Uploaded image for project: 'HttpComponents HttpClient'
  1. HttpComponents HttpClient
  2. HTTPCLIENT-1707

Cookie value is not updated when cookie already exists during auth negotiation

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 4.3.5.1-android
    • Fix Version/s: 4.3.5.1-android
    • Component/s: Android Port
    • Labels:
      None
    • Environment:
      Android - Sharepoint and F5 in the middle

      Description

      As we hit the authenticate Uri, I think it ask for cookie and redirect to /my.policy with cookie and then during negotiation the HttpResponse ask to Set-Cookie with same name but updated value. I am not sure if this is an issue or something needs to be configured.

      Following is the communication between Android and APIs

      Request 1:

      GET https://websiteUrl/authenticate HTTP/1.1
      Accept-Charset: utf-8
      Accept-Encoding: gzip, deflate
      User-Agent: nintex-mobile-ap
      Accept-Language: en-AU
      NM_ETag: 783e6a83-670e-4b56-81eb-7584609ad0c0
      NM_LastModified: 1970-01-01T10:00:00.0000000+10:00
      Host: connectuat.snclavalinom.com
      Connection: Keep-Alive

      Response 1:

      HTTP/1.0 302 Found
      Server: BigIP
      Connection: Close
      Content-Length: 0
      Location: /my.policy
      Set-Cookie: LastMRH_Session=29c62c5b;path=/;secure
      Set-Cookie: MRHSession=22afd2631f7031af58bbc09829c62c5b;path=/;secure
      Set-Cookie: MRHSHint=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/

      Request 2:

      GET https://websiteUrl/my.policy HTTP/1.1
      Accept-Charset: utf-8
      Accept-Encoding: gzip, deflate
      User-Agent: nintex-mobile-ap
      Accept-Language: en-AU
      NM_ETag: 783e6a83-670e-4b56-81eb-7584609ad0c0
      NM_LastModified: 1970-01-01T10:00:00.0000000+10:00
      Host: connectuat.snclavalinom.com
      Connection: Keep-Alive
      Cookie: LastMRH_Session=29c62c5b; MRHSession=22afd2631f7031af58bbc09829c62c5b
      Cookie2: $Version=1

      Response 2:

      HTTP/1.1 401 Unauthorized
      Server: Apache
      Content-Type: text/html; charset=utf-8
      X-Frame-Options: DENY
      Pragma: no-cache
      Cache-Control: no-cache, must-revalidate
      Accept-Ranges: bytes
      Connection: close
      Date: Thu, 17 Dec 2015 22:16:06 GMT
      Age: 5938
      Content-Length: 304
      WWW-Authenticate: Basic realm=""
      Set-Cookie: LastMRH_Session=29c62c5b;path=/;secure
      Set-Cookie: MRHSession=f755cbe45e1b00fd8edfd41629c62c5b;path=/;secure

      Request 3:

      GET https://websiteUrl/my.policy HTTP/1.1
      Accept-Charset: utf-8
      Accept-Encoding: gzip, deflate
      User-Agent: nintex-mobile-ap
      Accept-Language: en-AU
      NM_ETag: 783e6a83-670e-4b56-81eb-7584609ad0c0
      NM_LastModified: 1970-01-01T10:00:00.0000000+10:00
      Host: connectuat.snclavalinom.com
      Connection: Keep-Alive
      Cookie: LastMRH_Session=29c62c5b; MRHSession=22afd2631f7031af58bbc09829c62c5b
      Cookie2: $Version=1
      Authorization: Basic <removed intentionality>

      Response 3:

      HTTP/1.0 302 Found
      Server: BigIP
      Connection: Close
      Content-Length: 0
      Location: /my.logout.php3?errorcode=20
      Set-Cookie: LastMRH_Session=29c62c5b;path=/;secure
      Set-Cookie: MRHSession=22afd2631f7031af58bbc09829c62c5b;path=/;secure

      This is working fine on iOS because the value of MRHSession is being updated.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                adilmughalnintex Adil Mughal
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: