You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by Pankaj Arora <pa...@castiron.com> on 2009/09/09 11:55:02 UTC
Preemptive Authentication
Hi,
I want to do preemptive authentication in Http ands as per as the auth
guide
http://hc.apache.org/httpclient-3.x/authentication.html#Preemptive_Authe
ntication I have set the option
client.getParams().setAuthenticationPreemptive(true);
I observed that in case of the server the basic credentials were sent
out even though server didn't send a 401 reply but in case of proxy the
credentials were sent only when the client received 407 response.
Is there some other option I have to set for doing preemptive
authentication on the proxy too?
Please note that in both cases basic auth is happening.
Also as I understand the preemptive authentication happens only in basic
authentication as in digest/NTLM we need reply from the server to create
the final response. Is my understanding correct?
Thanks,
Pankaj Arora
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org
Re: Preemptive Authentication
Posted by Oleg Kalnichevski <ol...@apache.org>.
On Wed, Sep 09, 2009 at 08:05:34AM -0700, Pankaj Arora wrote:
> I understand but we are in middle of a release and moving to 4.x is
> major rework due to change in Api's and all.
> Can you please answer my question in 3.x context?
> The only thing I am worried about is why proxy basic auth is not
> behaving properly in preemptive auth i.e why the credentials are not
> sent there and why we are waiting for 407 from server before w edo that.
>
Take this question to the user list and post a _complete_ wire / context log of
the session that exhibits the problem.
Oleg
>
> -----Original Message-----
> From: Oleg Kalnichevski [mailto:olegk@apache.org]
> Sent: Wednesday, September 09, 2009 5:17 AM
> To: HttpComponents Project
> Subject: Re: Preemptive Authentication
>
> On Wed, Sep 09, 2009 at 02:55:02AM -0700, Pankaj Arora wrote:
> > Hi,
> > I want to do preemptive authentication in Http ands as per as the auth
> > guide
> >
> http://hc.apache.org/httpclient-3.x/authentication.html#Preemptive_Authe
> > ntication I have set the option
> > client.getParams().setAuthenticationPreemptive(true);
> > I observed that in case of the server the basic credentials were sent
> > out even though server didn't send a 401 reply but in case of proxy
> the
> > credentials were sent only when the client received 407 response.
> > Is there some other option I have to set for doing preemptive
> > authentication on the proxy too?
> > Please note that in both cases basic auth is happening.
> >
> > Also as I understand the preemptive authentication happens only in
> basic
> > authentication as in digest/NTLM we need reply from the server to
> create
> > the final response. Is my understanding correct?
> >
> > Thanks,
> > Pankaj Arora
> >
> >
>
> Pankaj
>
> HttpClient 3.1 is nearing end of life. Consider upfrading to 4.0.
>
> Http authentication with HttpClient 4.0 is described in details here:
>
> http://hc.apache.org/httpcomponents-client/tutorial/html/authentication.
> html
>
> Preemptive authentication is described here:
>
> http://hc.apache.org/httpcomponents-client/tutorial/html/authentication.
> html#d4e942
>
> Oleg
>
>
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
> > For additional commands, e-mail: dev-help@hc.apache.org
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
> For additional commands, e-mail: dev-help@hc.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
> For additional commands, e-mail: dev-help@hc.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org
RE: Preemptive Authentication
Posted by Pankaj Arora <pa...@castiron.com>.
I understand but we are in middle of a release and moving to 4.x is
major rework due to change in Api's and all.
Can you please answer my question in 3.x context?
The only thing I am worried about is why proxy basic auth is not
behaving properly in preemptive auth i.e why the credentials are not
sent there and why we are waiting for 407 from server before w edo that.
-----Original Message-----
From: Oleg Kalnichevski [mailto:olegk@apache.org]
Sent: Wednesday, September 09, 2009 5:17 AM
To: HttpComponents Project
Subject: Re: Preemptive Authentication
On Wed, Sep 09, 2009 at 02:55:02AM -0700, Pankaj Arora wrote:
> Hi,
> I want to do preemptive authentication in Http ands as per as the auth
> guide
>
http://hc.apache.org/httpclient-3.x/authentication.html#Preemptive_Authe
> ntication I have set the option
> client.getParams().setAuthenticationPreemptive(true);
> I observed that in case of the server the basic credentials were sent
> out even though server didn't send a 401 reply but in case of proxy
the
> credentials were sent only when the client received 407 response.
> Is there some other option I have to set for doing preemptive
> authentication on the proxy too?
> Please note that in both cases basic auth is happening.
>
> Also as I understand the preemptive authentication happens only in
basic
> authentication as in digest/NTLM we need reply from the server to
create
> the final response. Is my understanding correct?
>
> Thanks,
> Pankaj Arora
>
>
Pankaj
HttpClient 3.1 is nearing end of life. Consider upfrading to 4.0.
Http authentication with HttpClient 4.0 is described in details here:
http://hc.apache.org/httpcomponents-client/tutorial/html/authentication.
html
Preemptive authentication is described here:
http://hc.apache.org/httpcomponents-client/tutorial/html/authentication.
html#d4e942
Oleg
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
> For additional commands, e-mail: dev-help@hc.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org
Re: Preemptive Authentication
Posted by Oleg Kalnichevski <ol...@apache.org>.
On Wed, Sep 09, 2009 at 02:55:02AM -0700, Pankaj Arora wrote:
> Hi,
> I want to do preemptive authentication in Http ands as per as the auth
> guide
> http://hc.apache.org/httpclient-3.x/authentication.html#Preemptive_Authe
> ntication I have set the option
> client.getParams().setAuthenticationPreemptive(true);
> I observed that in case of the server the basic credentials were sent
> out even though server didn't send a 401 reply but in case of proxy the
> credentials were sent only when the client received 407 response.
> Is there some other option I have to set for doing preemptive
> authentication on the proxy too?
> Please note that in both cases basic auth is happening.
>
> Also as I understand the preemptive authentication happens only in basic
> authentication as in digest/NTLM we need reply from the server to create
> the final response. Is my understanding correct?
>
> Thanks,
> Pankaj Arora
>
>
Pankaj
HttpClient 3.1 is nearing end of life. Consider upfrading to 4.0.
Http authentication with HttpClient 4.0 is described in details here:
http://hc.apache.org/httpcomponents-client/tutorial/html/authentication.html
Preemptive authentication is described here:
http://hc.apache.org/httpcomponents-client/tutorial/html/authentication.html#d4e942
Oleg
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
> For additional commands, e-mail: dev-help@hc.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org