[
https://issues.apache.org/jira/browse/HTTPCLIENT-872?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12751252#action_12751252
]
Gerald Turner commented on HTTPCLIENT-872:
------------------------------------------
I see what you mean — ran some tests and it's apparent that reused connections
keep repeating the authentication handshake, need to cache the Authorization
header, worthy of a separate JIRA, yeah? Digest is more complicated since
it'll need to increment the "nc" value and generate a new "cnonce" each
subsequent request. I have no idea about NTLM.
With preemptive authentication, do you believe that the "nonce" can be
pre-seeded? Maybe some servers can be tricked, but that doesn't seem like the
way the protocol was intended.
> Add preemptive authentication
> -----------------------------
>
> Key: HTTPCLIENT-872
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-872
> Project: HttpComponents HttpClient
> Issue Type: Improvement
> Components: HttpAuth
> Affects Versions: 4.0 Final
> Reporter: Gerald Turner
> Priority: Trivial
> Attachments: PreemptiveAuth.patch
>
>
> Wishlist request for preemptive authentication to be included in the API,
> like HttpClient 3.x had. There is an example
> ClientPreemptiveBasicAuthentication.java that uses HttpRequestInterceptor
> which I had adapted to my application and it works fine.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
