Commons-HttpClient/2.0final[\r][\n]" >> "Host: e-torg.no.ihost.com[\r][\n]" >> "Cookie: $Version=0; sesessionid=9777DdKU6v_coYhba0G3GUEb; $Path=/[\r][\n]" >> "Content-Length: 865[\r][\n]" >> "Content-Type: application/x-www-form-urlencoded[\r][\n]" >> "[\r][\n]" >> "something=second request removed" << "HTTP/1.1 401 Unauthorized [\r][\n]" << "Server: IBM HTTP Server/V5R3M0[\r][\n]" << "Date: Tue, 18 May 2004 11:00:06 GMT[\r][\n]" << "Connection: close[\r][\n]" << "Accept-Ranges: bytes[\r][\n]" << "Content-Type: text/html; charset=IBM-1047[\r][\n]" << "Content-Length: 282[\r][\n]" << "Last-Modified: Tue, 18 May 2004 11:00:06 GMT[\r][\n]" << "Expires: Tue, 18 May 2004 11:00:06 GMT[\r][\n]" << "Pragma: no-cache[\r][\n]" << "Cache-Control: no-cache[\r][\n]" << "WWW-Authenticate: Basic realm="STING_Restricted"[\r][\n]" << "<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY>Authentication failed.</BODY></HTML>" >> "POST /sting/StingServlet HTTP/1.1[\r][\n]" >> "Connection: close[\r][\n]" >> "User-Agent: Jakarta Commons-HttpClient/2.0final[\r][\n]" >> "Host: e-torg.no.ihost.com[\r][\n]" >> "Content-Length: 865[\r][\n]" >> "Content-Type: application/x-www-form-urlencoded[\r][\n]" >> "Authorization: Basic aTAweGRrOmVqYjl3aQ==[\r][\n]" >> "Cookie: $Version=0; sesessionid=9777DdKU6v_coYhba0G3GUEb; $Path=/[\r][\n]" >> "[\r][\n]" >> "something=second request removed" << "HTTP/1.1 200 ok [\r][\n]" << "Server: IBM HTTP Server/V5R3M0[\r][\n]" << "Date: Tue, 18 May 2004 11:00:07 GMT[\r][\n]" << "Connection: close[\r][\n]" << "Accept-Ranges: bytes[\r][\n]" << "Content-Type: text/xml[\r][\n]" << "Content-Length: 22181[\r][\n]" << "Last-Modified: Tue, 18 May 2004 11:00:07 GMT[\r][\n]" << "<?xml version="1.0" encoding="UTF-8"?>[\n]" << "second xml response removed [\n]" etc. Any ideas why this is happening? Best regards Lee Francis Wilhelmsen --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] *************************************************************************************************** The information in this email is confidential and may be legally privileged. Access to this email by anyone other than the intended addressee is unauthorized. If you are not the intended recipient of this message, any review, disclosure, copying, distribution, retention, or any action taken or omitted to be taken in reliance on it is prohibited and may be unlawful. If you are not the intended recipient, please reply to or forward a copy of this message to the sender and delete the message, any attachments, and any copies thereof from your system. *************************************************************************************************** --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
