You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Moshe Elisha (JIRA)" <ji...@apache.org> on 2012/10/04 10:25:07 UTC
[jira] [Created] (HTTPCLIENT-1242) Preemptive authentication using
AuthCache stopped working
Moshe Elisha created HTTPCLIENT-1242:
----------------------------------------
Summary: Preemptive authentication using AuthCache stopped working
Key: HTTPCLIENT-1242
URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1242
Project: HttpComponents HttpClient
Issue Type: Bug
Affects Versions: 4.2.1, 4.2 Final
Environment: JDK 1.6
Reporter: Moshe Elisha
Running the following example with httpclient and httpcore 4.1.1 works fine.
When using httpclient 4.2.1 + httpcore 4.2.2 or httpclient 4.2 + httpcore 4.2, I get "401 Unauthorized".
The test source code
package test;
import org.apache.http.HttpEntity;
import org.apache.http.HttpHost;
import org.apache.http.HttpResponse;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.AuthCache;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.protocol.ClientContext;
import org.apache.http.impl.auth.BasicScheme;
import org.apache.http.impl.client.BasicAuthCache;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.protocol.BasicHttpContext;
import org.apache.http.util.EntityUtils;
public class ClientPreemptiveBasicAuthentication {
public static void main(String[] args) throws Exception {
HttpHost targetHost = new HttpHost("api.heroku.com", -1, "https");
DefaultHttpClient httpclient = new DefaultHttpClient();
try {
httpclient.getCredentialsProvider().setCredentials(
new AuthScope(targetHost.getHostName(), targetHost.getPort()),
new UsernamePasswordCredentials("username", "password"));
// Create AuthCache instance
AuthCache authCache = new BasicAuthCache();
// Generate BASIC scheme object and add it to the local
// auth cache
BasicScheme basicAuth = new BasicScheme();
authCache.put(targetHost, basicAuth);
// Add AuthCache to the execution context
BasicHttpContext localcontext = new BasicHttpContext();
localcontext.setAttribute(ClientContext.AUTH_CACHE, authCache);
HttpGet httpget = new HttpGet("/vendor/apps/");
System.out.println("executing request: " + httpget.getRequestLine());
System.out.println("to target: " + targetHost);
HttpResponse response = httpclient.execute(targetHost, httpget, localcontext);
HttpEntity entity = response.getEntity();
System.out.println("----------------------------------------");
System.out.println(response.getStatusLine());
if (entity != null) {
System.out.println("Response content length: " + entity.getContentLength());
}
EntityUtils.consume(entity);
} finally {
// When HttpClient instance is no longer needed,
// shut down the connection manager to ensure
// immediate deallocation of all system resources
httpclient.getConnectionManager().shutdown();
}
}
}
Working 4.1.1 TRACE output:
executing request: GET /vendor/apps/ HTTP/1.1
to target: https://api.heroku.com
2012-10-04 09:31:31,888 DEBUG [main] SingleClientConnManager:212 - Get connection for route HttpRoute[{s}->https://api.heroku.com]
2012-10-04 09:31:32,846 DEBUG [main] DefaultClientConnectionOperator:145 - Connecting to api.heroku.com/50.16.204.172:443
2012-10-04 09:31:33,760 DEBUG [main] RequestAddCookies:132 - CookieSpec selected: best-match
2012-10-04 09:31:33,774 DEBUG [main] RequestAuthCache:112 - Re-using cached 'basic' auth scheme for https://api.heroku.com
2012-10-04 09:31:33,938 DEBUG [main] DefaultHttpClient:631 - Attempt 1 to execute request
