This does appear to be fixed in 2.2.6-SNAPSHOT. I'm confused as to why
it worked with http and not https.
What's the release schedule looking like for 2.2.6?
Thanks,
Lucas Madar
On 1/13/2010 1:01 PM, Daniel Kulp wrote:
Any chance you can try this with 2.2.6-SNAPSHOT? I made some attempts with
2.2.6 to pass the auth information down further into the JDK so the JDK
algorithms may be able to use it. The primary reasons were for HTTPs proxy
support and NTLM support, but it may also apply to this.
Dan
On Tue January 12 2010 8:04:47 pm Lucas Madar wrote:
I'm trying to write a service consumer that must retrieve information
from a server with both https and digest authentication. I have no
control over the server.
After a day of playing around, CXF works... after about 30 seconds for a
very simple call. This seems to happen because in the background it is
making about 20 requests to the server with invalid authentication
information (the username it is using is not the one supplied in code,
but instead the one that Java defaults to in Java's own digest
authentication scheme). After a loop of about 20 retries, it finally
gets to the point in the cxf code where it correctly sends the
authentication information and the request succeeds. Connecting to
another webservice with http (not https) and digest authentication
appears to work correctly.
Here's a stacktrace. Apparently, calling
HttpsUrlConnectionImpl.getResponseCode() calls the next
getResponseCode(), which then submits the entire query to the server.
This query fails with "authentication failed," so internally it retries
auth, most likely a set number of times. When it finally returns,
everything works out fine.
