Re: Dynamically Set Preemptive Authentication

[Ted Jones]

FYI - Found a way to bypass preemptive authentication. Added a servlet filter in front of the Axis2 servlet to interrogate the http authorization header. If not present, return a 401 with a dummy realm in the WWW-Authenticate header. This will allow both preemptive and non-preemptive modes of Basic authentication to work. Ted Jones wrote: Let me re-phrase my question... Is it possible to disable preemptive authentication in Axis2? Thanks, Ted On Mon, 2008-07-28 at 14:30 -0500, Ted Jones wrote: I have a client that uses HTTP Basic authentication and was coded for a Systinet web service engine. The HTTP Client code did not use preemptive authentication with Systinet, but Axis2 does since it uses the commons-httpclient code base. Is there anyway to set preemptive authentication to true without modifying all the client code? Perhaps a setting in axis2.xml or a handler of some sort? Also, not setting this value to true and also the absence of the credentials altogether results in a HTTP 500 error, shouldn't this be a 401? Thanks, Ted --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]