+1 for resolving this or an explanation
I had the exact same experience and eventually changed my code to
perform the digest auth on each request.
Chris Colvard
Variations on Video
Indiana University
On 3/15/12 7:46 AM, Rubén Pérez wrote:
Hello list,
We've been extensively using the Digest authentication with Matterhorn
to integrate our home-made systems, particularly the Galicaster
Capturer. However, we've seen that we are somehow unable to
authenticate with the 1.3 release candidate.
This is an example script we are using for testing:
echo
"---------------------------------------------------------------------------------------------------------------------------------------------"
echo
"-----------/welcome.html---------------------------------------------------------------------------------------------------------------------"
echo
"---------------------------------------------------------------------------------------------------------------------------------------------"
curl -v -c cookies.txt $server"/welcome.html" \
--get -H "X-Requested-Auth: Digest" \
--digest --user $username:$password \
echo
"---------------------------------------------------------------------------------------------------------------------------------------------"
echo
"-----------/info/me.json--------------------------------------------------------------------------------------------------------------------"
echo
"---------------------------------------------------------------------------------------------------------------------------------------------"
curl -v -b cookies.txt $server"/info/me.json"
, where me.json could be any other Matterhorn endpoint.
What happened in 1.2 is that we could use the cookie received in the
"welcome.html" part to access to any other endpoints without further
authentication. However, in 1.3 we DO get a cookie and the resource
(the welcome.html page), but we remain being an anonymous user. That
is surprising, because anonymous users are not supposed to log in the
welcome page.
On the other hand, we have seen that the integration tests perform the
authentication process every time they call an endpoint, instead of
obtaining a SESSIONID cookie once and then using it in the following
calls (perhaps the http client tries, the authentication fails and it
logs in again).
I can't think of substantial changes in the authentication policy
right now, but I'd be glad to hear from you if this is an intended
behavior, if others can reproduce that problem and if you know of some
changes in the code that may have caused this issue.
Thanks in advance for you input
Rubén
_______________________________________________
Matterhorn mailing list
[email protected]
http://lists.opencastproject.org/mailman/listinfo/matterhorn
To unsubscribe please email
[email protected]
_______________________________________________
_______________________________________________
Matterhorn mailing list
[email protected]
http://lists.opencastproject.org/mailman/listinfo/matterhorn
To unsubscribe please email
[email protected]
_______________________________________________