2012-10-04 09:31:33,939 DEBUG [main] DefaultClientConnection:264 - Sending request: GET /vendor/apps/ HTTP/1.1
2012-10-04 09:31:33,939 DEBUG [main] wire:63 - >> "GET /vendor/apps/ HTTP/1.1[\r][\n]"
2012-10-04 09:31:33,940 DEBUG [main] wire:63 - >> "Host: api.heroku.com[\r][\n]"
2012-10-04 09:31:33,940 DEBUG [main] wire:63 - >> "Connection: Keep-Alive[\r][\n]"
2012-10-04 09:31:33,940 DEBUG [main] wire:63 - >> "User-Agent: Apache-HttpClient/4.1.1 (java 1.5)[\r][\n]"
2012-10-04 09:31:33,940 DEBUG [main] wire:63 - >> "Authorization: Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX[\r][\n]"
2012-10-04 09:31:33,940 DEBUG [main] wire:63 - >> "[\r][\n]"
2012-10-04 09:31:33,940 DEBUG [main] headers:268 - >> GET /vendor/apps/ HTTP/1.1
2012-10-04 09:31:33,940 DEBUG [main] headers:271 - >> Host: api.heroku.com
2012-10-04 09:31:33,940 DEBUG [main] headers:271 - >> Connection: Keep-Alive
2012-10-04 09:31:33,940 DEBUG [main] headers:271 - >> User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
2012-10-04 09:31:33,942 DEBUG [main] headers:271 - >> Authorization: Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
2012-10-04 09:31:38,545 DEBUG [main] wire:63 - << "HTTP/1.1 200 OK[\r][\n]"
2012-10-04 09:31:38,548 DEBUG [main] wire:63 - << "Cache-Control: private, max-age=0, must-revalidate[\r][\n]"
2012-10-04 09:31:38,548 DEBUG [main] wire:63 - << "Content-Type: application/json; charset=utf-8[\r][\n]"
2012-10-04 09:31:38,549 DEBUG [main] wire:63 - << "Date: Thu, 04 Oct 2012 07:32:24 GMT[\r][\n]"
2012-10-04 09:31:38,549 DEBUG [main] wire:63 - << "ETag: "dbfbf824d9c6565b3e0d663411d5c710"[\r][\n]"
2012-10-04 09:31:38,549 DEBUG [main] wire:63 - << "Server: nginx/1.2.3[\r][\n]"
2012-10-04 09:31:38,550 DEBUG [main] wire:63 - << "Status: 200 OK[\r][\n]"
2012-10-04 09:31:38,550 DEBUG [main] wire:63 - << "Strict-Transport-Security: max-age=500[\r][\n]"
2012-10-04 09:31:38,550 DEBUG [main] wire:63 - << "X-Runtime: 3726[\r][\n]"
2012-10-04 09:31:38,550 DEBUG [main] wire:63 - << "Content-Length: 100953[\r][\n]"
2012-10-04 09:31:38,550 DEBUG [main] wire:63 - << "Connection: keep-alive[\r][\n]"
2012-10-04 09:31:38,551 DEBUG [main] wire:63 - << "[\r][\n]"
2012-10-04 09:31:38,551 DEBUG [main] DefaultClientConnection:249 - Receiving response: HTTP/1.1 200 OK
2012-10-04 09:31:38,551 DEBUG [main] headers:252 - << HTTP/1.1 200 OK
2012-10-04 09:31:38,552 DEBUG [main] headers:255 - << Cache-Control: private, max-age=0, must-revalidate
2012-10-04 09:31:38,552 DEBUG [main] headers:255 - << Content-Type: application/json; charset=utf-8
2012-10-04 09:31:38,552 DEBUG [main] headers:255 - << Date: Thu, 04 Oct 2012 07:32:24 GMT
2012-10-04 09:31:38,552 DEBUG [main] headers:255 - << ETag: "dbfbf824d9c6565b3e0d663411d5c710"
2012-10-04 09:31:38,552 DEBUG [main] headers:255 - << Server: nginx/1.2.3
2012-10-04 09:31:38,552 DEBUG [main] headers:255 - << Status: 200 OK
2012-10-04 09:31:38,553 DEBUG [main] headers:255 - << Strict-Transport-Security: max-age=500
2012-10-04 09:31:38,553 DEBUG [main] headers:255 - << X-Runtime: 3726
2012-10-04 09:31:38,553 DEBUG [main] headers:255 - << Content-Length: 100953
2012-10-04 09:31:38,553 DEBUG [main] headers:255 - << Connection: keep-alive
2012-10-04 09:31:38,561 DEBUG [main] DefaultHttpClient:477 - Connection can be kept alive indefinitely
----------------------------------------
HTTP/1.1 200 OK
Response content length: 100953
Non-working httpclient 4.2.1 + httpcore 4.2.2 TRACE output:
executing request: GET /vendor/apps/ HTTP/1.1
