Hi team,
Our project has a unit-test to test all REST URLs with curlib. We've
observed that 2 of the tests got HTTP 401 code. Considering that all the
requests use the same credentials, I'm confused with the failure. Many
thanks in advance for your help!
FYI, here're the logs about the requests.
Failed request
2020-06-08 19:11:36.863:DBUG:oejs.HttpChannel:qtp1025799482-16: REQUEST for
//host:port/?cmd=test+cmd1&xml=true&xml=yes on HttpChannelOverHttp@2ecf9fce
{s=HttpChannelState@23f31a0{s=IDLE rs=BLOCKING os=OPEN is=IDLE awp=false
se=false i=true
al=0},r=1,c=false/false,a=IDLE,uri=//host:port/?cmd=test+cmd1
&xml=true&xml=yes,age=0}
GET //host:port/?cmd=tes+cmd1&xml=true&xml=yes HTTP/1.1
*Authorization: Basic ZXJzX2FkbWluOldlbGNvbWUxMjM0NQ==*^M
User-Agent: Test Client/1.0^M
Host: host:port^M
Accept: */*^M
Response to the failed request
2020-06-08 19:11:37.246:DBUG:oejs.HttpChannel:qtp1025799482-16: COMMIT for
/ on HttpChannelOverHttp@2ecf9fce{s=HttpChannelState@23f31a0{s=HANDLING
rs=COMPLETING os=COMMITTED is=IDLE awp=false se=false i=false
al=0},r=1,c=false/false,a=HANDLING,uri=https://host:port/?cmd=test+cmd1
&xml=true&xml=yes,age=383}
401 HTTP/1.1
X-XSS-Protection: 1^M
X-Content-Type-Options: nosniff^M
charset: utf-8^M
WWW-Authenticate: basic realm="My Realm"^M
Cache-Control: must-revalidate,no-cache,no-store^M
Content-Type: text/html;charset=iso-8859-1^M
Successful request
2020-06-08 19:11:37.168:DBUG:oejs.HttpChannel:qtp1025799482-19: REQUEST for
//host:port/?cmd=test+cmd2&xml=true&xml=yes on HttpChannelOverHttp@3b24bfa2
{s=HttpChannelState@10c29e8e{s=IDLE rs=BLOCKING os=OPEN is=IDLE awp=false
se=false i=true
al=0},r=1,c=false/false,a=IDLE,uri=//host:port/?cmd=test+cmd2&xml=true&xml=yes,age=7}
GET //host:port/?cmd=test+cmd2&xml=true&xml=yes HTTP/1.1
*Authorization: Basic ZXJzX2FkbWluOldlbGNvbWUxMjM0NQ==*^M
User-Agent: Test Client/1.0^M
Host: host:port^M
Accept: */*^M
Response to the successful request
2020-06-08 19:11:40.080:DBUG:oejs.HttpChannel:qtp1025799482-938: COMMIT for
/ on HttpChannelOverHttp@12cfa2a5{s=HttpChannelState@57cd3e98{s=HANDLING
rs=BLOCKING os=COMMITTED is=IDLE awp=false se=false i=true
al=0},r=1,c=false/false,a=HANDLING,uri=https://host:port/?cmd=test+cmd2
&xml=true&xml=yes,age=2824}
200 HTTP/1.1
X-XSS-Protection: 1^M
X-Content-Type-Options: nosniff^M
Cache-Control: no-cache,no-store,must-revalidate^M
charset: utf-8^M
X-Frame-Options: DENY^M
Content-Security-Policy: frame-ancestors 'none'^M
Set-Cookie: JSESSIONID=node0rx6gub9te2x2a84mtkfa0cpc2.node0; Path=/;
Secure; HttpOnly; SameSite=Strict^M
Expires: Thu, 01 Jan 1970 00:00:00 GMT^M
Content-Type: text/xml;charset=utf-8^M
As you can see, the hashed credentials are exactly the same.
Besides, the only thing I found related online is this link:
https://github.com/eclipse/jetty.project/issues/4223. Not sure if it helps
to troubleshoot the issue.
Best,
Yicheng
_______________________________________________
jetty-users mailing list
[email protected]
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
