Affects Version/s: 4.3.6
Fix Version/s: None
Component/s: HttpClient (classic)
When upgrading from HTTPClient version 4.2.x to 4.3.6 we recognized that cookies are no longer handled during e.g. DIGEST authentication. This causes the authentication to fail in our cluster environment where a cookie is returned by the load balancer in front used to ensure that all request which are part of the DIGEST handshake will be routed to the same cluster instance (which is crucial for the handshake to succeed!).
From top of my head I remember to have seen a comment somewhere which stated that cookies are assumed to be issued by a server after authentication succeeded.
From our point of view this assumption is not valid as mentioned before.
As a workaround we registered a custom target authentication strategy implementation as follows:
which is more a kind of hack...
Please check whether it is possible to add support for cookies during authentication again so that we do not have to apply the workaround again for each new version.