[jboss-user] [Tomcat, HTTPD, Servlets & JSP] - Tomcat not recognizing the Authorization header correctly

reinerka do-not-reply at jboss.com
Fri Apr 6 22:57:27 EDT 2007 

I've got a very strange problem on JBoss 4.0.5GA.

Sometimes the Authorization header is not recognized from a client that connects to a Servlet causing the message not to go through.

The input message I receive is:


  | POST
  |  /test/test HTTP/1.1
  | Content-Type: text/xml; charset=ISO-8859-1
  | Host: 24.8.57.55
  | User-Agent: XYZ
  | SOAPAction:
  | Transfer-Encoding: chunked
  | Authorization: Digest username="user", realm="realm", algorithm="MD5", nonce="c438968cdef37b7e73428a99feb5e6d9", uri="/test/test", qop=auth, nc=00000001, cnonce="0a1b6aa33254ff169a1b947a6bdbd4c9", response="b7807de2c326469f35dcc0ed9fcdd2f6", opaque="624bdd3901492315b8642e3d330d6505"
  | 
  | 
  | 594
  | 
  | 

When running the server the following is shown in the log file:


  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] REQUEST URI       =/test/test
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]           authType=null
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]  characterEncoding=ISO-8859-1
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]      contentLength=-1
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]        contentType=text/xml; charset=ISO-8859-1
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]        contextPath=/dps
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]             header=content-type=text/xml; charset=ISO-8859-1
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]             header=host=192.168.0.43
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]             header=user-agent=XYZ
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]             header=soapaction=
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]             header=transfer-encoding=chunked
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]             locale=en_US
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]             method=POST
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]           pathInfo=null
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]           protocol=HTTP/1.1
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]        queryString=null
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]         remoteAddr=192.168.0.44
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]         remoteHost=192.168.0.44
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]         remoteUser=null
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] requestedSessionId=null
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]             scheme=http
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]         serverName=192.168.0.43
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]         serverPort=80
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]        servletPath=/test
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]           isSecure=false
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] ---------------------------------------------------------------
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] ---------------------------------------------------------------
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]           authType=null
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]      contentLength=-1
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]        contentType=text/html;charset=utf-8
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]             header=WWW-Authenticate=Digest realm="realm", qop="auth", nonce="587a0b0f9dc6a03a8068c3b0ca45b09a", opaque="040b835c13a747365e34f239a0f69d02"
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]            message=null
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]         remoteUser=null
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]]             status=401
  | INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] ===============================================================
  | 

The Authorization header is completely lost in Tomcat/Catalina.

Anybody having an idea on what is happening here?

Thanks,
Reiner

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4035489#4035489

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4035489

More information about the jboss-user mailing list