[jira] [Resolved] (HTTPCLIENT-1901) Digest Auth Example Not Working with 4.5.4

["Oleg Kalnichevski (JIRA)" <ji...@apache.org>]

     [ https://issues.apache.org/jira/browse/HTTPCLIENT-1901?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Oleg Kalnichevski resolved HTTPCLIENT-1901.
-------------------------------------------
    Resolution: Invalid

If you take a closer look at 4.5.3 log you will see that the first message exchange containing preemptively generated auth response actually fails and is retried using normal digest challenge / response exchange, which basically conceals the fact that the preemptive authentication failed. HC 4.5.5 in my opinion does the right thing. If the preemptive authentication fails it correctly propagates the error back to the caller.   

Oleg

> Digest Auth Example Not Working with 4.5.4
> ------------------------------------------
>
>                 Key: HTTPCLIENT-1901
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1901
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>            Reporter: David Schreibman
>            Priority: Major
>         Attachments: log453.log, log455.log
>
>
> This example is not working as of 4.5.4
> [https://hc.apache.org/httpcomponents-client-ga/httpclient/examples/org/apache/http/examples/client/ClientPreemptiveDigestAuthentication.java]
> I suspect it's due to
>  * [HTTPCLIENT-1855] Disabled caching of DIGEST auth scheme instances due to unreliability of nonce counter
>  when the auth cache is shared by multiple sessions.
>  Contributed by Oleg Kalnichevski <olegk at apache.org>
> Are you saying the example is no longer supported? If so, take it down.
> Can we have an example of non-preemptive digest auth?
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org