Databases
StackOverflow2013
Postsdbo
POHTTPClient sends out two requests when using Basic Auth?
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POHTTPClient sends out two requests when using Basic Auth?
    text
    copied!<p>I have been using HTTPClient version 4.1.2 to try to access a REST over HTTP API that requires Basic Authentication. Here is client code:</p> <pre><code>DefaultHttpClient httpClient = new DefaultHttpClient(new ThreadSafeClientConnManager()); // Enable HTTP Basic Auth httpClient.getCredentialsProvider().setCredentials( new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT), new UsernamePasswordCredentials(this.username, this.password)); HttpHost proxy = new HttpHost(this.proxyURI.getHost(), this.proxyURI.getPort()); httpClient.getParams().setParameter(ConnRouteParams.DEFAULT_PROXY, proxy); </code></pre> <p>When I construct a <code>POST</code> request, like this:</p> <pre><code>HttpPost request = new HttpPost("http://my/url"); request.addHeader(new BasicHeader("Content-type", "application/atom+xml; type=entry")); // required by vendor request.setEntity(new StringEntity("My content")); HttpResponse response = client.execute(request); </code></pre> <p>I see in <a href="http://www.charlesproxy.com/" rel="nofollow noreferrer">Charles Proxy</a> that there are two requests being sent. One without the <code>Authorization: Basic ...</code> header and one <strong>with</strong> it. The first one fails with a 401, as you would expect, but the second goes through just fine with a 201.</p> <p>Does anyone know why this happens? Thanks!</p> <p><strong>EDIT:</strong></p> <p>I should make clear that I have already looked at <a href="https://stackoverflow.com/questions/3808928/getting-unexpected-401-from-apache-httpclient-basic-auth">this question</a>, but as you can see I set the <code>AuthScope</code> the same way and it didn't solve my problem. Also, I am creating a new <code>HttpClient</code> every time I made a request (though I use the same <code>ConnectionManager</code>), but even if I use the same <code>HttpClient</code> for multiple requests, the problem still persists.</p> <p><strong>EDIT 2:</strong></p> <p>So it looks like what @LastCoder was suggesting is the way to do. See <a href="https://stackoverflow.com/a/4328694/99971">this answer</a> to another question. The problem stems from my lack of knowledge around the HTTP spec. What I'm looking to do is called "preemptive authentication" and the <code>HttpClient</code> <a href="http://hc.apache.org/httpcomponents-client-ga/tutorial/html/authentication.html" rel="nofollow noreferrer">docs mention it here</a>. Thankfully, the answer linked to above is a much shorter and cleaner way to do it.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload