You are viewing a plain text version of this content. The canonical link for it is here.
Posted to httpclient-users@hc.apache.org by Eric Jain <er...@gmail.com> on 2011/03/10 06:43:48 UTC
AuthCache not caching?
According to section 4.7 in
http://hc.apache.org/httpcomponents-client-ga/tutorial/html/authentication.html,
"HttpClient automatically caches information about hosts it has
successfully authenticated with".
Can someone confirm that this works? I tested HttpClient (4.1) using
both Digest and Basic authentication, and while both work, I noticed
that HttpClient never appears to set an Authorization header on
subsequent requests, so each request results in an initial 401
response.
When I access resources on the same server using a web browser
(Chrome), only one 401 response is logged, until the nonce expires. So
it doesn't look like this is a server configuration issue.
Here is the code I used for testing (based on
http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/httpclient/src/examples/org/apache/http/examples/client/ClientPreemptiveDigestAuthentication.java):
HttpHost targetHost = new HttpHost("test", 80, "http");
DefaultHttpClient client = new DefaultHttpClient();
HttpContext context = new BasicHttpContext();
client.getCredentialsProvider().setCredentials(
new AuthScope(targetHost.getHostName(), targetHost.getPort(), "nowhere"),
new UsernamePasswordCredentials("foo", "bar"));
// AuthCache authCache = new BasicAuthCache();
// DigestScheme digestAuth = new DigestScheme();
// authCache.put(targetHost, digestAuth);
// context.setAttribute(ClientContext.AUTH_CACHE, authCache);
HttpGet get = new HttpGet("/");
HttpResponse response = client.execute(targetHost, get, context);
System.out.println("Status: " + response.getStatusLine());
EntityUtils.consume(response.getEntity());
get = new HttpGet("/baz/bah.html");
response = client.execute(targetHost, get, context);
System.out.println("Status: " + response.getStatusLine());
EntityUtils.consume(response.getEntity());
client.getConnectionManager().shutdown();
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org
Re: AuthCache not caching?
Posted by Eric Jain <er...@gmail.com>.
On Thu, Mar 10, 2011 at 14:51, Oleg Kalnichevski <ol...@apache.org> wrote:
> http://svn.apache.org/repos/asf/httpcomponents/httpclient/branches/4.1.x/
Just built this, and it looks like the auth cache is now working as
expected, both with basic and digest authentication. Thanks!
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org
Re: AuthCache not caching?
Posted by Oleg Kalnichevski <ol...@apache.org>.
On Thu, 2011-03-10 at 14:24 -0800, Eric Jain wrote:
> On Thu, Mar 10, 2011 at 12:45, Oleg Kalnichevski <ol...@apache.org> wrote:
> > This might be due to this bug
> >
> > https://issues.apache.org/jira/browse/HTTPCLIENT-1056
> >
> > Can you try the latest snapshot off the trunk or 4.1.x branch?
>
> Where can I download the latest snapshot?
>
> Looked around https://repository.apache.org/content/groups/snapshots/org/apache/httpcomponents/
> but it wasn't obvious where the latest jars are...
>
Simply build from source
http://svn.apache.org/repos/asf/httpcomponents/httpclient/branches/4.1.x/
Oleg
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org
Re: AuthCache not caching?
Posted by Eric Jain <er...@gmail.com>.
On Thu, Mar 10, 2011 at 12:45, Oleg Kalnichevski <ol...@apache.org> wrote:
> This might be due to this bug
>
> https://issues.apache.org/jira/browse/HTTPCLIENT-1056
>
> Can you try the latest snapshot off the trunk or 4.1.x branch?
Where can I download the latest snapshot?
Looked around https://repository.apache.org/content/groups/snapshots/org/apache/httpcomponents/
but it wasn't obvious where the latest jars are...
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org
Re: AuthCache not caching?
Posted by Oleg Kalnichevski <ol...@apache.org>.
On Thu, 2011-03-10 at 10:58 -0800, Eric Jain wrote:
> On Thu, Mar 10, 2011 at 02:32, Oleg Kalnichevski <ol...@apache.org> wrote:
> > I just recently re-tested that particular bit of code and it worked for
> > me (at least with BASIC auth).
> >
> > You may want to generate a wire / context log of the session to see
> > whether or not auth credentials get cached.
>
> In the log (see below) I can see "Caching 'basic' auth scheme for
> http://test:80" after the first request, and prior to the second
> request "Re-using cached 'basic' auth scheme for http://test:80" and
> "No credentials for preemptive authentication".
>
>
This might be due to this bug
https://issues.apache.org/jira/browse/HTTPCLIENT-1056
Can you try the latest snapshot off the trunk or 4.1.x branch?
Oleg
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org
Re: AuthCache not caching?
Posted by Eric Jain <er...@gmail.com>.
On Thu, Mar 10, 2011 at 02:32, Oleg Kalnichevski <ol...@apache.org> wrote:
> I just recently re-tested that particular bit of code and it worked for
> me (at least with BASIC auth).
>
> You may want to generate a wire / context log of the session to see
> whether or not auth credentials get cached.
In the log (see below) I can see "Caching 'basic' auth scheme for
http://test:80" after the first request, and prior to the second
request "Re-using cached 'basic' auth scheme for http://test:80" and
"No credentials for preemptive authentication".
GET / HTTP/1.1
Host: test:80
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1 (java 1.5)
HTTP/1.1 401 Authorization Required
Date: Thu, 10 Mar 2011 18:16:25 GMT
Server: Apache/2.2.14 (Ubuntu)
WWW-Authenticate: Basic realm="nowhere"
Vary: Accept-Encoding
Content-Length: 490
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
GET / HTTP/1.1
Host: test:80
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1 (java 1.5)
Authorization: Basic Z2vTC52noMjlZ2TvcW==
HTTP/1.1 200 OK
Date: Thu, 10 Mar 2011 18:16:25 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Accept-Encoding
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
GET / HTTP/1.1
Host: test:80
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1 (java 1.5)
HTTP/1.1 401 Authorization Required
Date: Thu, 10 Mar 2011 18:16:26 GMT
Server: Apache/2.2.14 (Ubuntu)
WWW-Authenticate: Basic realm="nowhere"
Vary: Accept-Encoding
Content-Length: 490
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
GET / HTTP/1.1
Host: test:80
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1 (java 1.5)
Authorization: Basic Z2vTC52noMjlZ2TvcW==
HTTP/1.1 200 OK
Date: Thu, 10 Mar 2011 18:16:26 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Accept-Encoding
Keep-Alive: timeout=15, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
10:16:17.174 [main] DEBUG o.a.h.i.conn.SingleClientConnManager - Get
connection for route HttpRoute[{}->http://test:80]
10:16:17.185 [main] DEBUG o.a.h.i.c.DefaultClientConnectionOperator -
Connecting to test/xxx.xxx.xxx.xxx:80
10:16:17.209 [main] DEBUG o.a.h.c.protocol.RequestAddCookies -
CookieSpec selected: best-match
10:16:17.225 [main] DEBUG o.a.h.impl.client.DefaultHttpClient -
Attempt 1 to execute request
10:16:17.225 [main] DEBUG o.a.h.i.conn.DefaultClientConnection -
Sending request: GET / HTTP/1.1
10:16:17.226 [main] DEBUG org.apache.http.wire - >> "GET / HTTP/1.1[\r][\n]"
10:16:17.228 [main] DEBUG org.apache.http.wire - >> "Host: test:80[\r][\n]"
10:16:17.228 [main] DEBUG org.apache.http.wire - >> "Connection:
Keep-Alive[\r][\n]"
10:16:17.228 [main] DEBUG org.apache.http.wire - >> "User-Agent:
Apache-HttpClient/4.1 (java 1.5)[\r][\n]"
10:16:17.228 [main] DEBUG org.apache.http.wire - >> "[\r][\n]"
10:16:17.228 [main] DEBUG org.apache.http.headers - >> GET / HTTP/1.1
10:16:17.228 [main] DEBUG org.apache.http.headers - >> Host: test:80
10:16:17.228 [main] DEBUG org.apache.http.headers - >> Connection: Keep-Alive
10:16:17.228 [main] DEBUG org.apache.http.headers - >> User-Agent:
