xmlcalabash1 icon indicating copy to clipboard operation
xmlcalabash1 copied to clipboard
verified publisher icon ndw

p:http-request does no longer handle authentication

Open bintellix opened this issue 11 years ago • 3 comments

The http-request does not handle authentication. Even if a request is filled with authentication infomation, the outgoing (raw) http request does not include the expected "Authorization" header.

The request structure looks like this:

<c:request xmlns:c="http://www.w3.org/ns/xproc-step" xmlns:cxu="http://xmlcalabash.com/ns/extensions/xmlunit" xmlns:cx="http://xmlcalabash.com/ns/extensions" xmlns:err="http://www.w3.org/ns/xproc-error" method="POST" href="https://sfglad2i.bmwgroup.net/sfglobalservices/rest/clientservice/import" auth-method="Basic" send-authorization="true" username="MyUserName" password="MyTopSecretPassword"> <c:body><mydata/></c:body> </c:request>

It was expected to have the Basic authentication header fully filed like this: Authorization: Basic ABcdlkjaUkkJuiKhghzuKHGKuNBN==

This worked fine for Calabash version 1.0.9-94. But does not work with Calabash version 1.0.16-95.

bintellix avatar Feb 20 '14 14:02 bintellix

Yes. That's all different in HttpClient V4. I'll see what I can do.

ndw avatar Mar 12 '14 01:03 ndw

This will require upgrading to a newer version of the Apache HttpClient library; that deprecates a bunch of things that HttpRequest is doing today so it'll require more effort.

ndw avatar Mar 12 '14 01:03 ndw

I can verify I am seeing the same issue. AFAIK pre-emptive authentication was supported in Apache Http-Client v3 but strangely dropped in v4. One solution would be to simply revert to v3. I have done that in another project.

Is there any news of a fix or a workaround?

bobjolliffe avatar Dec 29 '17 21:12 bobjolliffe