I am using htmlunit v2.4 (which in turn uses httpclient v3.1) and am
having problems with testing HTTP Basic Authentication against my
REST-based web service using two types of browsers.
I am creating my two browsers and credentials as follows:
final WebClient xhtmlBrowser = new WebClient(BrowserVersion.FIREFOX_2);
xhtmlBrowser.addRequestHeader("ACCEPT",
"text/html,application/xhtml+xml");
xhtmlBrowser.setRedirectEnabled(true);
xhtmlBrowser.setUseInsecureSSL(true);
final WebClient jsonBrowser = new WebClient();
jsonBrowser.addRequestHeader("ACCEPT", "application/json");
jsonBrowser.setRedirectEnabled(true);
jsonBrowser.setUseInsecureSSL(true);
final DefaultCredentialsProvider userCredentials = new
DefaultCredentialsProvider();
userCredentials.addCredentials("someName", "somePassword");
I then browse to my web service using code like this:
xhtmlBrowser.setCredentialsProvider(userCredentials);
final WebResponse xhtmlResponse =
xhtmlBrowser.getPage("http://...";).getWebResponse();
...
jsonBrowser.setCredentialsProvider(userCredentials);
final WebResponse jsonResponse =
jsonBrowser.getPage("http://...";).getWebResponse();
...
My web service redirects to an HTTPS URI and requires HTTP Basic
Authentication (I am using Suns Jersey product
(https://jersey.dev.java.net/) to write my REST-based Web Service).
The first response (xhtmlResponse) comes back all fine and I can process
and check that the response is as I expected.
However, the second response (jsonResponse) fails with:
...
... org.apache.commons.httpclient.auth.AuthChallengeProcessor
selectAuthScheme
INFO: basic authentication scheme selected
... org.apache.commons.httpclient.HttpMethodDirector
processWWWAuthChallenge
INFO: No credentials available for BASIC 'SmartInspector'@localhost:8181
... com.gargoylesoftware.htmlunit.WebClient printContentIfNecessary
INFO: statusCode=[401] contentType=[text/html]
... com.gargoylesoftware.htmlunit.WebClient printContentIfNecessary
... HTTP Status 401 - An Authentication object was not found in the
SecurityContext
... This request requires HTTP authentication (An Authentication
object was not found in the SecurityContext).
... Sun Java System Application Server 9.1_02
If I comment out the first request like so:
// xhtmlBrowser.setCredentialsProvider(userCredentials);
// final WebResponse xhtmlResponse =
xhtmlBrowser.getPage("http://...";).getWebResponse();
// ...
jsonBrowser.setCredentialsProvider(userCredentials);
final WebResponse jsonResponse =
jsonBrowser.getPage("http://...";).getWebResponse();
...
Then the second (jsonResponse) request works just fine. I actually have
a list of four different types of browsers that I iterate through to
test that my
service works against all of them, but I have simplified the example to
illustrate the problem.
I get the same problem even if I directly browse to "https://...";
thereby avoiding the redirect from http to https by my service.
Is there some cleanup step between the two getWebResponse() calls that I
am missing or is this a bug in httpclient?
Thanks in advance,
Anjum.
_________________________________________________________________
Check out the new and improved services from Windows Live. Learn more!
http://clk.atdmt.com/UKM/go/132630768/direct/01/
