When I send a SOAP request using the built-in HTTP transport using HTTP-Basic authentication, the request ends up being sent two times. I've verified this with tcpmon, and I've stepped into the code to see that it's happening.
The code that's doing this is in the 1.4.0 unix release tarball, in src/core/transport/http/sender/http_sender.c at line 973 (where force_http_auth is true due to an earlier call to axis2_options_set_http_auth_info with auth type = Basic) and then later in the false branch of the check on line 995, which starts on line 1054 of http_sender.c.
The status code values from the initial calls don't seem to be checked, because they've plainly succeeded at this point.
This is a dead-in-the-water blocker for us, with a release to a client coming up in four days. I don't have the time to upgrade to 1.5.0 on all of our tested platforms (because we're shipping this on Solaris as well, and that requires some patches to Axis2/C that we've got done for 1.4.0 and will be sending in one of these days). I realize it's a bit presumptuous, but could someone suggest a patch to this that would allow me to proceed?