[jira] [Commented] (CONNECTORS-1564) Support preemptive authentication to Solr connector

2019-01-04 Thread Julian Reschke (JIRA) 


[ 
https://issues.apache.org/jira/browse/CONNECTORS-1564?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16734099#comment-16734099
 ] 

Julian Reschke commented on CONNECTORS-1564:


bq. That's too late because filters kick in first.

The interesting case (for me) is when filters do not kick in, in which case the 
servlet should have a choice of sending "continue" or sending a final status.

I agree that this is not the right place to discuss that; I just wanted to 
point out that although HTTP defines the protocol for this, API support (IMHO) 
is not very good, and thus the original question about preemptive 
authentication makes a lot of sense to me.

> Support preemptive authentication to Solr connector
> ---
>
> Key: CONNECTORS-1564
> URL: https://issues.apache.org/jira/browse/CONNECTORS-1564
> Project: ManifoldCF
>  Issue Type: Improvement
>  Components: Lucene/SOLR connector
>Reporter: Erlend Garåsen
>Assignee: Karl Wright
>Priority: Major
> Attachments: CONNECTORS-1564.patch
>
>
> We should post preemptively in case the Solr server requires basic 
> authentication. This will make the communication between ManifoldCF and Solr 
> much more effective instead of the following:
>  * Send a HTTP POST request to Solr
>  * Solr sends a 401 response
>  * Send the same request, but with a "{{Authorization: Basic}}" header
> With preemptive authentication, we can send the header in the first request.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Comment Edited] (CONNECTORS-1564) Support preemptive authentication to Solr connector

2019-01-04 Thread Michael Osipov (JIRA) 


[ 
https://issues.apache.org/jira/browse/CONNECTORS-1564?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16734094#comment-16734094
 ] 

Michael Osipov edited comment on CONNECTORS-1564 at 1/4/19 12:36 PM:
-

That's too late because filters kick in first. Consider an upload limit filter 
for {{Content-Length}}. The servlet will never see the request. Why should it?

You should direct this question on the Tomat Dev Mailinglist. Mark Thomas is on 
the Servlet API expect group.


was (Author: michael-o):
That's too late because filters kick in first. Consider an upload limit filter 
for {{Content-Length}}. The servlet will never see the request. Why should it?

You should direct this question on the Tomat Dev Mailinglist. Mark Thomas is no 
the Servlet API expect group.

> Support preemptive authentication to Solr connector
> ---
>
> Key: CONNECTORS-1564
> URL: https://issues.apache.org/jira/browse/CONNECTORS-1564
> Project: ManifoldCF
>  Issue Type: Improvement
>  Components: Lucene/SOLR connector
>Reporter: Erlend Garåsen
>Assignee: Karl Wright
>Priority: Major
> Attachments: CONNECTORS-1564.patch
>
>
> We should post preemptively in case the Solr server requires basic 
> authentication. This will make the communication between ManifoldCF and Solr 
> much more effective instead of the following:
>  * Send a HTTP POST request to Solr
>  * Solr sends a 401 response
>  * Send the same request, but with a "{{Authorization: Basic}}" header
> With preemptive authentication, we can send the header in the first request.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Comment Edited] (CONNECTORS-1564) Support preemptive authentication to Solr connector

2019-01-04 Thread Michael Osipov (JIRA) 


[ 
https://issues.apache.org/jira/browse/CONNECTORS-1564?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16734094#comment-16734094
 ] 

Michael Osipov edited comment on CONNECTORS-1564 at 1/4/19 12:27 PM:
-

That's too late because filters kick in first. Consider an upload limit filter 
for {{Content-Length}}. The servlet will never see the request. Why should it?

You should direct this question on the Tomat Dev Mailinglist. Mark Thomas is no 
the Servlet API expect group.


was (Author: michael-o):
That's too late because filters kick in first. Consider a upload limit filter 
for {{Content-Length}}. The servlet will never see the request. Why should it?

You should direct this question on the Tomat Dev Mailinglist. Mark Thomas is no 
the Servlet API expect group.

