You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by bu...@apache.org on 2005/08/26 11:12:27 UTC

DO NOT REPLY [Bug 36372] New: - nonce-count in digest auth should not be quoted

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=36372>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=36372

           Summary: nonce-count in digest auth should not be quoted
           Product: HttpClient
           Version: 3.0 RC3
          Platform: PC
        OS/Version: Windows 2000
            Status: NEW
          Keywords: RFC
          Severity: blocker
          Priority: P2
         Component: Commons HttpClient
        AssignedTo: httpclient-dev@jakarta.apache.org
        ReportedBy: ole.henrik@wettre.name


In 3.0rc3 nonce-count (nc) is enclosed in quote marks. According to rfc2617 this
is wrong, nonce-count shouldn't be enclosed in quote marks.

> 3.2.2 The Authorization Request Header
> 
>    The client is expected to retry the request, passing an Authorization
>    header line, which is defined according to the framework above,
>    utilized as follows.
> 
>        credentials      = "Digest" digest-response
>        digest-response  = 1#( username | realm | nonce | digest-uri
>                        | response | [ algorithm ] | [cnonce] |
>                        [opaque] | [message-qop] |
>                            [nonce-count]  | [auth-param] )
> 
>        username         = "username" "=" username-value
>        username-value   = quoted-string
>        digest-uri       = "uri" "=" digest-uri-value
>        digest-uri-value = request-uri   ; As specified by HTTP/1.1
>        message-qop      = "qop" "=" qop-value
>        cnonce           = "cnonce" "=" cnonce-value
>        cnonce-value     = nonce-value
>        nonce-count      = "nc" "=" nc-value
>        nc-value         = 8LHEX
>        response         = "response" "=" request-digest
>        request-digest = <"> 32LHEX <">
>        LHEX             =  "0" | "1" | "2" | "3" |
>                            "4" | "5" | "6" | "7" |
>                            "8" | "9" | "a" | "b" |
>                            "c" | "d" | "e" | "f"

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-dev-help@jakarta.apache.org