[
https://issues.apache.org/jira/browse/IVY-1280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16348530#comment-16348530
]
ASF GitHub Bot commented on IVY-1280:
-------------------------------------
Github user twogee commented on the issue:
https://github.com/apache/ant-ivy/pull/64
Looking at
[examples](https://github.com/apache/httpcomponents-client/blob/4.6.x/httpclient/src/examples/org/apache/http/examples/client/ClientPreemptiveDigestAuthentication.java),
digest authentication uses the same cache, only sets a different scheme.
> Ivy does not keep track of HTTP session when BASIC authentication is used
> -------------------------------------------------------------------------
>
> Key: IVY-1280
> URL: https://issues.apache.org/jira/browse/IVY-1280
> Project: Ivy
> Issue Type: Improvement
> Components: Core
> Affects Versions: 2.2.0
> Environment: Any
> Reporter: Anders Jacobsson
> Priority: Minor
>
> When publishing through <ant:publish>, each PUT request towards the URL
> resolver (Artifactory, protected with BASIC authentication) seems to be
> duplicated, the first request without any authorization header and the second
> one with. This creates unnecessary network traffic and increases build time.
> Ivy should keep track of any established HTTP session and reuse that one,
> i.e. only the very first request is duplicated.
> I am using Commons HttpClient.
> An alternative would be to expose preemptive authentication so that it is
> configurable. It is less secure but still useful as it would probably mostly
> be used for internal resolvers.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