> Support preemptive authentication to Solr connector
> ---
>
> Key: CONNECTORS-1564
> URL: https://issues.apache.org/jira/browse/CONNECTORS-1564
> Project: ManifoldCF
>  Issue Type: Improvement
>  Components: Lucene/SOLR connector
>Reporter: Erlend Garåsen
>Assignee: Karl Wright
>Priority: Major
> Attachments: CONNECTORS-1564.patch
>
>
> We should post preemptively in case the Solr server requires basic 
> authentication. This will make the communication between ManifoldCF and Solr 
> much more effective instead of the following:
>  * Send a HTTP POST request to Solr
>  * Solr sends a 401 response
>  * Send the same request, but with a "{{Authorization: Basic}}" header
> With preemptive authentication, we can send the header in the first request.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CONNECTORS-1564) Support preemptive authentication to Solr connector

2019-01-04 Thread Michael Osipov (JIRA) 


[ 
https://issues.apache.org/jira/browse/CONNECTORS-1564?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16734094#comment-16734094
 ] 

Michael Osipov commented on CONNECTORS-1564:


That's too late because filters kick in first. Consider a upload limit filter 
for {{Content-Length}}. The servlet will never see the request. Why should it?

You should direct this question on the Tomat Dev Mailinglist. Mark Thomas is no 
the Servlet API expect group.

> Support preemptive authentication to Solr connector
> ---
>
> Key: CONNECTORS-1564
> URL: https://issues.apache.org/jira/browse/CONNECTORS-1564
> Project: ManifoldCF
>  Issue Type: Improvement
>  Components: Lucene/SOLR connector
>Reporter: Erlend Garåsen
>Assignee: Karl Wright
>Priority: Major
> Attachments: CONNECTORS-1564.patch
>
>
> We should post preemptively in case the Solr server requires basic 
> authentication. This will make the communication between ManifoldCF and Solr 
> much more effective instead of the following:
>  * Send a HTTP POST request to Solr
>  * Solr sends a 401 response
>  * Send the same request, but with a "{{Authorization: Basic}}" header
> With preemptive authentication, we can send the header in the first request.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CONNECTORS-1564) Support preemptive authentication to Solr connector

2019-01-04 Thread Julian Reschke (JIRA) 


[ 
https://issues.apache.org/jira/browse/CONNECTORS-1564?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16734092#comment-16734092
 ] 

Julian Reschke commented on CONNECTORS-1564:


My point is that the ultimate decision whether a 100 status code will be sent 
should be made by the servlet, not the servlet engine. Thus, the servlet API 
should describe under which circumstances the 100 reply is sent.

> Support preemptive authentication to Solr connector
> ---
>
> Key: CONNECTORS-1564
> URL: https://issues.apache.org/jira/browse/CONNECTORS-1564
> Project: ManifoldCF
>  Issue Type: Improvement
>  Components: Lucene/SOLR connector
>Reporter: Erlend Garåsen
>Assignee: Karl Wright
>Priority: Major
> Attachments: CONNECTORS-1564.patch
>
>
> We should post preemptively in case the Solr server requires basic 
> authentication. This will make the communication between ManifoldCF and Solr 
> much more effective instead of the following:
>  * Send a HTTP POST request to Solr
>  * Solr sends a 401 response
>  * Send the same request, but with a "{{Authorization: Basic}}" header
> With preemptive authentication, we can send the header in the first request.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CONNECTORS-1564) Support preemptive authentication to Solr connector

2019-01-04 Thread Michael Osipov (JIRA) 


[ 
https://issues.apache.org/jira/browse/CONNECTORS-1564?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16734052#comment-16734052
 ] 

Michael Osipov commented on CONNECTORS-1564:


[~reschke], why are you look at the servlet spec? *You* wrote the RFC 7230 and 
forth. It fully describes this header which is implemented in Tomcat. As far as 
I understand this is controlled mostly from the client with the header. RFC 
7231, chapter 5.1.1.