Apache-HttpClient/4.1 (java 1.5)
10:16:17.229 [main] DEBUG org.apache.http.wire - << "HTTP/1.1 401
Authorization Required[\r][\n]"
10:16:17.232 [main] DEBUG org.apache.http.wire - << "Date: Thu, 10 Mar
2011 18:16:25 GMT[\r][\n]"
10:16:17.232 [main] DEBUG org.apache.http.wire - << "Server:
Apache/2.2.14 (Ubuntu)[\r][\n]"
10:16:17.232 [main] DEBUG org.apache.http.wire - << "WWW-Authenticate:
Basic realm="nowhere"[\r][\n]"
10:16:17.232 [main] DEBUG org.apache.http.wire - << "Vary:
Accept-Encoding[\r][\n]"
10:16:17.233 [main] DEBUG org.apache.http.wire - << "Content-Length:
490[\r][\n]"
10:16:17.233 [main] DEBUG org.apache.http.wire - << "Keep-Alive:
timeout=15, max=100[\r][\n]"
10:16:17.233 [main] DEBUG org.apache.http.wire - << "Connection:
Keep-Alive[\r][\n]"
10:16:17.233 [main] DEBUG org.apache.http.wire - << "Content-Type:
text/html; charset=iso-8859-1[\r][\n]"
10:16:17.233 [main] DEBUG org.apache.http.wire - << "[\r][\n]"
10:16:17.234 [main] DEBUG o.a.h.i.conn.DefaultClientConnection -
Receiving response: HTTP/1.1 401 Authorization Required
10:16:17.234 [main] DEBUG org.apache.http.headers - << HTTP/1.1 401
Authorization Required
10:16:17.234 [main] DEBUG org.apache.http.headers - << Date: Thu, 10
Mar 2011 18:16:25 GMT
10:16:17.234 [main] DEBUG org.apache.http.headers - << Server:
Apache/2.2.14 (Ubuntu)
10:16:17.234 [main] DEBUG org.apache.http.headers - <<
WWW-Authenticate: Basic realm="nowhere"
10:16:17.234 [main] DEBUG org.apache.http.headers - << Vary: Accept-Encoding
10:16:17.234 [main] DEBUG org.apache.http.headers - << Content-Length: 490
10:16:17.234 [main] DEBUG org.apache.http.headers - << Keep-Alive:
timeout=15, max=100
10:16:17.235 [main] DEBUG org.apache.http.headers - << Connection: Keep-Alive
10:16:17.235 [main] DEBUG org.apache.http.headers - << Content-Type:
text/html; charset=iso-8859-1
10:16:17.241 [main] DEBUG o.a.h.impl.client.DefaultHttpClient -
Connection can be kept alive for 15000 MILLISECONDS
10:16:17.242 [main] DEBUG o.a.h.impl.client.DefaultHttpClient - Target
requested authentication
10:16:17.242 [main] DEBUG o.a.h.i.c.DefaultTargetAuthenticationHandler
- Authentication schemes in the order of preference: [negotiate, NTLM,
Digest, Basic]
10:16:17.242 [main] DEBUG o.a.h.i.c.DefaultTargetAuthenticationHandler
- Challenge for negotiate authentication scheme not available
10:16:17.242 [main] DEBUG o.a.h.i.c.DefaultTargetAuthenticationHandler
- Challenge for NTLM authentication scheme not available
10:16:17.242 [main] DEBUG o.a.h.i.c.DefaultTargetAuthenticationHandler
- Challenge for Digest authentication scheme not available
10:16:17.242 [main] DEBUG o.a.h.i.c.DefaultTargetAuthenticationHandler
- Basic authentication scheme selected
10:16:17.245 [main] DEBUG o.a.h.impl.client.DefaultHttpClient -
Authorization challenge processed
10:16:17.245 [main] DEBUG o.a.h.impl.client.DefaultHttpClient -
Authentication scope: BASIC 'nowhere'@test:80
10:16:17.246 [main] DEBUG o.a.h.impl.client.DefaultHttpClient - Found
credentials
10:16:17.247 [main] DEBUG org.apache.http.wire - << "<!DOCTYPE HTML
PUBLIC "-//IETF//DTD HTML 2.0//EN">[\n]"
10:16:17.247 [main] DEBUG org.apache.http.wire - << "<html><head>[\n]"
10:16:17.247 [main] DEBUG org.apache.http.wire - << "<title>401
Authorization Required</title>[\n]"
10:16:17.247 [main] DEBUG org.apache.http.wire - << "</head><body>[\n]"
10:16:17.247 [main] DEBUG org.apache.http.wire - << "<h1>Authorization
Required</h1>[\n]"
10:16:17.247 [main] DEBUG org.apache.http.wire - << "<p>This server
could not verify that you[\n]"
10:16:17.247 [main] DEBUG org.apache.http.wire - << "are authorized to
access the document[\n]"
10:16:17.247 [main] DEBUG org.apache.http.wire - << "requested.