to target: https://api.heroku.com
2012-10-04 09:29:16,976 DEBUG [main] BasicClientConnectionManager:157 - Get connection for route {s}->https://api.heroku.com
2012-10-04 09:29:17,392 DEBUG [main] DefaultClientConnectionOperator:177 - Connecting to api.heroku.com:443
2012-10-04 09:29:18,432 DEBUG [main] RequestAddCookies:132 - CookieSpec selected: best-match
2012-10-04 09:29:18,441 DEBUG [main] RequestTargetAuthentication:78 - Target auth state: UNCHALLENGED
2012-10-04 09:29:18,441 DEBUG [main] RequestProxyAuthentication:87 - Proxy auth state: UNCHALLENGED
2012-10-04 09:29:18,442 DEBUG [main] DefaultHttpClient:710 - Attempt 1 to execute request
2012-10-04 09:29:18,442 DEBUG [main] DefaultClientConnection:269 - Sending request: GET /vendor/apps/ HTTP/1.1
2012-10-04 09:29:18,442 DEBUG [main] wire:63 - >> "GET /vendor/apps/ HTTP/1.1[\r][\n]"
2012-10-04 09:29:18,443 DEBUG [main] wire:63 - >> "Host: api.heroku.com[\r][\n]"
2012-10-04 09:29:18,443 DEBUG [main] wire:63 - >> "Connection: Keep-Alive[\r][\n]"
2012-10-04 09:29:18,443 DEBUG [main] wire:63 - >> "User-Agent: Apache-HttpClient/4.2.1 (java 1.5)[\r][\n]"
2012-10-04 09:29:18,443 DEBUG [main] wire:63 - >> "[\r][\n]"
2012-10-04 09:29:18,444 DEBUG [main] headers:273 - >> GET /vendor/apps/ HTTP/1.1
2012-10-04 09:29:18,444 DEBUG [main] headers:276 - >> Host: api.heroku.com
2012-10-04 09:29:18,444 DEBUG [main] headers:276 - >> Connection: Keep-Alive
2012-10-04 09:29:18,444 DEBUG [main] headers:276 - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
2012-10-04 09:29:19,553 DEBUG [main] wire:63 - << "HTTP/1.1 401 Unauthorized[\r][\n]"
2012-10-04 09:29:19,557 DEBUG [main] wire:63 - << "Cache-Control: no-cache[\r][\n]"
2012-10-04 09:29:19,557 DEBUG [main] wire:63 - << "Content-Type: application/json; charset=utf-8[\r][\n]"
2012-10-04 09:29:19,557 DEBUG [main] wire:63 - << "Date: Thu, 04 Oct 2012 07:30:05 GMT[\r][\n]"
2012-10-04 09:29:19,557 DEBUG [main] wire:63 - << "Server: nginx/1.2.3[\r][\n]"
2012-10-04 09:29:19,558 DEBUG [main] wire:63 - << "Status: 401 Unauthorized[\r][\n]"
2012-10-04 09:29:19,558 DEBUG [main] wire:63 - << "Strict-Transport-Security: max-age=500[\r][\n]"
2012-10-04 09:29:19,558 DEBUG [main] wire:63 - << "X-Runtime: 15[\r][\n]"
2012-10-04 09:29:19,559 DEBUG [main] wire:63 - << "Content-Length: 25[\r][\n]"
2012-10-04 09:29:19,559 DEBUG [main] wire:63 - << "Connection: keep-alive[\r][\n]"
2012-10-04 09:29:19,559 DEBUG [main] wire:63 - << "[\r][\n]"
2012-10-04 09:29:19,560 DEBUG [main] DefaultClientConnection:254 - Receiving response: HTTP/1.1 401 Unauthorized
2012-10-04 09:29:19,561 DEBUG [main] headers:257 - << HTTP/1.1 401 Unauthorized
2012-10-04 09:29:19,561 DEBUG [main] headers:260 - << Cache-Control: no-cache
2012-10-04 09:29:19,561 DEBUG [main] headers:260 - << Content-Type: application/json; charset=utf-8
2012-10-04 09:29:19,561 DEBUG [main] headers:260 - << Date: Thu, 04 Oct 2012 07:30:05 GMT
2012-10-04 09:29:19,561 DEBUG [main] headers:260 - << Server: nginx/1.2.3
2012-10-04 09:29:19,561 DEBUG [main] headers:260 - << Status: 401 Unauthorized
2012-10-04 09:29:19,562 DEBUG [main] headers:260 - << Strict-Transport-Security: max-age=500
2012-10-04 09:29:19,562 DEBUG [main] headers:260 - << X-Runtime: 15
2012-10-04 09:29:19,562 DEBUG [main] headers:260 - << Content-Length: 25
2012-10-04 09:29:19,562 DEBUG [main] headers:260 - << Connection: keep-alive
2012-10-04 09:29:19,569 DEBUG [main] DefaultHttpClient:540 - Connection can be kept alive indefinitely
