I tested with Basic Authentication and Cookie Authentication and I don't have any problem, all urls are running correctly. Urls tested with basic and cookie authentication are: /artists/u2/albums/Achtung%2BBaby, /artists/U2/albums/October and /artists/Juanes/albums/Me%2BEnamora%2B%252FFijate%2BBien, /artists/Madonna/albums/I%25C2%25B4m%2Bgoing%2Bto%2Btell%2Byou%2Ba%2Bsecret ...
I think that is a digest implementation problem because when in the uri param appears any special character (with % character) doesn't works. Thanks for your help! Ernest Thanks for 2009/4/26 Jason Reid <[email protected]> > > Do you get the same problems when you use Basic Authentication? > > On Apr 25, 4:48 am, eRnest FE <[email protected]> wrote: > > Hi Jason, > > > > thanks for your help, I change space characters with '+' character but I > > have the same problem because into our albums name we have some albums > with > > '/' character inside and we need to convert to '%2F'. We have the same > > problem with all other special characters when we make a quote_plus to > > convert the strings. > > > > Thanks! > > Ernest > > > > 2009/4/24 Jason Reid <[email protected]> > > > > > > > > > You could get rid of that special character. I beleive that is a > > > space. You should never use spaces in your URL. THey are okay as GET > > > parameters but shouldn't really be apart of your URL. > > > > > Try making it so instead of a space you enter get-together (this is > > > the way most sites represent spaces; ie wordpress). Then in your > > > controller you can just replace the `-` out for a space. > > > > > On Apr 23, 7:56 am, eRnest <[email protected]> wrote: > > > > Hi, > > > > > > we are developing a fulltracks rest service using pylons, and we need > > > > to control the access to our service using digest authentication, but > > > > we detect a problem with the urls containing some special character > > > > like %20. All the urls are validated correctly with digest but when > in > > > > the uri appears some special character, the authentication fails > every > > > > time. These are the headers for the two tests we made: > > > > > > 1) Headers without any special character > (uri="/artists/Madonna/albums/ > > > > Jump"): > > > > > >http://devel.dis.ct:5000/artists/Madonna/albums/Jump > > > > > > GET /artists/Madonna/albums/Jump HTTP/1.1 > > > > Host: devel.dis.ct:5000 > > > > User-Agent: Mozilla/5.0 (X11; U; Linux i686; ca; rv:1.9.0.9) Gecko/ > > > > 2009042115 Fedora/3.0.9-1.fc10 Firefox/3.0.9 > > > > Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/ > > > > *;q=0.8 > > > > Accept-Language: ca,en-us;q=0.7,en;q=0.3 > > > > Accept-Encoding: gzip,deflate > > > > Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 > > > > Keep-Alive: 300 > > > > Connection: keep-alive > > > > Referer:http://devel.dis.ct:5000/artists/madonna/albums > > > > > > HTTP/1.x 401 Unauthorized > > > > Server: PasteWSGIServer/0.5 Python/2.5.2 > > > > Date: Thu, 23 Apr 2009 11:43:35 GMT > > > > WWW-Authenticate: Digest nonce="81fd8fe59d3093f5cd6754c216b6a691", > > > > opaque="24f8a3f3ffeb65f607f526ce049ff613", realm="fulltracksrest", > > > > qop="auth" > > > > Content-Type: text/html > > > > Connection: close > > > > ---------------------------------------------------------- > > >http://devel.dis.ct:5000/artists/Madonna/albums/Jump > > > > > > GET /artists/Madonna/albums/Jump HTTP/1.1 > > > > Host: devel.dis.ct:5000 > > > > User-Agent: Mozilla/5.0 (X11; U; Linux i686; ca; rv:1.9.0.9) Gecko/ > > > > 2009042115 Fedora/3.0.9-1.fc10 Firefox/3.0.9 > > > > Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/ > > > > *;q=0.8 > > > > Accept-Language: ca,en-us;q=0.7,en;q=0.3 > > > > Accept-Encoding: gzip,deflate > > > > Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 > > > > Keep-Alive: 300 > > > > Connection: keep-alive > > > > Referer:http://devel.dis.ct:5000/artists/madonna/albums > > > > Authorization: Digest username="fulltracksrest", > > > > realm="fulltracksrest", nonce="81fd8fe59d3093f5cd6754c216b6a691", > > > > uri="/artists/Madonna/albums/Jump", > > > > response="3ede27e69cdef6f151df34092812577d", > > > > opaque="24f8a3f3ffeb65f607f526ce049ff613", qop=auth, nc=00000001, > > > > cnonce="25688454bbdc2b73" > > > > > > HTTP/1.x 200 OK > > > > Server: PasteWSGIServer/0.5 Python/2.5.2 > > > > Date: Thu, 23 Apr 2009 11:43:37 GMT > > > > Content-Type: text/html; charset=utf-8 > > > > Pragma: no-cache > > > > Cache-Control: no-cache > > > > Content-Length: 696 > > > > > > 1) Headers without some special character (uri="/artists/Madonna/ > > > > albums/Get%20Together"): > > > > > >http://devel.dis.ct:5000/artists/Madonna/albums/Get%20Together > > > > > > GET /artists/Madonna/albums/Get%20Together HTTP/1.1 > > > > Host: devel.dis.ct:5000 > > > > User-Agent: Mozilla/5.0 (X11; U; Linux i686; ca; rv:1.9.0.9) Gecko/ > > > > 2009042115 Fedora/3.0.9-1.fc10 Firefox/3.0.9 > > > > Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/ > > > > *;q=0.8 > > > > Accept-Language: ca,en-us;q=0.7,en;q=0.3 > > > > Accept-Encoding: gzip,deflate > > > > Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 > > > > Keep-Alive: 300 > > > > Connection: keep-alive > > > > Referer:http://devel.dis.ct:5000/artists/madonna/albums > > > > Authorization: Digest username="fulltracksrest", > > > > realm="fulltracksrest", nonce="81fd8fe59d3093f5cd6754c216b6a691", > > > > uri="/artists/Madonna/albums/Get%20Together", > > > > response="66790e79267339ea7a350161424ee6a7", > > > > opaque="24f8a3f3ffeb65f607f526ce049ff613", qop=auth, nc=00000003, > > > > cnonce="bb1cae0aa112008b" > > > > > > HTTP/1.x 401 Unauthorized > > > > Server: PasteWSGIServer/0.5 Python/2.5.2 > > > > Date: Thu, 23 Apr 2009 11:44:57 GMT > > > > WWW-Authenticate: Digest nonce="90cb88613731aeffb828f17bf9054220", > > > > opaque="bf6fa6be063aec25e7e49f70893786fd", realm="fulltracksrest", > > > > qop="auth" > > > > Content-Type: text/html > > > > Connection: close > > > > > > We try to change digest authentication to cookie authentication, the > > > > problem disapear and all urls were running fine. I think that maybe > > > > can be a authkit bug. Anybody can help me? > > > > > > Thanks for your help! > > > > Ernest > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
