Opened 9 years ago

Closed 9 years ago

Last modified 9 years ago

#1136 closed enhancement (fixed)

Basic and digest authentication in the HTTP client (thanks Johan Lantz for the suggestion)

Reported by: bennylp Owned by: bennylp
Priority: normal Milestone: release-1.8.5
Component: pjlib-util Version: trunk
Keywords: Cc:
Backport to 1.x milestone: Backported:

Description (last modified by bennylp)

This ticket adds HTTP basic and digest authentication support to the HTTP client module in PJLIB-UTIL. With this feature, application configures the HTTP request with a credential (basically a username and password pair), and the HTTP client would retry the request with proper authorization once it receives 401 or 407 response from the server.

Specification:

  1. Support for HTTP basic and digest authentication (as explained in RFC 2617).
  2. Credential can be specified either in pj_http_req_param or embedded in the URL (i.e. using "http://user:passwd@server" format).
    • the module will remove the username and password part transmitting the URL to server
  3. Add other authentication settings in pj_http_req_param
  4. When authentication is configured, the first 401/407 response will not be reported to the application; only the final response after the request is retried will be reported to the application.
  5. The request retry (the one with Authorization header that is sent after 401/407 response is received) will be done in a new socket.
    • we will always do this even though server keeps the connection open
    • this is because some server would close the connection
    • ideally perhaps we should look at the value of Keep-Alive header returned by the server

Limitations:

  1. Only one credential may be specified at the moment.
  2. If WWW-Authenticate or Proxy-Authenticate header contains mode than one header fields, only the first one will be parsed (and subsequently, responded)

Change History (7)

comment:1 Changed 9 years ago by bennylp

  • Description modified (diff)

comment:2 Changed 9 years ago by bennylp

  • Description modified (diff)

comment:3 Changed 9 years ago by bennylp

  • Description modified (diff)

comment:4 Changed 9 years ago by bennylp

  • Resolution set to fixed
  • Status changed from new to closed

(In [3321]) Implemented and closed #1136: added HTTP authentication support

comment:5 Changed 9 years ago by bennylp

  • Summary changed from Add support for basic and digest authentication in the HTTP client (thanks Johan Lantz for the suggestion) to Basic and digest authentication in the HTTP client (thanks Johan Lantz for the suggestion)

comment:6 Changed 9 years ago by bennylp

(In [3332]) Re #1136 (Basic and digest authentication in the HTTP client): fixed error in parsing URL if the path contains at ("@") character

comment:7 Changed 9 years ago by bennylp

(In [3333]) Another fix for authentication in HTTP client (re #1136):

  • missing opaque parameter in the response
  • also replaced "\n" with "\r\n"
Note: See TracTickets for help on using tickets.