2012-10-04 09:29:19,570 DEBUG [main] DefaultHttpClient:92 - api.heroku.com:443 requested authentication
2012-10-04 09:29:19,570 DEBUG [main] DefaultHttpClient:96 - Response contains no authentication challenges
----------------------------------------
HTTP/1.1 401 Unauthorized
Response content length: 25
2012-10-04 09:29:19,572 DEBUG [main] wire:77 - << "{"error":"Access denied"}"
2012-10-04 09:29:19,572 DEBUG [main] BasicClientConnectionManager:189 - Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl@1aef4504
2012-10-04 09:29:19,572 DEBUG [main] BasicClientConnectionManager:219 - Connection can be kept alive indefinitely
2012-10-04 09:29:19,573 DEBUG [main] DefaultClientConnection:169 - Connection 0.0.0.0:60524<->50.16.204.172:443 closed
My current workaround is to manually add the authentication header:
NEW WORKING example tested with 4.2+4.2 and client 4.2.1 and core 4.2.2
package test;
import org.apache.http.HttpEntity;
import org.apache.http.HttpHost;
import org.apache.http.HttpResponse;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.ContextAwareAuthScheme;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.AuthCache;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.protocol.ClientContext;
import org.apache.http.impl.auth.BasicScheme;
import org.apache.http.impl.client.BasicAuthCache;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.protocol.BasicHttpContext;
import org.apache.http.util.EntityUtils;
public class ClientPreemptiveBasicAuthentication {
public static void main(String[] args) throws Exception {
DefaultHttpClient httpclient = new DefaultHttpClient();
try {
UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials("username", "password");
// Add AuthCache to the execution context
BasicHttpContext localcontext = new BasicHttpContext();
HttpGet httpget = new HttpGet("https://api.heroku.com/vendor/apps/");
httpget.addHeader(new BasicScheme().authenticate(usernamePasswordCredentials, httpget, localcontext));
System.out.println("executing request: " + httpget.getRequestLine());
HttpResponse response = httpclient.execute(httpget, localcontext);
HttpEntity entity = response.getEntity();
System.out.println("----------------------------------------");
System.out.println(response.getStatusLine());
if (entity != null) {
System.out.println("Response content length: " + entity.getContentLength());
}
EntityUtils.consume(entity);
} finally {
// When HttpClient instance is no longer needed,
// shut down the connection manager to ensure
// immediate deallocation of all system resources
httpclient.getConnectionManager().shutdown();
}
}
}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org
[jira] [Resolved] (HTTPCLIENT-1242) Preemptive authentication using
AuthCache stopped working
Posted by "Oleg Kalnichevski (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HTTPCLIENT-1242?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Oleg Kalnichevski resolved HTTPCLIENT-1242.
-------------------------------------------
Resolution: Duplicate
Duplicate of HTTPCLIENT-1215
> Preemptive authentication using AuthCache stopped working
> ---------------------------------------------------------
>
> Key: HTTPCLIENT-1242
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1242
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Affects Versions: 4.2 Final, 4.2.1
> Environment: JDK 1.6
> Reporter: Moshe Elisha
>
> Running the following example with httpclient and httpcore 4.1.1 works fine.
