On Wed, 2011-03-09 at 21:43 -0800, Eric Jain wrote: > According to section 4.7 in > http://hc.apache.org/httpcomponents-client-ga/tutorial/html/authentication.html, > "HttpClient automatically caches information about hosts it has > successfully authenticated with". > > Can someone confirm that this works? I tested HttpClient (4.1) using > both Digest and Basic authentication, and while both work, I noticed > that HttpClient never appears to set an Authorization header on > subsequent requests, so each request results in an initial 401 > response. > > When I access resources on the same server using a web browser > (Chrome), only one 401 response is logged, until the nonce expires. So > it doesn't look like this is a server configuration issue. > > Here is the code I used for testing (based on > http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/httpclient/src/examples/org/apache/http/examples/client/ClientPreemptiveDigestAuthentication.java): > > HttpHost targetHost = new HttpHost("test", 80, "http"); > DefaultHttpClient client = new DefaultHttpClient(); > HttpContext context = new BasicHttpContext(); > client.getCredentialsProvider().setCredentials( > new AuthScope(targetHost.getHostName(), targetHost.getPort(), "nowhere"), > new UsernamePasswordCredentials("foo", "bar")); > > // AuthCache authCache = new BasicAuthCache(); > // DigestScheme digestAuth = new DigestScheme(); > // authCache.put(targetHost, digestAuth); > // context.setAttribute(ClientContext.AUTH_CACHE, authCache); > > HttpGet get = new HttpGet("/"); > HttpResponse response = client.execute(targetHost, get, context); > System.out.println("Status: " + response.getStatusLine()); > EntityUtils.consume(response.getEntity()); > > get = new HttpGet("/baz/bah.html"); > response = client.execute(targetHost, get, context); > System.out.println("Status: " + response.getStatusLine()); > EntityUtils.consume(response.getEntity()); > > client.getConnectionManager().shutdown(); >
I just recently re-tested that particular bit of code and it worked for me (at least with BASIC auth). You may want to generate a wire / context log of the session to see whether or not auth credentials get cached. Oleg --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
