You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@hc.apache.org by "Tobias Wörenkämper (JIRA)" <ji...@apache.org> on 2013/12/04 08:37:51 UTC

[jira] [Updated] (HTTPCLIENT-1442) Request loses authorization header when redirected by proxy

     [ https://issues.apache.org/jira/browse/HTTPCLIENT-1442?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Tobias Wörenkämper updated HTTPCLIENT-1442:
-------------------------------------------

    Attachment: auth_header_lost.txt

> Request loses authorization header when redirected by proxy
> -----------------------------------------------------------
>
>                 Key: HTTPCLIENT-1442
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1442
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient
>    Affects Versions: 4.3.1
>            Reporter: Tobias Wörenkämper
>         Attachments: auth_header_lost.txt
>
>
> While being routed through a proxy the (2nd) request loses the authentication header and hence I am getting a 401 by the target server. In my case the target server does not challenge the authentication which may be the reason (see logs).
> I configured my HTTP client like this:
> {code}
> HttpHost proxy = new HttpHost("proxyhost", Integer.parseInt(####));
> AuthScope authScope = new AuthScope(proxy);
> BasicCredentialsProvider credentialsProvider = new BasicCredentialsProvider();
> Credentials credentials = new UsernamePasswordCredentials("username", "****");
> credentialsProvider.setCredentials(authScope, credentials);
> RequestConfig requestConfig = RequestConfig.custom()
>     .setConnectTimeout(4000)
>     .setProxyPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC))
>     .setTargetPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC))
>     .build();
> HttpClient client = HttpClients.custom()
>     .setDefaultRequestConfig(requestConfig)
>     .setProxy(proxy)
>     .setDefaultCredentialsProvider(credentialsProvider)
>     .setTargetAuthenticationStrategy(new SummonAuthenticationStrategy())
>     .build();
> {code}
> 	
> Then I am sending an HTTP request with an Authorization (Authentication) header since the request target needs basic authentication as well:
> {code}
>     HttpGet getRequest = new HttpGet(“target url”);
>     getRequest.addHeader("Authorization", "…..”);
> {code}
> Please also see the according hc-httpclient-users mailing list entry: http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/201312.mbox/%3C644E476041F9FA46A339547A244DFFAE5FB6EA7B%40BYYZ5B.DE.bayer.cnb%3E.



--
This message was sent by Atlassian JIRA
(v6.1#6144)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org