[Mono-list] Basic Authentication

[Helge Hess]

Hi,

On 31.10.2003, at 17:54, Helge Hess wrote:
> is HttpWebRequest basic authentication supposed to work with Mono 
> 0.28? I somehow don't get this working:
...
> Does anyone has a small example which works with Mono and does 
> authenticate against a webserver? Doesn't necessarily need to be 
> PreAuthenticate, a 401/200 loop would be fine as well.

OK, I tracked down the issue a bit. Basic-Auth of course works with 
HTTP GET, I have working examples with that (thanks Chris). The issue 
is raised with HTTP POST and some weird HTTP/1.1 - 1.0 interaction.

Mono generates this:
---snip---
POST /RPC2 HTTP/1.1
...
Expect: 100-continue

<?xml version='1.0'?>
<a></a>
---snap---

and my server reponds that:
---snip---
HTTP/1.0 401 Authorization Required
www-authenticate: basic realm="SKYRiX"
content-length: 0
---snap---

which makes Mono "hang":
---snip---
END: SendRequestHeaders: System.Net.HttpWebRequest
nread == 0: may be the connection was closed?
System.Exception: Exception occured while sending request. ---> 
System.Net.WebException: The request timed out
in <0x001de> System.Net.HttpWebRequest:EndGetResponse 
(System.IAsyncResult)
in <0x000fb> System.Net.HttpWebRequest:GetResponse ()
in <0x001ca> .httpclient:Main ()
--- End of inner exception stack trace ---
in <0x002e6> .httpclient:Main ()
---snap---

I'm not yet sure what the intended behaviour is according to the 
HTTP/1.1 spec, but I guess as soon as I say that I'm HTTP/1.0, Mono 
should not continue doing 100-continue processing and at least should 
print a warning or something?
I _think_ (not sure) that I'm not doing anything illegal in my 
response, so I prefer blaming Mono ;-)

Anyway, in the meantime I'll try to add 100-continue processing (which 
obviously makes sense for protected resources ;-) to my HTTP 
implementation, maybe this makes the issue mood (at least for me, 
others will probably stumble over the issue as well ...)

regards,
   Helge
-- 
OpenGroupware.org
http://www.opengroupware.org/