Evgeny Shakin created CXF-5366:
----------------------------------
Summary: Authorization header is not set correctly in CXF HTTP
digest authentication
Key: CXF-5366
URL: https://issues.apache.org/jira/browse/CXF-5366
Project: CXF
Issue Type: Bug
Components: Core
Affects Versions: 2.7.7, 2.7.6, 2.7.5, 2.7.4
Environment: Windows 7 64 bit, Java 1.6.0_29, CXF 2.7.4, calling MS
Dynamics WS.
Reporter: Evgeny Shakin
When performing the digest HTTP authentication the generated Authorization
header is missing the "algorithm" element. Also if the algorithm is "MD5-sess"
it should appear in the Authorization header as is and not as "MD5". To get
around the issue it is possible to use a customized DigestAuthSupplier for the
affected CXF versions. The result of WS invocation without "algorithm" in the
Authorization header is 400-Bad request.
The issue relates to versions of CXF 2.7.4 and later, earlier versions work
fine.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
