Talk:Authentication FAQ

From n² wiki

[edit] On Preemptive authentication

It does not work with DIGEST authentication, here is debug trace for a sample POST with preemptive authentication:
Running com.gridinoc.yeti.ItemTest

2007/12/10 13:37:27:991 GMT [DEBUG] DefaultHttpParams - Set parameter http.connection-manager.max-per-host = {HostConfiguration[]=16}
2007/12/10 13:37:27:991 GMT [DEBUG] DefaultHttpParams - Set parameter http.connection-manager.max-total = 64
2007/12/10 13:37:27:991 GMT [DEBUG] DefaultHttpParams - Set parameter http.protocol.version = HTTP/1.1
2007/12/10 13:37:27:991 GMT [DEBUG] DefaultHttpParams - Set parameter http.socket.timeout = 1000
2007/12/10 13:37:27:992 GMT [DEBUG] DefaultHttpParams - Set parameter http.protocol.element-charset = UTF-8
2007/12/10 13:37:27:992 GMT [DEBUG] DefaultHttpParams - Set parameter http.protocol.content-charset = UTF-8
2007/12/10 13:37:27:992 GMT [DEBUG] DefaultHttpParams - Set parameter http.useragent = Mozilla/5.0 (compatible; yeti/1.0 +http://purl.org/net/yeti)
2007/12/10 13:37:27:993 GMT [DEBUG] DefaultHttpParams - Set parameter http.protocol.expect-continue = true
2007/12/10 13:37:27:993 GMT [DEBUG] DefaultHttpParams - Set parameter http.tcp.nodelay = true

2007/12/10 13:37:28:003 GMT [DEBUG] DefaultHttpParams - Set parameter http.authentication.preemptive = true
2007/12/10 13:37:28:003 GMT [DEBUG] HttpMethodDirector - Preemptively sending default basic credentials
2007/12/10 13:37:28:004 GMT [DEBUG] HttpMethodDirector - Authenticating with BASIC <any realm>@api.talis.com:80
2007/12/10 13:37:28:004 GMT [DEBUG] HttpMethodParams - Credential charset not configured, using HTTP element charset

2007/12/10 13:37:28:007 GMT [DEBUG] HttpConnection - Open connection to api.talis.com:80
2007/12/10 13:37:28:032 GMT [DEBUG] header - >> "POST /stores/lgridinoc-dev1/items HTTP/1.1[\r][\n]"
2007/12/10 13:37:28:033 GMT [DEBUG] HttpMethodBase - Adding Host request header

2007/12/10 13:37:28:033 GMT [DEBUG] header - >> "Authorization: Basic bGdya…eHFoeXg=[\r][\n]"

2007/12/10 13:37:28:033 GMT [DEBUG] header - >> "User-Agent: Mozilla/5.0 (compatible; yeti/1.0 +http://purl.org/net/yeti)[\r][\n]"
2007/12/10 13:37:28:034 GMT [DEBUG] header - >> "Host: api.talis.com[\r][\n]"
2007/12/10 13:37:28:034 GMT [DEBUG] header - >> "Expect: 100-continue[\r][\n]"
2007/12/10 13:37:28:036 GMT [DEBUG] header - >> "Content-Length: 11[\r][\n]"
2007/12/10 13:37:28:036 GMT [DEBUG] header - >> "Content-Type: text/plain[\r][\n]"
2007/12/10 13:37:28:036 GMT [DEBUG] header - >> "[\r][\n]"
2007/12/10 13:37:28:062 GMT [DEBUG] header - << "HTTP/1.1 100 Continue[\r][\n]"
2007/12/10 13:37:28:062 GMT [DEBUG] header - << "HTTP/1.1 100 Continue[\r][\n]"
2007/12/10 13:37:28:062 GMT [DEBUG] header - << "[\r][\n]"
2007/12/10 13:37:28:063 GMT [DEBUG] HttpMethodBase - OK to continue received
2007/12/10 13:37:28:063 GMT [DEBUG] EntityEnclosingMethod - Request body sent

2007/12/10 13:37:28:998 GMT [DEBUG] header - << "HTTP/1.1 401 Unauthorized[\r][\n]"
2007/12/10 13:37:28:999 GMT [DEBUG] header - << "HTTP/1.1 401 Unauthorized[\r][\n]"
2007/12/10 13:37:28:999 GMT [DEBUG] header - << "Date: Mon, 10 Dec 2007 13:37:26 GMT[\r][\n]"
2007/12/10 13:37:29:000 GMT [DEBUG] header - << "WWW-Authenticate: Digest realm="bigfoot", domain="null", nonce="vUBGxBYBAADnLdPVjQwnYraq55S88bNP", algorithm=MD5, qop="auth"[\r][\n]"
2007/12/10 13:37:29:000 GMT [DEBUG] header - << "Content-Type: text/plain; charset=UTF-8[\r][\n]"
2007/12/10 13:37:29:001 GMT [DEBUG] header - << "Content-Length: 12[\r][\n]"
2007/12/10 13:37:29:001 GMT [DEBUG] header - << "Connection: close[\r][\n]"
2007/12/10 13:37:29:002 GMT [DEBUG] header - << "[\r][\n]"