> When using httpclient 4.2.1 + httpcore 4.2.2 or httpclient 4.2 + httpcore 4.2, I get "401 Unauthorized".
> The test source code
> package test;
> import org.apache.http.HttpEntity;
> import org.apache.http.HttpHost;
> import org.apache.http.HttpResponse;
> import org.apache.http.auth.AuthScope;
> import org.apache.http.auth.UsernamePasswordCredentials;
> import org.apache.http.client.AuthCache;
> import org.apache.http.client.methods.HttpGet;
> import org.apache.http.client.protocol.ClientContext;
> import org.apache.http.impl.auth.BasicScheme;
> import org.apache.http.impl.client.BasicAuthCache;
> import org.apache.http.impl.client.DefaultHttpClient;
> import org.apache.http.protocol.BasicHttpContext;
> import org.apache.http.util.EntityUtils;
> public class ClientPreemptiveBasicAuthentication {
> public static void main(String[] args) throws Exception {
> HttpHost targetHost = new HttpHost("api.heroku.com", -1, "https");
> DefaultHttpClient httpclient = new DefaultHttpClient();
> try {
> httpclient.getCredentialsProvider().setCredentials(
> new AuthScope(targetHost.getHostName(), targetHost.getPort()),
> new UsernamePasswordCredentials("username", "password"));
> // Create AuthCache instance
> AuthCache authCache = new BasicAuthCache();
> // Generate BASIC scheme object and add it to the local
> // auth cache
> BasicScheme basicAuth = new BasicScheme();
> authCache.put(targetHost, basicAuth);
> // Add AuthCache to the execution context
> BasicHttpContext localcontext = new BasicHttpContext();
> localcontext.setAttribute(ClientContext.AUTH_CACHE, authCache);
> HttpGet httpget = new HttpGet("/vendor/apps/");
> System.out.println("executing request: " + httpget.getRequestLine());
> System.out.println("to target: " + targetHost);
> HttpResponse response = httpclient.execute(targetHost, httpget, localcontext);
> HttpEntity entity = response.getEntity();
> System.out.println("----------------------------------------");
> System.out.println(response.getStatusLine());
> if (entity != null) {
> System.out.println("Response content length: " + entity.getContentLength());
> }
> EntityUtils.consume(entity);
> } finally {
> // When HttpClient instance is no longer needed,
> // shut down the connection manager to ensure
> // immediate deallocation of all system resources
> httpclient.getConnectionManager().shutdown();
> }
> }
> }
> Working 4.1.1 TRACE output:
> executing request: GET /vendor/apps/ HTTP/1.1
> to target: https://api.heroku.com
> 2012-10-04 09:31:31,888 DEBUG [main] SingleClientConnManager:212 - Get connection for route HttpRoute[{s}->https://api.heroku.com]
> 2012-10-04 09:31:32,846 DEBUG [main] DefaultClientConnectionOperator:145 - Connecting to api.heroku.com/50.16.204.172:443
> 2012-10-04 09:31:33,760 DEBUG [main] RequestAddCookies:132 - CookieSpec selected: best-match
> 2012-10-04 09:31:33,774 DEBUG [main] RequestAuthCache:112 - Re-using cached 'basic' auth scheme for https://api.heroku.com
> 2012-10-04 09:31:33,938 DEBUG [main] DefaultHttpClient:631 - Attempt 1 to execute request
> 2012-10-04 09:31:33,939 DEBUG [main] DefaultClientConnection:264 - Sending request: GET /vendor/apps/ HTTP/1.1
> 2012-10-04 09:31:33,939 DEBUG [main] wire:63 - >> "GET /vendor/apps/ HTTP/1.1[\r][\n]"
