You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@hc.apache.org by "Tobias Wörenkämper (JIRA)" <ji...@apache.org> on 2013/12/04 08:37:35 UTC

[jira] [Created] (HTTPCLIENT-1442) Request loses authorization header when redirected by proxy

Tobias Wörenkämper created HTTPCLIENT-1442:
----------------------------------------------

             Summary: Request loses authorization header when redirected by proxy
                 Key: HTTPCLIENT-1442
                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1442
             Project: HttpComponents HttpClient
          Issue Type: Bug
          Components: HttpClient
    Affects Versions: 4.3.1
            Reporter: Tobias Wörenkämper


While being routed through a proxy the (2nd) request loses the authentication header and hence I am getting a 401 by the target server. In my case the target server does not challenge the authentication which may be the reason (see logs).

I configured my HTTP client like this:
{code}
HttpHost proxy = new HttpHost("proxyhost", Integer.parseInt(####));
AuthScope authScope = new AuthScope(proxy);
BasicCredentialsProvider credentialsProvider = new BasicCredentialsProvider();
Credentials credentials = new UsernamePasswordCredentials("username", "****");
credentialsProvider.setCredentials(authScope, credentials);

RequestConfig requestConfig = RequestConfig.custom()
    .setConnectTimeout(4000)
    .setProxyPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC))
    .setTargetPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC))
    .build();

HttpClient client = HttpClients.custom()
    .setDefaultRequestConfig(requestConfig)
    .setProxy(proxy)
    .setDefaultCredentialsProvider(credentialsProvider)
    .setTargetAuthenticationStrategy(new SummonAuthenticationStrategy())
    .build();
{code}
	
Then I am sending an HTTP request with an Authorization (Authentication) header since the request target needs basic authentication as well:
{code}
    HttpGet getRequest = new HttpGet(“target url”);
    getRequest.addHeader("Authorization", "…..”);
{code}

Please also see the according hc-httpclient-users mailing list entry: http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/201312.mbox/%3C644E476041F9FA46A339547A244DFFAE5FB6EA7B%40BYYZ5B.DE.bayer.cnb%3E.



--
This message was sent by Atlassian JIRA
(v6.1#6144)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org