Either you supplied the wrong[\n]"
10:16:17.247 [main] DEBUG org.apache.http.wire - << "credentials
(e.g., bad password), or your[\n]"
10:16:17.247 [main] DEBUG org.apache.http.wire - << "browser doesn't
understand how to supply[\n]"
10:16:17.247 [main] DEBUG org.apache.http.wire - << "the credentials
required.</p>[\n]"
10:16:17.247 [main] DEBUG org.apache.http.wire - << "<hr>[\n]"
10:16:17.247 [main] DEBUG org.apache.http.wire - <<
"<address>Apache/2.2.14 (Ubuntu) Server at test Port 80</address>[\n]"
10:16:17.248 [main] DEBUG org.apache.http.wire - << "</body></html>[\n]"
10:16:17.248 [main] DEBUG o.a.h.c.protocol.RequestAddCookies -
CookieSpec selected: best-match
10:16:17.256 [main] DEBUG o.a.h.impl.client.DefaultHttpClient -
Attempt 2 to execute request
10:16:17.256 [main] DEBUG o.a.h.i.conn.DefaultClientConnection -
Sending request: GET / HTTP/1.1
10:16:17.256 [main] DEBUG org.apache.http.wire - >> "GET / HTTP/1.1[\r][\n]"
10:16:17.257 [main] DEBUG org.apache.http.wire - >> "Host: test:80[\r][\n]"
10:16:17.257 [main] DEBUG org.apache.http.wire - >> "Connection:
Keep-Alive[\r][\n]"
10:16:17.257 [main] DEBUG org.apache.http.wire - >> "User-Agent:
Apache-HttpClient/4.1 (java 1.5)[\r][\n]"
10:16:17.257 [main] DEBUG org.apache.http.wire - >> "Authorization:
Basic Z2vTC52noMjlZ2TvcW==[\r][\n]"
10:16:17.257 [main] DEBUG org.apache.http.wire - >> "[\r][\n]"
10:16:17.257 [main] DEBUG org.apache.http.headers - >> GET / HTTP/1.1
10:16:17.257 [main] DEBUG org.apache.http.headers - >> Host: test:80
10:16:17.257 [main] DEBUG org.apache.http.headers - >> Connection: Keep-Alive
10:16:17.257 [main] DEBUG org.apache.http.headers - >> User-Agent:
Apache-HttpClient/4.1 (java 1.5)
10:16:17.257 [main] DEBUG org.apache.http.headers - >> Authorization:
Basic Z2vTC52noMjlZ2TvcW==
10:16:17.483 [main] DEBUG org.apache.http.wire - << "HTTP/1.1 200 OK[\r][\n]"
10:16:17.484 [main] DEBUG org.apache.http.wire - << "Date: Thu, 10 Mar
2011 18:16:25 GMT[\r][\n]"
10:16:17.484 [main] DEBUG org.apache.http.wire - << "Server:
Apache/2.2.14 (Ubuntu)[\r][\n]"
10:16:17.484 [main] DEBUG org.apache.http.wire - << "Vary:
Accept-Encoding[\r][\n]"
10:16:17.485 [main] DEBUG org.apache.http.wire - << "Keep-Alive:
timeout=15, max=99[\r][\n]"
10:16:17.485 [main] DEBUG org.apache.http.wire - << "Connection:
Keep-Alive[\r][\n]"
10:16:17.485 [main] DEBUG org.apache.http.wire - <<
"Transfer-Encoding: chunked[\r][\n]"
10:16:17.485 [main] DEBUG org.apache.http.wire - << "Content-Type:
text/html;charset=UTF-8[\r][\n]"
10:16:17.486 [main] DEBUG org.apache.http.wire - << "[\r][\n]"
10:16:17.486 [main] DEBUG o.a.h.i.conn.DefaultClientConnection -
Receiving response: HTTP/1.1 200 OK
10:16:17.486 [main] DEBUG org.apache.http.headers - << HTTP/1.1 200 OK
10:16:17.486 [main] DEBUG org.apache.http.headers - << Date: Thu, 10
Mar 2011 18:16:25 GMT
10:16:17.486 [main] DEBUG org.apache.http.headers - << Server:
