DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=17884>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=17884 Multiple DIGEST authentication attempts with same credentials Summary: Multiple DIGEST authentication attempts with same credentials Product: Commons Version: 1.0 Alpha Platform: All OS/Version: Other Status: NEW Severity: Major Priority: Other Component: HttpClient AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] HttpMethodBase's processAuthenticationResponse uses a set of realms to which attempts to authenticate have already been made. The elements of the set are a concatenation of the requested path and the value of the Authentication response header. For digest authentication this response header contains a nonce value, which is uniquely generated by the server each time a 401 response is made. This makes it impossible to recognize that authentication against this realm has been attempted before and so all 100 attempts are made before returning. The nonce should probably not be used in the realmsUsed element Reported by Rob Owen <[EMAIL PROTECTED]> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
