1 | | Add authentication support in the pjlib-util's tiny HTTP client unit. |
| 1 | This ticket adds HTTP basic and digest authentication support to the HTTP client module in PJLIB-UTIL. With this feature, application configures the HTTP request with a credential (basically a username and password pair), and the HTTP client would retry the request with proper authorization once it receives 401 or 407 response from the server. |
| 2 | |
| 3 | Specification: |
| 4 | 1. Support for HTTP basic and digest authentication (as explained in [http://tools.ietf.org/html/rfc2617 RFC 2617]). |
| 5 | 1. Credential can be specified either in {{{pj_http_req_param}}} or embedded in the URL (i.e. using "!http://user:passwd@server" format). |
| 6 | - the username and password part would need to be removed from the URL before it is transmitted to server |
| 7 | 1. Add other authentication settings in {{{pj_http_req_param}}} |
| 8 | 1. When authentication is configured, the first 401/407 response will not be reported to the application; only the final response after the request is retried will be reported to the application. |
| 9 | 1. The request retry (the one with Authorization header that is sent after 401/407 response is received) will be done in a new socket. |
| 10 | - we will always do this even though server keeps the connection open |
| 11 | - this is because some server would close the connection |
| 12 | - ideally perhaps we should look at the value of {{{Keep-Alive}}} header returned by the server |
| 13 | |
| 14 | |
| 15 | |