> 2012-10-04 09:31:33,940 DEBUG [main] wire:63 - >> "Host: api.heroku.com[\r][\n]"
> 2012-10-04 09:31:33,940 DEBUG [main] wire:63 - >> "Connection: Keep-Alive[\r][\n]"
> 2012-10-04 09:31:33,940 DEBUG [main] wire:63 - >> "User-Agent: Apache-HttpClient/4.1.1 (java 1.5)[\r][\n]"
> 2012-10-04 09:31:33,940 DEBUG [main] wire:63 - >> "Authorization: Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX[\r][\n]"
> 2012-10-04 09:31:33,940 DEBUG [main] wire:63 - >> "[\r][\n]"
> 2012-10-04 09:31:33,940 DEBUG [main] headers:268 - >> GET /vendor/apps/ HTTP/1.1
> 2012-10-04 09:31:33,940 DEBUG [main] headers:271 - >> Host: api.heroku.com
> 2012-10-04 09:31:33,940 DEBUG [main] headers:271 - >> Connection: Keep-Alive
> 2012-10-04 09:31:33,940 DEBUG [main] headers:271 - >> User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
> 2012-10-04 09:31:33,942 DEBUG [main] headers:271 - >> Authorization: Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
> 2012-10-04 09:31:38,545 DEBUG [main] wire:63 - << "HTTP/1.1 200 OK[\r][\n]"
> 2012-10-04 09:31:38,548 DEBUG [main] wire:63 - << "Cache-Control: private, max-age=0, must-revalidate[\r][\n]"
> 2012-10-04 09:31:38,548 DEBUG [main] wire:63 - << "Content-Type: application/json; charset=utf-8[\r][\n]"
> 2012-10-04 09:31:38,549 DEBUG [main] wire:63 - << "Date: Thu, 04 Oct 2012 07:32:24 GMT[\r][\n]"
> 2012-10-04 09:31:38,549 DEBUG [main] wire:63 - << "ETag: "dbfbf824d9c6565b3e0d663411d5c710"[\r][\n]"
> 2012-10-04 09:31:38,549 DEBUG [main] wire:63 - << "Server: nginx/1.2.3[\r][\n]"
> 2012-10-04 09:31:38,550 DEBUG [main] wire:63 - << "Status: 200 OK[\r][\n]"
> 2012-10-04 09:31:38,550 DEBUG [main] wire:63 - << "Strict-Transport-Security: max-age=500[\r][\n]"
> 2012-10-04 09:31:38,550 DEBUG [main] wire:63 - << "X-Runtime: 3726[\r][\n]"
> 2012-10-04 09:31:38,550 DEBUG [main] wire:63 - << "Content-Length: 100953[\r][\n]"
> 2012-10-04 09:31:38,550 DEBUG [main] wire:63 - << "Connection: keep-alive[\r][\n]"
> 2012-10-04 09:31:38,551 DEBUG [main] wire:63 - << "[\r][\n]"
> 2012-10-04 09:31:38,551 DEBUG [main] DefaultClientConnection:249 - Receiving response: HTTP/1.1 200 OK
> 2012-10-04 09:31:38,551 DEBUG [main] headers:252 - << HTTP/1.1 200 OK
> 2012-10-04 09:31:38,552 DEBUG [main] headers:255 - << Cache-Control: private, max-age=0, must-revalidate
> 2012-10-04 09:31:38,552 DEBUG [main] headers:255 - << Content-Type: application/json; charset=utf-8
> 2012-10-04 09:31:38,552 DEBUG [main] headers:255 - << Date: Thu, 04 Oct 2012 07:32:24 GMT
> 2012-10-04 09:31:38,552 DEBUG [main] headers:255 - << ETag: "dbfbf824d9c6565b3e0d663411d5c710"
> 2012-10-04 09:31:38,552 DEBUG [main] headers:255 - << Server: nginx/1.2.3
> 2012-10-04 09:31:38,552 DEBUG [main] headers:255 - << Status: 200 OK
> 2012-10-04 09:31:38,553 DEBUG [main] headers:255 - << Strict-Transport-Security: max-age=500
> 2012-10-04 09:31:38,553 DEBUG [main] headers:255 - << X-Runtime: 3726
> 2012-10-04 09:31:38,553 DEBUG [main] headers:255 - << Content-Length: 100953
> 2012-10-04 09:31:38,553 DEBUG [main] headers:255 - << Connection: keep-alive
> 2012-10-04 09:31:38,561 DEBUG [main] DefaultHttpClient:477 - Connection can be kept alive indefinitely
> ----------------------------------------
> HTTP/1.1 200 OK
> Response content length: 100953
