rvesse commented on issue #1318: URL: https://github.com/apache/jena/issues/1318#issuecomment-1128861500
So the HTTP Authentication Challenge is coming back from whatever SPARQL server you are interacting with which you haven't specified. I'm unclear whether the individual parameter fields within the `WWW-Authenticate` header are permitted to have whitespace or not. Following the grammar an `auth-param` rule says Bad Whitespace may be present per [RFC 7230 Section 3.2.3](https://datatracker.ietf.org/doc/html/rfc7230#section-3.2.3): > The BWS rule is used where the grammar allows optional whitespace > only for historical reasons. A sender MUST NOT generate BWS in > messages. A recipient MUST parse for such bad whitespace and remove > it before interpreting the protocol element. > > OWS = *( SP / HTAB ) > ; optional whitespace > RWS = 1*( SP / HTAB ) > ; required whitespace > BWS = OWS > ; "bad" whitespace The upshot of which is servers **MUST NOT** be producing whitespace here **BUT** recipients i.e. Jena, should strip and ignore such bad whitespace. # TL;DR Yes there's a Jena bug here that the Auth header parser needs improving There's also a server bug here that the server is producing an invalid Authentication challenge which would be worth a bug filed against whatever server you are using -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
