Hi, we are developing a fulltracks rest service using pylons, and we need to control the access to our service using digest authentication, but we detect a problem with the urls containing some special character like %20. All the urls are validated correctly with digest but when in the uri appears some special character, the authentication fails every time. These are the headers for the two tests we made:
1) Headers without any special character (uri="/artists/Madonna/albums/ Jump"): http://devel.dis.ct:5000/artists/Madonna/albums/Jump GET /artists/Madonna/albums/Jump HTTP/1.1 Host: devel.dis.ct:5000 User-Agent: Mozilla/5.0 (X11; U; Linux i686; ca; rv:1.9.0.9) Gecko/ 2009042115 Fedora/3.0.9-1.fc10 Firefox/3.0.9 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/ *;q=0.8 Accept-Language: ca,en-us;q=0.7,en;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Referer: http://devel.dis.ct:5000/artists/madonna/albums HTTP/1.x 401 Unauthorized Server: PasteWSGIServer/0.5 Python/2.5.2 Date: Thu, 23 Apr 2009 11:43:35 GMT WWW-Authenticate: Digest nonce="81fd8fe59d3093f5cd6754c216b6a691", opaque="24f8a3f3ffeb65f607f526ce049ff613", realm="fulltracksrest", qop="auth" Content-Type: text/html Connection: close ---------------------------------------------------------- http://devel.dis.ct:5000/artists/Madonna/albums/Jump GET /artists/Madonna/albums/Jump HTTP/1.1 Host: devel.dis.ct:5000 User-Agent: Mozilla/5.0 (X11; U; Linux i686; ca; rv:1.9.0.9) Gecko/ 2009042115 Fedora/3.0.9-1.fc10 Firefox/3.0.9 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/ *;q=0.8 Accept-Language: ca,en-us;q=0.7,en;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Referer: http://devel.dis.ct:5000/artists/madonna/albums Authorization: Digest username="fulltracksrest", realm="fulltracksrest", nonce="81fd8fe59d3093f5cd6754c216b6a691", uri="/artists/Madonna/albums/Jump", response="3ede27e69cdef6f151df34092812577d", opaque="24f8a3f3ffeb65f607f526ce049ff613", qop=auth, nc=00000001, cnonce="25688454bbdc2b73" HTTP/1.x 200 OK Server: PasteWSGIServer/0.5 Python/2.5.2 Date: Thu, 23 Apr 2009 11:43:37 GMT Content-Type: text/html; charset=utf-8 Pragma: no-cache Cache-Control: no-cache Content-Length: 696 1) Headers without some special character (uri="/artists/Madonna/ albums/Get%20Together"): http://devel.dis.ct:5000/artists/Madonna/albums/Get%20Together GET /artists/Madonna/albums/Get%20Together HTTP/1.1 Host: devel.dis.ct:5000 User-Agent: Mozilla/5.0 (X11; U; Linux i686; ca; rv:1.9.0.9) Gecko/ 2009042115 Fedora/3.0.9-1.fc10 Firefox/3.0.9 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/ *;q=0.8 Accept-Language: ca,en-us;q=0.7,en;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Referer: http://devel.dis.ct:5000/artists/madonna/albums Authorization: Digest username="fulltracksrest", realm="fulltracksrest", nonce="81fd8fe59d3093f5cd6754c216b6a691", uri="/artists/Madonna/albums/Get%20Together", response="66790e79267339ea7a350161424ee6a7", opaque="24f8a3f3ffeb65f607f526ce049ff613", qop=auth, nc=00000003, cnonce="bb1cae0aa112008b" HTTP/1.x 401 Unauthorized Server: PasteWSGIServer/0.5 Python/2.5.2 Date: Thu, 23 Apr 2009 11:44:57 GMT WWW-Authenticate: Digest nonce="90cb88613731aeffb828f17bf9054220", opaque="bf6fa6be063aec25e7e49f70893786fd", realm="fulltracksrest", qop="auth" Content-Type: text/html Connection: close We try to change digest authentication to cookie authentication, the problem disapear and all urls were running fine. I think that maybe can be a authkit bug. Anybody can help me? Thanks for your help! Ernest --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