> Non-working httpclient 4.2.1 + httpcore 4.2.2 TRACE output:
> executing request: GET /vendor/apps/ HTTP/1.1
> to target: https://api.heroku.com
> 2012-10-04 09:29:16,976 DEBUG [main] BasicClientConnectionManager:157 - Get connection for route {s}->https://api.heroku.com
> 2012-10-04 09:29:17,392 DEBUG [main] DefaultClientConnectionOperator:177 - Connecting to api.heroku.com:443
> 2012-10-04 09:29:18,432 DEBUG [main] RequestAddCookies:132 - CookieSpec selected: best-match
> 2012-10-04 09:29:18,441 DEBUG [main] RequestTargetAuthentication:78 - Target auth state: UNCHALLENGED
> 2012-10-04 09:29:18,441 DEBUG [main] RequestProxyAuthentication:87 - Proxy auth state: UNCHALLENGED
> 2012-10-04 09:29:18,442 DEBUG [main] DefaultHttpClient:710 - Attempt 1 to execute request
> 2012-10-04 09:29:18,442 DEBUG [main] DefaultClientConnection:269 - Sending request: GET /vendor/apps/ HTTP/1.1
> 2012-10-04 09:29:18,442 DEBUG [main] wire:63 - >> "GET /vendor/apps/ HTTP/1.1[\r][\n]"
> 2012-10-04 09:29:18,443 DEBUG [main] wire:63 - >> "Host: api.heroku.com[\r][\n]"
> 2012-10-04 09:29:18,443 DEBUG [main] wire:63 - >> "Connection: Keep-Alive[\r][\n]"
> 2012-10-04 09:29:18,443 DEBUG [main] wire:63 - >> "User-Agent: Apache-HttpClient/4.2.1 (java 1.5)[\r][\n]"
> 2012-10-04 09:29:18,443 DEBUG [main] wire:63 - >> "[\r][\n]"
> 2012-10-04 09:29:18,444 DEBUG [main] headers:273 - >> GET /vendor/apps/ HTTP/1.1
> 2012-10-04 09:29:18,444 DEBUG [main] headers:276 - >> Host: api.heroku.com
> 2012-10-04 09:29:18,444 DEBUG [main] headers:276 - >> Connection: Keep-Alive
> 2012-10-04 09:29:18,444 DEBUG [main] headers:276 - >> User-Agent: Apache-HttpClient/4.2.1 (java 1.5)
> 2012-10-04 09:29:19,553 DEBUG [main] wire:63 - << "HTTP/1.1 401 Unauthorized[\r][\n]"
> 2012-10-04 09:29:19,557 DEBUG [main] wire:63 - << "Cache-Control: no-cache[\r][\n]"
> 2012-10-04 09:29:19,557 DEBUG [main] wire:63 - << "Content-Type: application/json; charset=utf-8[\r][\n]"
> 2012-10-04 09:29:19,557 DEBUG [main] wire:63 - << "Date: Thu, 04 Oct 2012 07:30:05 GMT[\r][\n]"
> 2012-10-04 09:29:19,557 DEBUG [main] wire:63 - << "Server: nginx/1.2.3[\r][\n]"
> 2012-10-04 09:29:19,558 DEBUG [main] wire:63 - << "Status: 401 Unauthorized[\r][\n]"
> 2012-10-04 09:29:19,558 DEBUG [main] wire:63 - << "Strict-Transport-Security: max-age=500[\r][\n]"
> 2012-10-04 09:29:19,558 DEBUG [main] wire:63 - << "X-Runtime: 15[\r][\n]"
> 2012-10-04 09:29:19,559 DEBUG [main] wire:63 - << "Content-Length: 25[\r][\n]"
> 2012-10-04 09:29:19,559 DEBUG [main] wire:63 - << "Connection: keep-alive[\r][\n]"
> 2012-10-04 09:29:19,559 DEBUG [main] wire:63 - << "[\r][\n]"
> 2012-10-04 09:29:19,560 DEBUG [main] DefaultClientConnection:254 - Receiving response: HTTP/1.1 401 Unauthorized
> 2012-10-04 09:29:19,561 DEBUG [main] headers:257 - << HTTP/1.1 401 Unauthorized
> 2012-10-04 09:29:19,561 DEBUG [main] headers:260 - << Cache-Control: no-cache
> 2012-10-04 09:29:19,561 DEBUG [main] headers:260 - << Content-Type: application/json; charset=utf-8
> 2012-10-04 09:29:19,561 DEBUG [main] headers:260 - << Date: Thu, 04 Oct 2012 07:30:05 GMT
> 2012-10-04 09:29:19,561 DEBUG [main] headers:260 - << Server: nginx/1.2.3
> 2012-10-04 09:29:19,561 DEBUG [main] headers:260 - << Status: 401 Unauthorized
