Index: java/org/apache/commons/httpclient/HttpMethodBase.java =================================================================== RCS file: /home/cvspublic/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpMethodBase.java,v retrieving revision 1.159.2.18 diff -u -r1.159.2.18 HttpMethodBase.java --- java/org/apache/commons/httpclient/HttpMethodBase.java 3 Nov 2003 23:21:08 -0000 1.159.2.18 +++ java/org/apache/commons/httpclient/HttpMethodBase.java 8 Dec 2003 18:07:11 -0000 @@ -75,6 +75,7 @@ import org.apache.commons.httpclient.auth.AuthenticationException; import org.apache.commons.httpclient.auth.HttpAuthenticator; import org.apache.commons.httpclient.auth.MalformedChallengeException; +import org.apache.commons.httpclient.auth.NTLMScheme; import org.apache.commons.httpclient.cookie.CookiePolicy; import org.apache.commons.httpclient.cookie.CookieSpec; import org.apache.commons.httpclient.cookie.MalformedCookieException; @@ -178,12 +179,18 @@ /** Response trailer headers, if any. */ private HeaderGroup responseTrailerHeaders = new HeaderGroup(); + /** Authentication scheme used to authenticate againt the target server */ + private AuthScheme authScheme = null; + /** Realms this method tried to authenticate to */ private Set realms = null; /** Actual authentication realm */ private String realm = null; + /** Authentication scheme used to authenticate againt the proxy server */ + private AuthScheme proxyAuthScheme = null; + /** Proxy Realms this method tried to authenticate to */ private Set proxyRealms = null; @@ -1081,6 +1088,7 @@ // Discard status line this.statusLine = null; this.connectionCloseForced = false; + cleanAuthHeaders(); //write the request and read the response, will retry processRequest(state, conn); @@ -1300,7 +1308,9 @@ path = null; followRedirects = false; doAuthentication = true; + authScheme = null; realm = null; + proxyAuthScheme = null; proxyRealm = null; queryString = null; getRequestHeaderGroup().clear(); @@ -1413,8 +1423,8 @@ HttpAuthenticator.WWW_AUTH); if (challenges.length > 0) { try { - AuthScheme authscheme = HttpAuthenticator.selectAuthScheme(challenges); - HttpAuthenticator.authenticate(authscheme, this, conn, state); + this.authScheme = HttpAuthenticator.selectAuthScheme(challenges); + HttpAuthenticator.authenticate(this.authScheme, this, conn, state); } catch (HttpException e) { // log and move on if (LOG.isErrorEnabled()) { @@ -1581,8 +1591,8 @@ HttpAuthenticator.PROXY_AUTH); if (challenges.length > 0) { try { - AuthScheme authscheme = HttpAuthenticator.selectAuthScheme(challenges); - HttpAuthenticator.authenticateProxy(authscheme, this, conn, state); + this.proxyAuthScheme = HttpAuthenticator.selectAuthScheme(challenges); + HttpAuthenticator.authenticateProxy(this.proxyAuthScheme, this, conn, state); } catch (HttpException e) { // log and move on if (LOG.isErrorEnabled()) { @@ -2461,6 +2471,19 @@ return result; } + /** + * If any of NTLM authentication headers are still there they need + * to be removed before the method is retried + */ + private void cleanAuthHeaders() { + if (this.authScheme instanceof NTLMScheme) { + removeRequestHeader(HttpAuthenticator.WWW_AUTH_RESP); + } + if (this.proxyAuthScheme instanceof NTLMScheme) { + removeRequestHeader(HttpAuthenticator.PROXY_AUTH_RESP); + } + } + /** * Processes a response that requires authentication * @@ -2535,20 +2558,22 @@ realmsUsed.add(realm); } - removeRequestHeader(HttpAuthenticator.WWW_AUTH_RESP); - removeRequestHeader(HttpAuthenticator.PROXY_AUTH_RESP); try { //remove preemptive header and reauthenticate switch (statusCode) { case HttpStatus.SC_UNAUTHORIZED: + removeRequestHeader(HttpAuthenticator.WWW_AUTH_RESP); authenticated = HttpAuthenticator.authenticate( authscheme, this, conn, state); this.realm = authscheme.getRealm(); + this.authScheme = authscheme; break; case HttpStatus.SC_PROXY_AUTHENTICATION_REQUIRED: + removeRequestHeader(HttpAuthenticator.PROXY_AUTH_RESP); authenticated = HttpAuthenticator.authenticateProxy( authscheme, this, conn, state); this.proxyRealm = authscheme.getRealm(); + this.proxyAuthScheme = authscheme; break; } } catch (AuthenticationException e) { Index: java/org/apache/commons/httpclient/auth/AuthScheme.java =================================================================== RCS file: /home/cvspublic/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/AuthScheme.java,v retrieving revision 1.4 diff -u -r1.4 AuthScheme.java --- java/org/apache/commons/httpclient/auth/AuthScheme.java 22 Apr 2003 17:00:25 -0000 1.4 +++ java/org/apache/commons/httpclient/auth/AuthScheme.java 8 Dec 2003 18:07:13 -0000 @@ -83,7 +83,7 @@ *

*

* Authentication schemes may ignore method name and URI parameters - * if they are relevant for the given authentication mechanism + * if they are not relevant for the given authentication mechanism *

* * @author Oleg Kalnichevski