Apache/2.2.14 (Ubuntu)
10:16:17.486 [main] DEBUG org.apache.http.headers - << Vary: Accept-Encoding
10:16:17.486 [main] DEBUG org.apache.http.headers - << Keep-Alive:
timeout=15, max=99
10:16:17.486 [main] DEBUG org.apache.http.headers - << Connection: Keep-Alive
10:16:17.487 [main] DEBUG org.apache.http.headers - <<
Transfer-Encoding: chunked
10:16:17.487 [main] DEBUG org.apache.http.headers - << Content-Type:
text/html;charset=UTF-8
10:16:17.489 [main] DEBUG o.a.h.c.protocol.ResponseAuthCache - Caching
'basic' auth scheme for http://test:80
10:16:17.490 [main] DEBUG o.a.h.impl.client.DefaultHttpClient -
Connection can be kept alive for 15000 MILLISECONDS
10:16:17.493 [main] DEBUG org.apache.http.wire - << [...]
10:16:17.771 [main] DEBUG o.a.h.i.conn.SingleClientConnManager - Get
connection for route HttpRoute[{}->http://test:80]
10:16:17.771 [main] DEBUG o.a.h.impl.client.DefaultHttpClient - Stale
connection check
10:16:17.772 [main] DEBUG o.a.h.c.protocol.RequestAddCookies -
CookieSpec selected: best-match
10:16:17.772 [main] DEBUG o.a.h.c.protocol.RequestAuthCache - Re-using
cached 'basic' auth scheme for http://test:80
10:16:17.772 [main] DEBUG o.a.h.c.protocol.RequestAuthCache - No
credentials for preemptive authentication
10:16:17.772 [main] DEBUG o.a.h.impl.client.DefaultHttpClient -
Attempt 1 to execute request
10:16:17.773 [main] DEBUG o.a.h.i.conn.DefaultClientConnection -
Sending request: GET / HTTP/1.1
10:16:17.773 [main] DEBUG org.apache.http.wire - >> "GET / HTTP/1.1[\r][\n]"
10:16:17.773 [main] DEBUG org.apache.http.wire - >> "Host: test:80[\r][\n]"
10:16:17.773 [main] DEBUG org.apache.http.wire - >> "Connection:
Keep-Alive[\r][\n]"
10:16:17.773 [main] DEBUG org.apache.http.wire - >> "User-Agent:
Apache-HttpClient/4.1 (java 1.5)[\r][\n]"
10:16:17.773 [main] DEBUG org.apache.http.wire - >> "[\r][\n]"
10:16:17.774 [main] DEBUG org.apache.http.headers - >> GET / HTTP/1.1
10:16:17.774 [main] DEBUG org.apache.http.headers - >> Host: test:80
10:16:17.774 [main] DEBUG org.apache.http.headers - >> Connection: Keep-Alive
10:16:17.774 [main] DEBUG org.apache.http.headers - >> User-Agent:
Apache-HttpClient/4.1 (java 1.5)
10:16:17.775 [main] DEBUG org.apache.http.wire - << "HTTP/1.1 401
Authorization Required[\r][\n]"
10:16:17.775 [main] DEBUG org.apache.http.wire - << "Date: Thu, 10 Mar
2011 18:16:26 GMT[\r][\n]"
10:16:17.775 [main] DEBUG org.apache.http.wire - << "Server:
Apache/2.2.14 (Ubuntu)[\r][\n]"
10:16:17.775 [main] DEBUG org.apache.http.wire - << "WWW-Authenticate:
Basic realm="nowhere"[\r][\n]"
10:16:17.775 [main] DEBUG org.apache.http.wire - << "Vary:
Accept-Encoding[\r][\n]"
10:16:17.775 [main] DEBUG org.apache.http.wire - << "Content-Length:
490[\r][\n]"
10:16:17.776 [main] DEBUG org.apache.http.wire - << "Keep-Alive:
timeout=15, max=98[\r][\n]"
10:16:17.776 [main] DEBUG org.apache.http.wire - << "Connection:
Keep-Alive[\r][\n]"