> 2012-10-04 09:29:19,562 DEBUG [main] headers:260 - << Strict-Transport-Security: max-age=500
> 2012-10-04 09:29:19,562 DEBUG [main] headers:260 - << X-Runtime: 15
> 2012-10-04 09:29:19,562 DEBUG [main] headers:260 - << Content-Length: 25
> 2012-10-04 09:29:19,562 DEBUG [main] headers:260 - << Connection: keep-alive
> 2012-10-04 09:29:19,569 DEBUG [main] DefaultHttpClient:540 - Connection can be kept alive indefinitely
> 2012-10-04 09:29:19,570 DEBUG [main] DefaultHttpClient:92 - api.heroku.com:443 requested authentication
> 2012-10-04 09:29:19,570 DEBUG [main] DefaultHttpClient:96 - Response contains no authentication challenges
> ----------------------------------------
> HTTP/1.1 401 Unauthorized
> Response content length: 25
> 2012-10-04 09:29:19,572 DEBUG [main] wire:77 - << "{"error":"Access denied"}"
> 2012-10-04 09:29:19,572 DEBUG [main] BasicClientConnectionManager:189 - Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl@1aef4504
> 2012-10-04 09:29:19,572 DEBUG [main] BasicClientConnectionManager:219 - Connection can be kept alive indefinitely
> 2012-10-04 09:29:19,573 DEBUG [main] DefaultClientConnection:169 - Connection 0.0.0.0:60524<->50.16.204.172:443 closed
> My current workaround is to manually add the authentication header:
> NEW WORKING example tested with 4.2+4.2 and client 4.2.1 and core 4.2.2
> package test;
> import org.apache.http.HttpEntity;
> import org.apache.http.HttpHost;
> import org.apache.http.HttpResponse;
> import org.apache.http.auth.AuthScope;
> import org.apache.http.auth.ContextAwareAuthScheme;
> import org.apache.http.auth.UsernamePasswordCredentials;
> import org.apache.http.client.AuthCache;
> import org.apache.http.client.methods.HttpGet;
> import org.apache.http.client.protocol.ClientContext;
> import org.apache.http.impl.auth.BasicScheme;
> import org.apache.http.impl.client.BasicAuthCache;
> import org.apache.http.impl.client.DefaultHttpClient;
> import org.apache.http.protocol.BasicHttpContext;
> import org.apache.http.util.EntityUtils;
> public class ClientPreemptiveBasicAuthentication {
> public static void main(String[] args) throws Exception {
> DefaultHttpClient httpclient = new DefaultHttpClient();
> try {
> UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials("username", "password");
> // Add AuthCache to the execution context
> BasicHttpContext localcontext = new BasicHttpContext();
> HttpGet httpget = new HttpGet("https://api.heroku.com/vendor/apps/");
> httpget.addHeader(new BasicScheme().authenticate(usernamePasswordCredentials, httpget, localcontext));
> System.out.println("executing request: " + httpget.getRequestLine());
> HttpResponse response = httpclient.execute(httpget, localcontext);
> HttpEntity entity = response.getEntity();
> System.out.println("----------------------------------------");
> System.out.println(response.getStatusLine());
> if (entity != null) {
> System.out.println("Response content length: " + entity.getContentLength());
> }
> EntityUtils.consume(entity);
> } finally {
> // When HttpClient instance is no longer needed,
> // shut down the connection manager to ensure
> // immediate deallocation of all system resources
> httpclient.getConnectionManager().shutdown();
> }
> }
> }
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org