Well, I don't actually see anything wrong with the idea of sending the auth header right up front and not requiring a whole extra back-and-forth to authorize. NTLM needs that but basic auth doesn't in theory. What is wrong with what they are doing? Do you have a spec I can present to them?
Karl On Thu, Jan 3, 2019 at 12:21 PM Michael Osipov <[email protected]> wrote: > Am 2019-01-03 um 17:33 schrieb Karl Wright: > > Hi Oleg et al, > > > > One ManifoldCF user has an unusual requirement for basic auth that > requires > > the auth header to be sent pre-emptively, not as a consequence of > receiving > > a 401 response. He proposes the following patch for ManifoldCF, but I > > wonder whether there's a better way to do this with existing > > HttpComponents/HttpClient code. > > > > Here's the patch link: > > > > > https://issues.apache.org/jira/secure/attachment/12953640/CONNECTORS-1564.patch > > > > Any thoughts? > > I consider this to be a solution to a symptom, not a problem. > > Michael >
