[jira] [Created] (HTTPCLIENT-1532) Android Basic Authentication - the failure case

Wed, 30 Jul 2014 06:03:09 -0700 

Sander Smith created HTTPCLIENT-1532:
----------------------------------------

             Summary: Android Basic Authentication - the failure case
                 Key: HTTPCLIENT-1532
                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1532
             Project: HttpComponents HttpClient
          Issue Type: Bug
          Components: HttpClient
    Affects Versions: 4.3.3
         Environment: HttpClient library on Android
            Reporter: Sander Smith


I'm writing an Android app and am using the HttpClient library for Android for 
all of the communication to the outside world. I've also taken  the guts of the 
app and written a Java main so that I can run from the command line using the 
regular library.

Everything runs beautifully except for one thing: I need to do Basic 
Authentication, and the two platforms, Android and CLI react differently in the 
failure case. If Basic Authentication succeeds (e.g. the correct password is 
used) things run fine. However, in the case where an incorrect password is used 
I get a 401 on CLI (correct), but with the Android library I'm getting an 
exception thrown.

I've debugged enough to watch what goes over the wire. 

When I run CLI I see this:

 http-outgoing-4 >> "GET / HTTP/1.1[\r][\n]"
 http-outgoing-4 >> "User-Agent: xxx"
 http-outgoing-4 >> "Host: 192.168.1.1[\r][\n]"
 http-outgoing-4 >> "Connection: Keep-Alive[\r][\n]"
 http-outgoing-4 >> "Accept-Encoding: gzip,deflate[\r][\n]"
 http-outgoing-4 >> "Authorization: Basic YWRtaW46YWRtaW4=[\r][\n]"
 http-outgoing-4 >> "[\r][\n]"
 http-outgoing-4 << "HTTP/1.0 401 Unauthorized[\r][\n]"

Running on Android shows this:

 http-outgoing-4 >> "GET / HTTP/1.1[\r][\n]"
 http-outgoing-4 >> "User-Agent: xxx"
 http-outgoing-4 >> "Host: 192.168.1.1[\r][\n]"
 http-outgoing-4 >> "Connection: Keep-Alive[\r][\n]"
 http-outgoing-4 >> "Accept-Encoding: gzip,deflate[\r][\n]"
 http-outgoing-4 >> "Authorization: Basic YWRtaW46YWRtaW4=[\n]"
 http-outgoing-4 >> "[\r][\n]"
 http-outgoing-4 >> "[\r][\n]"
 http-outgoing-4 << "end of stream"
 http-outgoing-4: Close connection


It appears that on Android the sequence of carriage returns and line feeds is 
not being sent properly, and the server is getting confused.

It's also worth noting that when the correct password is being sent, the 
identical information is sent over the wire, but in both cases, an HTTP 200 is 
returned.

So what's going on here? Why is behavior different on 2 different platforms? Is 
there a bug in the Android library?



--
This message was sent by Atlassian JIRA
(v6.2#6252)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to