Uploaded image for project: 'Axis2-C'
  1. Axis2-C
  2. AXIS2C-716

When using basic http authentication, Authorization header should be sent with initial request

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 1.1.0
    • 1.2.0
    • core/transport
    • None
    • This should be a platform independent change.

    Description

      Currently when using basic http authentication, the Authorization header is not sent with the initial request. Instead, Axis2/C waits for the server to first send a failed authentication response with a WWW-Authenticate header. Then Axis2/C will resend the request with the required Authorization header. If the user specifies the Authorization information up front, then the Authorization header should be sent with the initial request.

      It adds unnecessary overhead to require 2 requests to be sent every time. Also in my case, my server is not sending the WWW-Authenticate, so I am unable to authenticate at this point. (Although this piece is probably a bug with my server.)

      Attachments

        Issue Links

          depends upon

          New Feature - A new feature of the product, which has yet to be developed. AXIS2C-757 allow for proxy username/password

          • Major - Major loss of function.
          • Resolved
          is related to

          New Feature - A new feature of the product, which has yet to be developed. AXIS2C-817 Ability for user to specify whether authorization headers should be sent with initial request or not.

          • Major - Major loss of function.
          • Closed

          Activity

            People

              dumindu Pallewela Perera
              mikemole Michael Mole
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: