[jira] [Updated] (HTTPCLIENT-1129) Redirect and Kerberos authentication in conflict

[Harald Kirsch (Updated) (JIRA)]

     [ 
https://issues.apache.org/jira/browse/HTTPCLIENT-1129?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Harald Kirsch updated HTTPCLIENT-1129:
--------------------------------------

    Attachment: wiresharkFrom401.txt
                logFrom401Example.txt
                examples.txt

The file logFrom401Example.txt contains the logs you requested. The same 
session can be found logged with wireshark in wiresharkFrom401.txt.

Further the examples.txt contains the relevant code snippets we use. One 
triggers the 401. In the meantime we found one more workaround. Both 
workarounds are shown in exmples.txt. One uses NoReuseStrategy and the other 
explicitly sets the port 80 and protocol http.

Harald.
                
> Redirect and Kerberos authentication in conflict
> ------------------------------------------------
>
>                 Key: HTTPCLIENT-1129
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1129
>             Project: HttpComponents HttpClient
>          Issue Type: Wish
>          Components: HttpClient
>    Affects Versions: 4.1.2
>            Reporter: Harald Kirsch
>         Attachments: examples.txt, logFrom401Example.txt, wiresharkFrom401.txt
>
>
> We are using the HttpClient to connect to a Website that uses 
> Kerberos-Authentication.
> Beware this trigger word: Kerberos! I think this is *not* the problem, but 
> please read on.
> Here is the sequence of events:
> Client: GET /
> Server: Unauthorized.
> Client: GET / and includes authentication.
> Server: 302 to /something on the same host (this shows that in principle 
> authentication works)
> Client: GET /something,  does not include authentication
> Server: Unauthorized
> Client quits with 401-Unauthorized.
> I would have expected one of the following instead:
> 1) Client immediately sends authorization information with the redirected GET 
> /something
> 2) Client re-requests the /something with authorization after 
> 401-Unauthorized.
> We could get around the problem by setting the ConnectionReuseStrategy to a 
> constant false.
> It would be great if someone could tell me if HttpClient works as expected or 
> whether there is a bug or misconfiguration lurking.
> Thanks,
> Harald.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org
For additional commands, e-mail: dev-h...@hc.apache.org