You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Dave R (JIRA)" <ji...@apache.org> on 2015/01/25 21:17:34 UTC
[jira] [Created] (HTTPCLIENT-1604) HttpClient fails Basic
Authentication when using RFC2617Scheme
Dave R created HTTPCLIENT-1604:
----------------------------------
Summary: HttpClient fails Basic Authentication when using RFC2617Scheme
Key: HTTPCLIENT-1604
URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1604
Project: HttpComponents HttpClient
Issue Type: Bug
Components: HttpClient
Affects Versions: 4.3.6
Reporter: Dave R
HttpClient fails to process Basic authentication with
MalformedChallengeException - "HttpAuthenticator - Malformed challenge: Authentication challenge is empty"
even though WWW auth header is valid ("WWW-Authenticate: Basic")
AuthSchemeBase.processChallenge(final Header header)
parses through the header, gets the value and checks that it matches the expected scheme name. (AuthSchemeBase: lines 100 through 125)
It then calls parseChallenge(buffer, pos, buffer.length()) (line 127)
In this scenario, pos is equal to buffer.length() because it was just used as the buffer index to find the beginning and end of the value (AuthSchemeBase: lines 114 to 121)
parseChallenge() (overridden in RFC2617Scheme) uses pos as the begin index for a new cursor to be used to parse the header again. (RFC2617Scheme: line 108)
Since pos is pointing to the end of the buffer, it doesn't find any elements and throws MalformedChallengeException("Authentication Challenge is empty")
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org