10:16:17.776 [main] DEBUG org.apache.http.wire - << "Content-Type:
text/html; charset=iso-8859-1[\r][\n]"
10:16:17.776 [main] DEBUG org.apache.http.wire - << "[\r][\n]"
10:16:17.776 [main] DEBUG o.a.h.i.conn.DefaultClientConnection -
Receiving response: HTTP/1.1 401 Authorization Required
10:16:17.776 [main] DEBUG org.apache.http.headers - << HTTP/1.1 401
Authorization Required
10:16:17.776 [main] DEBUG org.apache.http.headers - << Date: Thu, 10
Mar 2011 18:16:26 GMT
10:16:17.776 [main] DEBUG org.apache.http.headers - << Server:
Apache/2.2.14 (Ubuntu)
10:16:17.776 [main] DEBUG org.apache.http.headers - <<
WWW-Authenticate: Basic realm="nowhere"
10:16:17.777 [main] DEBUG org.apache.http.headers - << Vary: Accept-Encoding
10:16:17.777 [main] DEBUG org.apache.http.headers - << Content-Length: 490
10:16:17.777 [main] DEBUG org.apache.http.headers - << Keep-Alive:
timeout=15, max=98
10:16:17.777 [main] DEBUG org.apache.http.headers - << Connection: Keep-Alive
10:16:17.777 [main] DEBUG org.apache.http.headers - << Content-Type:
text/html; charset=iso-8859-1
10:16:17.777 [main] DEBUG o.a.h.impl.client.DefaultHttpClient -
Connection can be kept alive for 15000 MILLISECONDS
10:16:17.777 [main] DEBUG o.a.h.impl.client.DefaultHttpClient - Target
requested authentication
10:16:17.777 [main] DEBUG o.a.h.i.c.DefaultTargetAuthenticationHandler
- Authentication schemes in the order of preference: [negotiate, NTLM,
Digest, Basic]
10:16:17.777 [main] DEBUG o.a.h.i.c.DefaultTargetAuthenticationHandler
- Challenge for negotiate authentication scheme not available
10:16:17.777 [main] DEBUG o.a.h.i.c.DefaultTargetAuthenticationHandler
- Challenge for NTLM authentication scheme not available
10:16:17.777 [main] DEBUG o.a.h.i.c.DefaultTargetAuthenticationHandler
- Challenge for Digest authentication scheme not available
10:16:17.777 [main] DEBUG o.a.h.i.c.DefaultTargetAuthenticationHandler
- Basic authentication scheme selected
10:16:17.778 [main] DEBUG o.a.h.impl.client.DefaultHttpClient -
Authorization challenge processed
10:16:17.778 [main] DEBUG o.a.h.impl.client.DefaultHttpClient -
Authentication scope: BASIC 'nowhere'@test:80
10:16:17.778 [main] DEBUG o.a.h.impl.client.DefaultHttpClient - Found
credentials
10:16:17.778 [main] DEBUG org.apache.http.wire - << "<!DOCTYPE HTML
PUBLIC "-//IETF//DTD HTML 2.0//EN">[\n]"
10:16:17.778 [main] DEBUG org.apache.http.wire - << "<html><head>[\n]"
10:16:17.778 [main] DEBUG org.apache.http.wire - << "<title>401
Authorization Required</title>[\n]"
10:16:17.778 [main] DEBUG org.apache.http.wire - << "</head><body>[\n]"
10:16:17.778 [main] DEBUG org.apache.http.wire - << "<h1>Authorization
Required</h1>[\n]"
10:16:17.778 [main] DEBUG org.apache.http.wire - << "<p>This server
could not verify that you[\n]"
10:16:17.778 [main] DEBUG org.apache.http.wire - << "are authorized to
access the document[\n]"
10:16:17.778 [main] DEBUG org.apache.http.wire - << "requested.