2007/12/10 13:37:29:002 GMT [DEBUG] HttpMethodDirector - Authorization required
2007/12/10 13:37:29:002 GMT [DEBUG] AuthChallengeProcessor - Supported authentication schemes in the order of preference: [ntlm, digest, basic]
2007/12/10 13:37:29:002 GMT [DEBUG] AuthChallengeProcessor - Challenge for ntlm authentication scheme not available
2007/12/10 13:37:29:002 GMT [INFO] AuthChallengeProcessor - digest authentication scheme selected
2007/12/10 13:37:29:003 GMT [DEBUG] AuthChallengeProcessor - Using authentication scheme: digest
2007/12/10 13:37:29:003 GMT [DEBUG] AuthChallengeProcessor - Authorization challenge processed
2007/12/10 13:37:29:003 GMT [DEBUG] HttpMethodDirector - Authentication scope: DIGEST 'bigfoot'@api.talis.com:80
2007/12/10 13:37:29:003 GMT [DEBUG] HttpMethodDirector - Retry authentication

2007/12/10 13:37:29:003 GMT [DEBUG] HttpMethodBase - Should close connection in response to directive: close
2007/12/10 13:37:29:004 GMT [DEBUG] HttpConnection - Connection is locked.  Call to releaseConnection() ignored.

2007/12/10 13:37:29:004 GMT [DEBUG] HttpMethodDirector - Authenticating with DIGEST 'bigfoot'@api.talis.com:80
2007/12/10 13:37:29:004 GMT [DEBUG] HttpMethodParams - Credential charset not configured, using HTTP element charset
2007/12/10 13:37:29:004 GMT [DEBUG] DigestScheme - Using qop method auth
2007/12/10 13:37:29:005 GMT [DEBUG] HttpConnection - Open connection to api.talis.com:80
2007/12/10 13:37:29:036 GMT [DEBUG] header - >> "POST /stores/lgridinoc-dev1/items HTTP/1.1[\r][\n]"
2007/12/10 13:37:29:037 GMT [DEBUG] HttpMethodBase - Adding Host request header
2007/12/10 13:37:29:037 GMT [DEBUG] header - >> "User-Agent: Mozilla/5.0 (compatible; yeti/1.0 +http://purl.org/net/yeti)[\r][\n]"
2007/12/10 13:37:29:038 GMT [DEBUG] header - >> "Expect: 100-continue[\r][\n]"
2007/12/10 13:37:29:038 GMT [DEBUG] header - >> "Content-Length: 11[\r][\n]"
2007/12/10 13:37:29:039 GMT [DEBUG] header - >> "Content-Type: text/plain[\r][\n]"
2007/12/10 13:37:29:040 GMT [DEBUG] header - >> "Authorization: Digest username="lgridinoc", realm="bigfoot", nonce="vUBGxBYBAADnLdPVjQwnYraq55S88bNP", uri="/stores/lgridinoc-dev1/items", response="119b8c2…36576f", qop=auth, nc=00000001, cnonce="8abd41d…ead626669e", algorithm="MD5"[\r][\n]"
2007/12/10 13:37:29:040 GMT [DEBUG] header - >> "Host: api.talis.com[\r][\n]"
2007/12/10 13:37:29:040 GMT [DEBUG] header - >> "[\r][\n]"
2007/12/10 13:37:29:082 GMT [DEBUG] header - << "HTTP/1.1 100 Continue[\r][\n]"
2007/12/10 13:37:29:082 GMT [DEBUG] header - << "HTTP/1.1 100 Continue[\r][\n]"
2007/12/10 13:37:29:082 GMT [DEBUG] header - << "[\r][\n]"
2007/12/10 13:37:29:082 GMT [DEBUG] HttpMethodBase - OK to continue received
2007/12/10 13:37:29:082 GMT [DEBUG] EntityEnclosingMethod - Request body sent
2007/12/10 13:37:29:841 GMT [DEBUG] header - << "HTTP/1.1 201 Created[\r][\n]"
2007/12/10 13:37:29:841 GMT [DEBUG] header - << "HTTP/1.1 201 Created[\r][\n]"
2007/12/10 13:37:29:841 GMT [DEBUG] header - << "Date: Mon, 10 Dec 2007 13:37:27 GMT[\r][\n]"
2007/12/10 13:37:29:841 GMT [DEBUG] header - << "Server: Bigfoot/6.352.20911[\r][\n]"
2007/12/10 13:37:29:841 GMT [DEBUG] header - << "Cache-Control: max-age=7200, must-revalidate[\r][\n]"
2007/12/10 13:37:29:842 GMT [DEBUG] header - << "Location: http://api.talis.com/stores/lgridinoc-dev1/items/c53d581d-66df-4ec3-87ce-2a6f4931ccbf[\r][\n]"
2007/12/10 13:37:29:842 GMT [DEBUG] header - << "Content-Length: 0[\r][\n]"
2007/12/10 13:37:29:842 GMT [DEBUG] header - << "Connection: close[\r][\n]"
2007/12/10 13:37:29:842 GMT [DEBUG] header - << "Content-Type: text/plain; charset=UTF-8[\r][\n]"
2007/12/10 13:37:29:842 GMT [DEBUG] header - << "[\r][\n]"
2007/12/10 13:37:29:842 GMT [DEBUG] HttpMethodBase - Should close connection in response to directive: close
2007/12/10 13:37:29:843 GMT [DEBUG] HttpConnection - Releasing connection back to connection manager.

Created http://api.talis.com/stores/lgridinoc-dev1/items/c53d581d-66df-4ec3-87ce-2a6f4931ccbf
It fails on BASIC and does the job with DIGEST. --Laurian 14:23, 10 December 2007 (UTC)
Retrieved from "http://n2.talis.com/wiki/Talk:Authentication_FAQ"
Talk:Authentication FAQ

From n² wiki

[edit] On Preemptive authentication

Views

Personal tools

Navigation

Search

Toolbox
