You are viewing a plain text version of this content. The canonical link for it is here.
Posted to c-dev@axis.apache.org by "Aaron Oneal (JIRA)" <ji...@apache.org> on 2009/06/02 08:46:07 UTC
[jira] Created: (AXIS2C-1372) Setting the content-length header for
libcurl causes auth to fail
Setting the content-length header for libcurl causes auth to fail
-----------------------------------------------------------------
Key: AXIS2C-1372
URL: https://issues.apache.org/jira/browse/AXIS2C-1372
Project: Axis2-C
Issue Type: Bug
Components: transport/http
Affects Versions: 1.6.0
Reporter: Aaron Oneal
Priority: Blocker
Certain auth schemes, like NTLM, may result in an empty request (no body, content-length:0) being sent to the server first to trigger a 401 auth challenge so as not to waste bandwidth by posting the real message body twice when it knows the first request will result in an auth challenge.
Libcurl currently has a bug where it will use the specified content-length on this first request instead of sending 0, which will cause subsequent requests to fail because the message body was never sent.
Since libcurl automatically calculates the content-length based on the POST size, it's not necessary to specify it from Axis2/C. Removing this header allows libcurl to calculate the length and send the correct values during both requests.
I recommend the content-length setting code be removed because:
1. It doesn't appear to be needed
2. Curl docs do not recommend specifying a content-length header
3. It's currently the only way to get NTLM authentication working (see AXIS2C-1370)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (AXIS2C-1372) Setting the content-length header for
libcurl causes auth to fail
Posted by "S.Uthaiyashankar (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/AXIS2C-1372?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
S.Uthaiyashankar updated AXIS2C-1372:
-------------------------------------
Fix Version/s: Next Version
Assignee: S.Uthaiyashankar
> Setting the content-length header for libcurl causes auth to fail
> -----------------------------------------------------------------
>
> Key: AXIS2C-1372
> URL: https://issues.apache.org/jira/browse/AXIS2C-1372
> Project: Axis2-C
> Issue Type: Bug
> Components: transport/http
> Affects Versions: 1.6.0
> Reporter: Incarnadine
> Assignee: S.Uthaiyashankar
> Priority: Blocker
> Fix For: Next Version
>
> Attachments: RemoveContentLengthHeader.diff
>
> Original Estimate: 0.08h
> Remaining Estimate: 0.08h
>
> Certain auth schemes, like NTLM, may result in an empty request (no body, content-length:0) being sent to the server first to trigger a 401 auth challenge so as not to waste bandwidth by posting the real message body twice when it knows the first request will result in an auth challenge.
> Libcurl currently has a bug where it will use the specified content-length on this first request instead of sending 0, which will cause subsequent requests to fail because the message body was never sent.
> Since libcurl automatically calculates the content-length based on the POST size, it's not necessary to specify it from Axis2/C. Removing this header allows libcurl to calculate the length and send the correct values during both requests.
> I recommend the content-length setting code be removed because:
> 1. It doesn't appear to be needed
> 2. Curl docs do not recommend specifying a content-length header
> 3. It's currently the only way to get NTLM authentication working (see AXIS2C-1370)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (AXIS2C-1372) Setting the content-length header for
libcurl causes auth to fail
Posted by "Aaron Oneal (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/AXIS2C-1372?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Aaron Oneal updated AXIS2C-1372:
--------------------------------
Attachment: RemoveContentLengthHeader.diff
> Setting the content-length header for libcurl causes auth to fail
> -----------------------------------------------------------------
>
> Key: AXIS2C-1372
> URL: https://issues.apache.org/jira/browse/AXIS2C-1372
> Project: Axis2-C
> Issue Type: Bug
> Components: transport/http
> Affects Versions: 1.6.0
> Reporter: Aaron Oneal
> Priority: Blocker
> Attachments: RemoveContentLengthHeader.diff
>
> Original Estimate: 0.08h
> Remaining Estimate: 0.08h
>
> Certain auth schemes, like NTLM, may result in an empty request (no body, content-length:0) being sent to the server first to trigger a 401 auth challenge so as not to waste bandwidth by posting the real message body twice when it knows the first request will result in an auth challenge.
> Libcurl currently has a bug where it will use the specified content-length on this first request instead of sending 0, which will cause subsequent requests to fail because the message body was never sent.
> Since libcurl automatically calculates the content-length based on the POST size, it's not necessary to specify it from Axis2/C. Removing this header allows libcurl to calculate the length and send the correct values during both requests.
> I recommend the content-length setting code be removed because:
> 1. It doesn't appear to be needed
> 2. Curl docs do not recommend specifying a content-length header
> 3. It's currently the only way to get NTLM authentication working (see AXIS2C-1370)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.