Either you supplied the wrong[\n]"
10:16:17.778 [main] DEBUG org.apache.http.wire - << "credentials
(e.g., bad password), or your[\n]"
10:16:17.778 [main] DEBUG org.apache.http.wire - << "browser doesn't
understand how to supply[\n]"
10:16:17.778 [main] DEBUG org.apache.http.wire - << "the credentials
required.</p>[\n]"
10:16:17.778 [main] DEBUG org.apache.http.wire - << "<hr>[\n]"
10:16:17.778 [main] DEBUG org.apache.http.wire - <<
"<address>Apache/2.2.14 (Ubuntu) Server at test Port 80</address>[\n]"
10:16:17.778 [main] DEBUG org.apache.http.wire - << "</body></html>[\n]"
10:16:17.779 [main] DEBUG o.a.h.c.protocol.RequestAddCookies -
CookieSpec selected: best-match
10:16:17.779 [main] DEBUG o.a.h.c.protocol.RequestAuthCache - Re-using
cached 'basic' auth scheme for http://test:80
10:16:17.779 [main] DEBUG o.a.h.c.protocol.RequestAuthCache - No
credentials for preemptive authentication
10:16:17.779 [main] DEBUG o.a.h.impl.client.DefaultHttpClient -
Attempt 2 to execute request
10:16:17.779 [main] DEBUG o.a.h.i.conn.DefaultClientConnection -
Sending request: GET / HTTP/1.1
10:16:17.779 [main] DEBUG org.apache.http.wire - >> "GET / HTTP/1.1[\r][\n]"
10:16:17.779 [main] DEBUG org.apache.http.wire - >> "Host: test:80[\r][\n]"
10:16:17.779 [main] DEBUG org.apache.http.wire - >> "Connection:
Keep-Alive[\r][\n]"
10:16:17.779 [main] DEBUG org.apache.http.wire - >> "User-Agent:
Apache-HttpClient/4.1 (java 1.5)[\r][\n]"
10:16:17.779 [main] DEBUG org.apache.http.wire - >> "Authorization:
Basic Z2vTC52noMjlZ2TvcW==[\r][\n]"
10:16:17.779 [main] DEBUG org.apache.http.wire - >> "[\r][\n]"
10:16:17.780 [main] DEBUG org.apache.http.headers - >> GET / HTTP/1.1
10:16:17.780 [main] DEBUG org.apache.http.headers - >> Host: test:80
10:16:17.780 [main] DEBUG org.apache.http.headers - >> Connection: Keep-Alive
10:16:17.780 [main] DEBUG org.apache.http.headers - >> User-Agent:
Apache-HttpClient/4.1 (java 1.5)
10:16:17.780 [main] DEBUG org.apache.http.headers - >> Authorization:
Basic Z2vTC52noMjlZ2TvcW==
10:16:18.006 [main] DEBUG org.apache.http.wire - << "HTTP/1.1 200 OK[\r][\n]"
10:16:18.006 [main] DEBUG org.apache.http.wire - << "Date: Thu, 10 Mar
2011 18:16:26 GMT[\r][\n]"
10:16:18.006 [main] DEBUG org.apache.http.wire - << "Server:
Apache/2.2.14 (Ubuntu)[\r][\n]"
10:16:18.007 [main] DEBUG org.apache.http.wire - << "Vary:
Accept-Encoding[\r][\n]"
10:16:18.007 [main] DEBUG org.apache.http.wire - << "Keep-Alive:
timeout=15, max=97[\r][\n]"
10:16:18.007 [main] DEBUG org.apache.http.wire - << "Connection:
Keep-Alive[\r][\n]"
10:16:18.007 [main] DEBUG org.apache.http.wire - <<
"Transfer-Encoding: chunked[\r][\n]"
10:16:18.007 [main] DEBUG org.apache.http.wire - << "Content-Type:
text/html;charset=UTF-8[\r][\n]"
10:16:18.007 [main] DEBUG org.apache.http.wire - << "[\r][\n]"
10:16:18.007 [main] DEBUG o.a.h.i.conn.DefaultClientConnection -
Receiving response: HTTP/1.1 200 OK
10:16:18.007 [main] DEBUG org.apache.http.headers - << HTTP/1.1 200 OK
10:16:18.007 [main] DEBUG org.apache.http.headers - << Date: Thu, 10
Mar 2011 18:16:26 GMT
10:16:18.007 [main] DEBUG org.apache.http.headers - << Server:
Apache/2.2.14 (Ubuntu)
10:16:18.008 [main] DEBUG org.apache.http.headers - << Vary: Accept-Encoding
10:16:18.008 [main] DEBUG org.apache.http.headers - << Keep-Alive:
timeout=15, max=97
10:16:18.008 [main] DEBUG org.apache.http.headers - << Connection: Keep-Alive