> Support preemptive authentication to Solr connector
> ---
>
> Key: CONNECTORS-1564
> URL: https://issues.apache.org/jira/browse/CONNECTORS-1564
> Project: ManifoldCF
>  Issue Type: Improvement
>  Components: Lucene/SOLR connector
>Reporter: Erlend Garåsen
>Assignee: Karl Wright
>Priority: Major
> Attachments: CONNECTORS-1564.patch
>
>
> We should post preemptively in case the Solr server requires basic 
> authentication. This will make the communication between ManifoldCF and Solr 
> much more effective instead of the following:
>  * Send a HTTP POST request to Solr
>  * Solr sends a 401 response
>  * Send the same request, but with a "{{Authorization: Basic}}" header
> With preemptive authentication, we can send the header in the first request.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CONNECTORS-1564) Support preemptive authentication to Solr connector

2019-01-04 Thread Karl Wright (JIRA) 


[ 
https://issues.apache.org/jira/browse/CONNECTORS-1564?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16734041#comment-16734041
 ] 

Karl Wright commented on CONNECTORS-1564:
-

Oleg says:

{quote}
Could you please ask the contributor if he has considered using
AuthCache to implement preemptive BASIC authentication as described
here?

http://hc.apache.org/httpcomponents-client-4.5.x/httpclient/examples/org/apache/http/examples/client/ClientPreemptiveBasicAuthentication.java
{quote}


> Support preemptive authentication to Solr connector
> ---
>
> Key: CONNECTORS-1564
> URL: https://issues.apache.org/jira/browse/CONNECTORS-1564
> Project: ManifoldCF
>  Issue Type: Improvement
>  Components: Lucene/SOLR connector
>Reporter: Erlend Garåsen
>Assignee: Karl Wright
>Priority: Major
> Attachments: CONNECTORS-1564.patch
>
>
> We should post preemptively in case the Solr server requires basic 
> authentication. This will make the communication between ManifoldCF and Solr 
> much more effective instead of the following:
>  * Send a HTTP POST request to Solr
>  * Solr sends a 401 response
>  * Send the same request, but with a "{{Authorization: Basic}}" header
> With preemptive authentication, we can send the header in the first request.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CONNECTORS-1564) Support preemptive authentication to Solr connector

2019-01-04 Thread Julian Reschke (JIRA) 


[ 
https://issues.apache.org/jira/browse/CONNECTORS-1564?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16734034#comment-16734034
 ] 

Julian Reschke commented on CONNECTORS-1564:


[~michael-o] - understood, but can you point me to a servlet API that allows me 
to control handling 100-continue from within a servlet? I just checked 

 and it doesn't even mention 100-continue.

> Support preemptive authentication to Solr connector
> ---
>
> Key: CONNECTORS-1564
> URL: https://issues.apache.org/jira/browse/CONNECTORS-1564
> Project: ManifoldCF
>  Issue Type: Improvement
>  Components: Lucene/SOLR connector
>Reporter: Erlend Garåsen
>Assignee: Karl Wright
>Priority: Major
> Attachments: CONNECTORS-1564.patch
>
>
> We should post preemptively in case the Solr server requires basic 
> authentication. This will make the communication between ManifoldCF and Solr 
> much more effective instead of the following:
>  * Send a HTTP POST request to Solr
>  * Solr sends a 401 response
>  * Send the same request, but with a "{{Authorization: Basic}}" header
> With preemptive authentication, we can send the header in the first request.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CONNECTORS-1564) Support preemptive authentication to Solr connector

2019-01-04 Thread Michael Osipov (JIRA) 


[ 
https://issues.apache.org/jira/browse/CONNECTORS-1564?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16733985#comment-16733985
 ] 

Michael Osipov commented on CONNECTORS-1564:


[~reschke], it perfectly works in Tomcat. I have been using it for years now 
with SPNEGO authentication.

> Support preemptive authentication to Solr connector
> ---
>
> Key: CONNECTORS-1564
> URL: https://issues.apache.org/jira/browse/CONNECTORS-1564
> Project: ManifoldCF
>  Issue Type: Improvement
>  Components: Lucene/SOLR connector
>Reporter: Erlend Garåsen
>Assignee: Karl Wright
>Priority: Major
> Attachments: CONNECTORS-1564.patch
>
>
> We should post preemptively in case the Solr server requires basic 
> authentication. This will make the communication between ManifoldCF and Solr 
> much more effective instead of the following:
>  * Send a HTTP POST request to Solr
>  * Solr sends a 401 response
>  * Send the same request, but with a "{{Authorization: Basic}}" header
> With preemptive authentication, we can send the header in the first request.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)