-
Type:
Bug
-
Status: Open
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: 5.0 Beta3
-
Fix Version/s: Stuck
-
Component/s: HttpClient (Windows)
-
Labels:
'WindowsNegotiateScheme.processChallenge' requires the value of an AuthChallenge to be present on any invocation, as it requires the GSSAPI-Data to perform the authentication process.
But the "WWW-Authenticate"-header of the initial "401 Unauthorized" response does not contain any GSSAPI-Data (see RFC4559, Section 4.1, first paragraph).
'WindowsNegotiateScheme.generateAuthResponse' correctly handles the initial case, as it does not require any challenge to be present.