Details
-
Bug
-
Status: Resolved
-
Blocker
-
Resolution: Fixed
-
1.6.0
-
None
Description
Certain auth schemes, like NTLM, may result in an empty request (no body, content-length:0) being sent to the server first to trigger a 401 auth challenge so as not to waste bandwidth by posting the real message body twice when it knows the first request will result in an auth challenge.
Libcurl currently has a bug where it will use the specified content-length on this first request instead of sending 0, which will cause subsequent requests to fail because the message body was never sent.
Since libcurl automatically calculates the content-length based on the POST size, it's not necessary to specify it from Axis2/C. Removing this header allows libcurl to calculate the length and send the correct values during both requests.
I recommend the content-length setting code be removed because:
1. It doesn't appear to be needed
2. Curl docs do not recommend specifying a content-length header
3. It's currently the only way to get NTLM authentication working (see AXIS2C-1370)
Attachments
Attachments
Issue Links
- relates to
-
AXIS2C-1370 Axis should support libcurl's other auth types (not just basic)
-
- Open
-