10:16:18.008 [main] DEBUG org.apache.http.headers - <<
Transfer-Encoding: chunked
10:16:18.008 [main] DEBUG org.apache.http.headers - << Content-Type:
text/html;charset=UTF-8
10:16:18.008 [main] DEBUG o.a.h.c.protocol.ResponseAuthCache - Caching
'basic' auth scheme for http://test:80
10:16:18.008 [main] DEBUG o.a.h.impl.client.DefaultHttpClient -
Connection can be kept alive for 15000 MILLISECONDS
10:16:18.008 [main] DEBUG org.apache.http.wire - << [...]
"http.auth.auth-cache" context value after the first request (same as
after the second request):
[5] HashMap$Entry<K,V> (id=49)
key "http.auth.auth-cache" (id=71)
value BasicAuthCache (id=72)
map HashMap<K,V> (id=77)
[0] HashMap$Entry<K,V> (id=81)
key HttpHost (id=18)
hostname "test" (id=101)
lcHostname "test" (id=101)
port 80
schemeName "http" (id=102)
value BasicScheme (id=83)
complete true
params HashMap<K,V> (id=91)
[0] HashMap$Entry<K,V> (id=96)
key "realm" (id=104)
value "nowhere" (id=105)
proxy false
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org
Re: AuthCache not caching?
Posted by Oleg Kalnichevski <ol...@apache.org>.
On Wed, 2011-03-09 at 21:43 -0800, Eric Jain wrote:
> According to section 4.7 in
> http://hc.apache.org/httpcomponents-client-ga/tutorial/html/authentication.html,
> "HttpClient automatically caches information about hosts it has
> successfully authenticated with".
>
> Can someone confirm that this works? I tested HttpClient (4.1) using
> both Digest and Basic authentication, and while both work, I noticed
> that HttpClient never appears to set an Authorization header on
> subsequent requests, so each request results in an initial 401
> response.
>
> When I access resources on the same server using a web browser
> (Chrome), only one 401 response is logged, until the nonce expires. So
> it doesn't look like this is a server configuration issue.
>
> Here is the code I used for testing (based on
> http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/httpclient/src/examples/org/apache/http/examples/client/ClientPreemptiveDigestAuthentication.java):
>
> HttpHost targetHost = new HttpHost("test", 80, "http");
> DefaultHttpClient client = new DefaultHttpClient();
> HttpContext context = new BasicHttpContext();
> client.getCredentialsProvider().setCredentials(
> new AuthScope(targetHost.getHostName(), targetHost.getPort(), "nowhere"),
> new UsernamePasswordCredentials("foo", "bar"));
>
> // AuthCache authCache = new BasicAuthCache();
> // DigestScheme digestAuth = new DigestScheme();
> // authCache.put(targetHost, digestAuth);
> // context.setAttribute(ClientContext.AUTH_CACHE, authCache);
>
> HttpGet get = new HttpGet("/");
> HttpResponse response = client.execute(targetHost, get, context);
> System.out.println("Status: " + response.getStatusLine());
> EntityUtils.consume(response.getEntity());
>
> get = new HttpGet("/baz/bah.html");
> response = client.execute(targetHost, get, context);
> System.out.println("Status: " + response.getStatusLine());
> EntityUtils.consume(response.getEntity());
>
> client.getConnectionManager().shutdown();
>
I just recently re-tested that particular bit of code and it worked for
me (at least with BASIC auth).
You may want to generate a wire / context log of the session to see
whether or not auth credentials get cached.
Oleg
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org