[
https://issues.apache.org/jira/browse/HTTPCLIENT-1532?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14079355#comment-14079355
]
Sander Smith commented on HTTPCLIENT-1532:
------------------------------------------
After conferring with Oleg, we found that the problem is in the Android port in
the BasicSchemeHC4 class. When Base64 encoding is being used, we should use
Base64.NO_WRAP instead of Base64.DEFAULT. This will suppress the unnecessary LF
that's added onto the Base64 string.
I've modified my version locally, and have verified that this fixes the problem.
> Android Basic Authentication - the failure case
> -----------------------------------------------
>
> Key: HTTPCLIENT-1532
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1532
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: Android Port
> Affects Versions: 4.3.3
> Environment: HttpClient library on Android
> Reporter: Sander Smith
> Fix For: 4.3.5
>
>
> I'm writing an Android app and am using the HttpClient library for Android
> for all of the communication to the outside world. I've also taken the guts
> of the app and written a Java main so that I can run from the command line
> using the regular library.
> Everything runs beautifully except for one thing: I need to do Basic
> Authentication, and the two platforms, Android and CLI react differently in
> the failure case. If Basic Authentication succeeds (e.g. the correct password
> is used) things run fine. However, in the case where an incorrect password is
> used I get a 401 on CLI (correct), but with the Android library I'm getting
> an exception thrown.
> I've debugged enough to watch what goes over the wire.
> When I run CLI I see this:
> http-outgoing-4 >> "GET / HTTP/1.1[\r][\n]"
> http-outgoing-4 >> "User-Agent: xxx"
> http-outgoing-4 >> "Host: 192.168.1.1[\r][\n]"
> http-outgoing-4 >> "Connection: Keep-Alive[\r][\n]"
> http-outgoing-4 >> "Accept-Encoding: gzip,deflate[\r][\n]"
> http-outgoing-4 >> "Authorization: Basic YWRtaW46YWRtaW4=[\r][\n]"
> http-outgoing-4 >> "[\r][\n]"
> http-outgoing-4 << "HTTP/1.0 401 Unauthorized[\r][\n]"
> Running on Android shows this:
> http-outgoing-4 >> "GET / HTTP/1.1[\r][\n]"
> http-outgoing-4 >> "User-Agent: xxx"
> http-outgoing-4 >> "Host: 192.168.1.1[\r][\n]"
> http-outgoing-4 >> "Connection: Keep-Alive[\r][\n]"
> http-outgoing-4 >> "Accept-Encoding: gzip,deflate[\r][\n]"
> http-outgoing-4 >> "Authorization: Basic YWRtaW46YWRtaW4=[\n]"
> http-outgoing-4 >> "[\r][\n]"
> http-outgoing-4 >> "[\r][\n]"
> http-outgoing-4 << "end of stream"
> http-outgoing-4: Close connection
> It appears that on Android the sequence of carriage returns and line feeds is
> not being sent properly, and the server is getting confused.
> It's also worth noting that when the correct password is being sent, the
> identical information is sent over the wire, but in both cases, an HTTP 200
> is returned.
> So what's going on here? Why is behavior different on 2 different platforms?
> Is there a bug in the Android library?
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
