On Mon, 2006-01-23 at 15:25 +0100, Benjamin Pasero wrote: > > Oleg Kalnichevski wrote: > > On Sun, 2006-01-22 at 13:09 +0100, Benjamin Pasero wrote: > > > >> Hi, > >> > >> I am using HttpClient 3.0 and have a problem with preemptive > >> authentication and redirects. > >> > >> The scenario is as follows: > >> > >> 1. I create a GetMethod with a certain URI, lets say www.foo.com which > >> redirects to bar.foo.com > >> that requires authentication. > >> > >> 2. I lookup a registry with stored credentials for this URI and find > >> Username + Password > >> > >> 3. I call HttpClient.getParams().setAuthenticationPreemptive(true); > >> > >> 4. I create AuthScope and Credentials, asking the GetMethod for Host, > >> Port and Realm. For Host > >> I am getting "www.foo.com". > >> > >> 5. I call HttpClient.getState().setCredentials(authScope, userPwCreds); > >> > >> 6. I call getMethod.setDoAuthentication(true); > >> > >> Now, I execute the GetMethod and it gets redirected to "bar.foo.com". > >> Thereby the AuthScope > >> I created preemptively with "www.foo.com" is no longer valid. I get an > >> 401 error, although > >> the credentials are correct, just the host is not. > >> > >> Is there a workaround for avoiding this problem? I tried to supply > >> ANY_HOST as value for > >> the AuthScope but get the exception that NULL is not allowed (though the > >> API tells me > >> that I can supply ANY_HOST if I want to). > >> > >> > > > > Try the following auth scope > > HttpClient.getState().setCredentials(AuthScope.ANY, userPwCreds); > > if it does not help, post a complete wire/context log of the HTTP > > session to this list. > > > Thanks for the hint, that is working perfectly! Are there any side-effects > in using such an authscope? E.g. could it be that some authentication > challenges wont work with supplying ANY as scope? >
Ben, You can always provide additional credentials with a more specific scope. HttpClient will always pick up the best match. Oleg > Regards, > Ben > > Oleg > > > > > >> Thanks for helping, > >> Ben > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > >> > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
