On Tue, 2014-03-25 at 09:29 +0200, d_k wrote: > Its looks like the first GET is challenged and the credentials are provided > but when executing the second GET the authentication is requested for a > different realm but because the AuthState already had credentials they were > used. > > The member targetAuthState in DefaultRequestDirector holds the old > credentials and although the realm changed they were not invalidated. >
The problem is that auth caches presently do not take auth realm into account, which is wrong. Please raise a JIRA for this defect. Oleg > > On Mon, Mar 24, 2014 at 10:11 PM, Oleg Kalnichevski <ol...@apache.org>wrote: > > > On Mon, 2014-03-24 at 18:38 +0200, d_k wrote: > > > I'm upgrading a Nutch plugin that used httpclient 3.x and because Nutch > > was > > > already dependent on httpclient 4.1.1 I decided to avoid adding a new > > > dependency on httpclient 4.3 and use the existing dependency on 4.1.1 > > > > > > > > > > I can take a look at the wire log tomorrow but I would strongly > > recommend upgrading regardless. HttpClient authentication code has > > undergone a fairly major rewrite in the 4.2 release. Upgrading at least > > to the latest release in the 4.2 series would probably be necessary > > anyway. > > > > Oleg > > > > > > > On Mon, Mar 24, 2014 at 6:00 PM, Oleg Kalnichevski <ol...@apache.org> > > wrote: > > > > > > > On Mon, 2014-03-24 at 17:54 +0200, d_k wrote: > > > > > Hello. > > > > > > > > > > I'm using httpclient-4.1.1 and i'm trying to authenticate with > > different > > > > > users on different realms but it seems to fail. > > > > > > > > Before I even start looking into this, is there a reason you are not > > > > using a newer version of HttpClient (preferably 4.3.x)? > > > > > > > > Oleg > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org > > > > For additional commands, e-mail: httpclient-users-h...@hc.apache.org > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org > > For additional commands, e-mail: httpclient-users-h...@hc.apache.org > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org For additional commands, e-mail: httpclient-users-h...@hc.apache.org
