You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by "Dan (JIRA)" <ji...@apache.org> on 2009/07/06 15:06:14 UTC
[jira] Commented: (AXIS2-4418) Client is making two requests. The
first one does not specify the http header "Authorization:" which results
in a 401. The client then retries with the header and succeeds with a 200.
[ https://issues.apache.org/jira/browse/AXIS2-4418?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12727511#action_12727511 ]
Dan commented on AXIS2-4418:
----------------------------
Enabling preemptive authentication solved my issue. Would be nice if the user guide mentioned this option under the BASIC authentication section or at least pointed out that it is not enabled by default.
HttpTransportProperties.Authenticator auth = new HttpTransportProperties.Authenticator();
auth.setUsername("foo");
auth.setPassword("bar");
options.setProperty(org.apache.axis2.transport.http.HTTPConstants.AUTHENTICATE, auth);
auth.setPreemptiveAuthentication(true);
> Client is making two requests. The first one does not specify the http header "Authorization:" which results in a 401. The client then retries with the header and succeeds with a 200.
> ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: AXIS2-4418
> URL: https://issues.apache.org/jira/browse/AXIS2-4418
> Project: Axis 2.0 (Axis2)
> Issue Type: Bug
> Affects Versions: 1.4.1
> Environment: $ java -version
> java version "1.4.2_11"
> Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.2_11-b06)
> Java HotSpot(TM) Client VM (build 1.4.2_11-b06, mixed mode)
> Reporter: Dan
> Priority: Critical
>
> Using BASIC authentication:
> HttpTransportProperties.Authenticator auth = new HttpTransportProperties.Authenticator();
> auth.setUsername("foo");
> auth.setPassword("bar");
> options.setProperty(org.apache.axis2.transport.http.HTTPConstants.AUTHENTICATE,auth);
> The first request / response does not include the "Authorization:" header (and it's HTTP/1.1):
> REQUEST
> ------------------------------------------------------------------------------------------------
> POST /iannuity-services/iws/AuthenticationServiceImpl HTTP/1.1
> Content-Type: text/xml; charset=UTF-8
> SOAPAction: ""
> User-Agent: Axis2
> Host: 127.0.0.1:9091
> Content-Length: 450
> RESPONSE
> ------------------------------------------------------------------------------------------------
> HTTP/1.0 401 Unauthorized
> WWW-Authenticate: Basic realm="EJBServiceEndpointServlet Realm"
> Content-Type: text/html;charset=utf-8
> Content-Length: 687
> Date: Tue, 30 Jun 2009 17:53:53 GMT
> Connection: close
> Then it looks like the client retries with the "Authorization:" header (and it's HTTP/1.0):
> REQUEST:
> ------------------------------------------------------------------------------------------------
> POST /iannuity-services/iws/AuthenticationServiceImpl HTTP/1.0
> Content-Type: text/xml; charset=UTF-8
> SOAPAction: ""
> User-Agent: Axis2
> Content-Length: 450
> Authorization: Basic YW5uc2Vydi13cy11c2VyOmZvb2Jhcg==
> Host: 127.0.0.1:9091
> RESPONSE:
> ------------------------------------------------------------------------------------------------
> HTTP/1.0 200 OK
> Content-Type: text/xml;charset=UTF-8
> Date: Tue, 30 Jun 2009 17:53:54 GMT
> Connection: close
> This issues may have already been encountered on the C side:
> https://issues.apache.org/jira/browse/AXIS2C-1244
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.