You are viewing a plain text version of this content. The canonical link for it is here.

Posted to c-dev@axis.apache.org by "Damitha Kumarage (JIRA)" <ji...@apache.org> on 2010/06/28 08:22:51 UTC

[jira] Resolved: (AXIS2C-1372) Setting the content-length header for libcurl causes auth to fail

     [ https://issues.apache.org/jira/browse/AXIS2C-1372?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Damitha Kumarage resolved AXIS2C-1372.
--------------------------------------

    Resolution: Fixed

Patch applied

> Setting the content-length header for libcurl causes auth to fail
> -----------------------------------------------------------------
>
>                 Key: AXIS2C-1372
>                 URL: https://issues.apache.org/jira/browse/AXIS2C-1372
>             Project: Axis2-C
>          Issue Type: Bug
>          Components: transport/http
>    Affects Versions: 1.6.0
>            Reporter: Incarnadine
>            Assignee: S.Uthaiyashankar
>            Priority: Blocker
>             Fix For: 1.7.0
>
>         Attachments: RemoveContentLengthHeader.diff
>
>   Original Estimate: 0.08h
>  Remaining Estimate: 0.08h
>
> Certain auth schemes, like NTLM, may result in an empty request (no body, content-length:0) being sent to the server first to trigger a 401 auth challenge so as not to waste bandwidth by posting the real message body twice when it knows the first request will result in an auth challenge.
> Libcurl currently has a bug where it will use the specified content-length on this first request instead of sending 0, which will cause subsequent requests to fail because the message body was never sent. 
> Since libcurl automatically calculates the content-length based on the POST size, it's not necessary to specify it from Axis2/C. Removing this header allows libcurl to calculate the length and send the correct values during both requests.
> I recommend the content-length setting code be removed because:
> 1. It doesn't appear to be needed
> 2. Curl docs do not recommend specifying a content-length header
> 3. It's currently the only way to get NTLM authentication working (see AXIS2C-1370)

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: c-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: c-dev-help@axis.apache.org