DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG� RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=34909>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND� INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=34909 ------- Additional Comments From [EMAIL PROTECTED] 2005-05-16 19:22 ------- (In reply to comment #6) > (In reply to comment #3) > Oleg, > I think this may be the same problem in the HTTP Client 3.0 code. I overlooked > this before, but I checked the 'response' strings in the logs I posted for > both > the 2.0.2 and 3.0 client and they do NOT match--just like in your initial test > case where different responses were generated. I tried the patch too, just in > case--no luck though. I seem to remember when I was stepping through the code > for the 3.0 client that the cnonce value (which I believe is seeded with the > system time), is hashed into the final 'response' value---I do not know if the > 2.0.2 code does this, but it may be why the 3.0 code is producing a different > response. > I am reasonably sure both versions produce identical 'response' values given the same challenge and cnonce value. Sadly, Apache Http server does not provide support for MD5-sess yet. So, I can't test the code myself and have to rely on the wire log that you have sent. I am afraid I will not be able to do much without access to an Microsoft IIS server with Digest MD5-sess authentication on. Oleg -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
