Roland Weber wrote:
Hello John,
digest authentication requires a challenge from the server.
It is simply not possible to authenticate the first request
preemptively, because HttpClient doesn't know the challenge
yet. Once the challenge has been received, preemptive
authentication can be used for subsequent requests.
The paragraph in RFC 2617 to which you referred starts with
"The client response to a WWW-Authenticate challenge...",
which implies that there is a challenge to respond to.
I guess that the sentence is then misleading ... or I suppose
pre-empting only works if it is the second ( or third ... ) GET / POST
to the same server within the timeframe before the nonce value changes
on the server ?
You can try to enable the expect-continue handshake.
The request should then be rejected by the server before
the POST data has been transferred. The rejecting reply
includes the challenge, which can then be used to retry
the POST request with the appropriate authentication.
Or you can try a GET request prior to the POST request.
OK .. I'll try this, though IIRC, not too many servers HTTP 100.
How do you test for the server's HTTP 100 support ?
John
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
