Jetty
  1. Jetty
  2. JETTY-1468

DigestAuthenticator returns '401 Unauthorized' after successful login in Ajax env.

    Details

    • Type: Bug Bug
    • Status: Resolved Resolved
    • Priority: Major Major
    • Resolution: Not A Bug
    • Affects Version/s: 7.5.2
    • Fix Version/s: None
    • Component/s: Eclipse
    • Labels:
      None
    • Environment:
      FreeBSD 8.0 + Firefox 8.0
    • Number of attachments :
      1

      Description

      Hi,

      DigestAuthenticator returns '401 Unauthorized' after successful login,
      so we have to type userid and password again and again.
      The attached files is the summary of HTTP sequence.

      . Loggedin
      . 200 OKs: for same nounce.
      . 401 Unauthorized: 5 seconds after login. 'nc' is not ordered, since this is running on Ajax.

      It seems that checkNounce() becomes to be too restrictive.

      This happnes with jetty-securiy-7.5.2, 7.5.3, 7.5.4, and does not with 7.5.1.

      Thanks,

      1. hoge2.txt
        4 kB
        Fumiyuki Shimizu

        Activity

        Hide
        Jan Bartel added a comment -

        Please see https://bugs.eclipse.org/bugs/show_bug.cgi?id=336443

        The nonce-count must be sequentially increasing.

        I suggest that your ajax solution uses only a single connection to ensure that they are ordered sequentially.

        Jan

        Show
        Jan Bartel added a comment - Please see https://bugs.eclipse.org/bugs/show_bug.cgi?id=336443 The nonce-count must be sequentially increasing. I suggest that your ajax solution uses only a single connection to ensure that they are ordered sequentially. Jan
        Jan Bartel made changes -
        Field Original Value New Value
        Status Open [ 1 ] Resolved [ 5 ]
        Resolution Not A Bug [ 6 ]

          People

          • Assignee:
            Unassigned
            Reporter:
            Fumiyuki Shimizu
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: