Tomcat not recognizing the Authorization header correctly
reinerka Apr 6, 2007 10:57 PMI've got a very strange problem on JBoss 4.0.5GA.
Sometimes the Authorization header is not recognized from a client that connects to a Servlet causing the message not to go through.
The input message I receive is:
POST /test/test HTTP/1.1 Content-Type: text/xml; charset=ISO-8859-1 Host: 24.8.57.55 User-Agent: XYZ SOAPAction: Transfer-Encoding: chunked Authorization: Digest username="user", realm="realm", algorithm="MD5", nonce="c438968cdef37b7e73428a99feb5e6d9", uri="/test/test", qop=auth, nc=00000001, cnonce="0a1b6aa33254ff169a1b947a6bdbd4c9", response="b7807de2c326469f35dcc0ed9fcdd2f6", opaque="624bdd3901492315b8642e3d330d6505" 594
When running the server the following is shown in the log file:
INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] REQUEST URI =/test/test INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] authType=null INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] characterEncoding=ISO-8859-1 INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] contentLength=-1 INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] contentType=text/xml; charset=ISO-8859-1 INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] contextPath=/dps INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] header=content-type=text/xml; charset=ISO-8859-1 INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] header=host=192.168.0.43 INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] header=user-agent=XYZ INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] header=soapaction= INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] header=transfer-encoding=chunked INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] locale=en_US INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] method=POST INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] pathInfo=null INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] protocol=HTTP/1.1 INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] queryString=null INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] remoteAddr=192.168.0.44 INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] remoteHost=192.168.0.44 INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] remoteUser=null INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] requestedSessionId=null INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] scheme=http INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] serverName=192.168.0.43 INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] serverPort=80 INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] servletPath=/test INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] isSecure=false INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] --------------------------------------------------------------- INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] --------------------------------------------------------------- INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] authType=null INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] contentLength=-1 INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] contentType=text/html;charset=utf-8 INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] header=WWW-Authenticate=Digest realm="realm", qop="auth", nonce="587a0b0f9dc6a03a8068c3b0ca45b09a", opaque="040b835c13a747365e34f239a0f69d02" INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] message=null INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] remoteUser=null INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] status=401 INFO [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost]] ===============================================================
The Authorization header is completely lost in Tomcat/Catalina.
Anybody having an idea on what is happening here?
Thanks,
Reiner