Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
4.4.5
-
None
Description
Hi,
I'm not sure if this is a problem with HttpClient itself or with Squid (3.3.8) proxy server, but maybe you could please advise.
Our client application first sends a HEAD request for NTLM authentication with the proxy and then re-uses the execution context as described in https://hc.apache.org/httpcomponents-client-ga/tutorial/html/authentication.html for the following POST requests.
Using more recent versions of Tomcat on the server-side, re-using the execution context does not work anymore, the NTLM authentication negotiate-challenge is repeated forever and following POST requests with chunked transfer-encoding don't work since they are interrupted by the authentication challenge.
I figured out the difference betweeen newer and older Tomcat versions and found the reason: previously, Tomcat automatically added a "Content-Length: 0" header to the reponse of HEAD requests. With "Bug 59310 - Content-Length of HEAD requests incorrectly computed as 0" (https://bz.apache.org/bugzilla/show_bug.cgi?id=59310), this behavior was changed and without this header, NTLM connections to the proxy don't persist anymore.
As the content-length header is optional in a response to a HEAD request (RFC 7230), the problem must be either in HttpClient or Squid proxy.
Thanks in advance!
Best regards
Reinhold