Author: olegk
Date: Wed Jun 15 11:02:44 2005
New Revision: 190785
URL: http://svn.apache.org/viewcvs?rev=190785&view=rev
Log:
PR #34909 (Document the problem with MS impl of digest authentication with
older JREs and stale connection check)
Contributed by Oleg Kalnichevski
Reviewed by Ortwin Glück and Michael Becke
Modified:
jakarta/commons/proper/httpclient/trunk/xdocs/authentication.xml
jakarta/commons/proper/httpclient/trunk/xdocs/sslguide.xml
jakarta/commons/proper/httpclient/trunk/xdocs/troubleshooting.xml
Modified: jakarta/commons/proper/httpclient/trunk/xdocs/authentication.xml
URL:
http://svn.apache.org/viewcvs/jakarta/commons/proper/httpclient/trunk/xdocs/authentication.xml?rev=190785&r1=190784&r2=190785&view=diff
==============================================================================
--- jakarta/commons/proper/httpclient/trunk/xdocs/authentication.xml (original)
+++ jakarta/commons/proper/httpclient/trunk/xdocs/authentication.xml Wed Jun 15
11:02:44 2005
@@ -36,6 +36,7 @@
</ul>
</li>
<li><a href="#Examples">Examples</a></li>
+ <li><a href="#Known limitations and problems">Known limitations
and problems</a></li>
<li><a href="#Troubleshooting">Troubleshooting</a></li>
</ul>
</subsection>
@@ -234,6 +235,27 @@
</ul>
</p>
</section>
+
+ <section name="Known limitations and problems">
+
+ <ol>
+ <li>
+ <p>
+ <strong>Authetication schemes that rely on persistent connection
state do not work on Sun's JVMs
+ below 1.4 if SSL is used</strong>
+ </p>
+ <p>
+ For details please refer to the <a
href="sslguide.html#Known%20limitations%20and%20problems">Known
+ limitations and problems</a> section of the <a
href="sslguide.html">SSL Guide</a>
+ </p>
+ <p>
+ <strong>Workaround:</strong> Disable stale connection check or
upgrade to Java 1.4 or above.
+ </p>
+ </li>
+ </ol>
+
+ </section>
+
<section name="Troubleshooting">
<p>Some authentication schemes may use cryptographic algorithms. It is
recommended to include the
Modified: jakarta/commons/proper/httpclient/trunk/xdocs/sslguide.xml
URL:
http://svn.apache.org/viewcvs/jakarta/commons/proper/httpclient/trunk/xdocs/sslguide.xml?rev=190785&r1=190784&r2=190785&view=diff
==============================================================================
--- jakarta/commons/proper/httpclient/trunk/xdocs/sslguide.xml (original)
+++ jakarta/commons/proper/httpclient/trunk/xdocs/sslguide.xml Wed Jun 15
11:02:44 2005
@@ -240,8 +240,29 @@
</p>
<p>
- <strong>Workaround:</strong> If persistent SSL connections support is
an issue for your
- application we strongly advise you to upgrade to Java 1.4.
+ <strong>Workaround:</strong> Disable stale connection check if
upgrade to Java 1.4 or above is
+ not an option. Please note that HttpClient will no longer be able to
detect invalid connections
+ and some requests may fail due to transport errors. For details on
how transport errors can be
+ recovered from please refer to the <a
href="exception-handling.html#Transport%20exceptions">
+ Exception Handling Guide</a>. If persistent SSL connections support
and transport reliability
+ is an issue for your application we strongly advise you to upgrade
to Java 1.4.
+ </p>
+ </li>
+ <li>
+ <p>
+ <strong>Authetication schemes that rely on persistent connection
state do not work on Sun's JVMs
+ below 1.4 if SSL is used</strong>
+ </p>
+ <p>
+ This problem is directly related to the problem described above.
Certain authentication schemes or
+ certain implementations of standard authentication schemes are
connection based, that is, the user
+ authentication is performed once when the connection is being
established, rather than every time
+ a request is being processed. Microsoft NTLM scheme and Digest
scheme as implemented in Microsoft
+ Proxy and IIS servers are known to fall into this category. If
connections cannot be kept alive
+ the user authorization is lost along with the persistent connection
state
+ </p>
+ <p>
+ <strong>Workaround:</strong> Disable stale connection check or
upgrade to Java 1.4 or above.
</p>
</li>
Modified: jakarta/commons/proper/httpclient/trunk/xdocs/troubleshooting.xml
URL:
http://svn.apache.org/viewcvs/jakarta/commons/proper/httpclient/trunk/xdocs/troubleshooting.xml?rev=190785&r1=190784&r2=190785&view=diff
==============================================================================
--- jakarta/commons/proper/httpclient/trunk/xdocs/troubleshooting.xml (original)
+++ jakarta/commons/proper/httpclient/trunk/xdocs/troubleshooting.xml Wed Jun
15 11:02:44 2005
@@ -39,6 +39,12 @@
communication between the client and server to determine where the
problem is occurring.</li>
+ <li>Consult the "Known limitations and problems" section of the
+ <a href="sslguide.html#Known%20limitations%20and%20problems">SSL
Guide</a>
+ and the <a
href="authentication.html#Known%20limitations%20and%20problems">
+ Authentication Guide</a> to see if this is a known problem and
follow the
+ instructions given in these resources</li>
+
<li>Use telnet or netcat to manually send the request to the server.
This is particularly useful once you think you know what the problem is
and you want to easily test that changing what <em>HttpClient</em>
sends will
@@ -50,6 +56,7 @@
<li>Try updating to the latest nightly build of <em>HttpClient</em>.
Bugs
happen and they are generally fixed pretty quickly so testing against
the latest build is often worthwhile.</li>
+
</ol>
</section>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
