Uploaded image for project: 'HttpComponents HttpClient'
  1. HttpComponents HttpClient
  2. HTTPCLIENT-1707

Cookie value is not updated when cookie already exists during auth negotiation

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 4.3.5.1-android
    • 4.3.5.1-android
    • Android Port
    • None
    • Android - Sharepoint and F5 in the middle

    Description

      As we hit the authenticate Uri, I think it ask for cookie and redirect to /my.policy with cookie and then during negotiation the HttpResponse ask to Set-Cookie with same name but updated value. I am not sure if this is an issue or something needs to be configured.

      Following is the communication between Android and APIs

      Request 1:

      GET https://websiteUrl/authenticate HTTP/1.1
      Accept-Charset: utf-8
      Accept-Encoding: gzip, deflate
      User-Agent: nintex-mobile-ap
      Accept-Language: en-AU
      NM_ETag: 783e6a83-670e-4b56-81eb-7584609ad0c0
      NM_LastModified: 1970-01-01T10:00:00.0000000+10:00
      Host: connectuat.snclavalinom.com
      Connection: Keep-Alive

      Response 1:

      HTTP/1.0 302 Found
      Server: BigIP
      Connection: Close
      Content-Length: 0
      Location: /my.policy
      Set-Cookie: LastMRH_Session=29c62c5b;path=/;secure
      Set-Cookie: MRHSession=22afd2631f7031af58bbc09829c62c5b;path=/;secure
      Set-Cookie: MRHSHint=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/

      Request 2:

      GET https://websiteUrl/my.policy HTTP/1.1
      Accept-Charset: utf-8
      Accept-Encoding: gzip, deflate
      User-Agent: nintex-mobile-ap
      Accept-Language: en-AU
      NM_ETag: 783e6a83-670e-4b56-81eb-7584609ad0c0
      NM_LastModified: 1970-01-01T10:00:00.0000000+10:00
      Host: connectuat.snclavalinom.com
      Connection: Keep-Alive
      Cookie: LastMRH_Session=29c62c5b; MRHSession=22afd2631f7031af58bbc09829c62c5b
      Cookie2: $Version=1

      Response 2:

      HTTP/1.1 401 Unauthorized
      Server: Apache
      Content-Type: text/html; charset=utf-8
      X-Frame-Options: DENY
      Pragma: no-cache
      Cache-Control: no-cache, must-revalidate
      Accept-Ranges: bytes
      Connection: close
      Date: Thu, 17 Dec 2015 22:16:06 GMT
      Age: 5938
      Content-Length: 304
      WWW-Authenticate: Basic realm=""
      Set-Cookie: LastMRH_Session=29c62c5b;path=/;secure
      Set-Cookie: MRHSession=f755cbe45e1b00fd8edfd41629c62c5b;path=/;secure

      Request 3:

      GET https://websiteUrl/my.policy HTTP/1.1
      Accept-Charset: utf-8
      Accept-Encoding: gzip, deflate
      User-Agent: nintex-mobile-ap
      Accept-Language: en-AU
      NM_ETag: 783e6a83-670e-4b56-81eb-7584609ad0c0
      NM_LastModified: 1970-01-01T10:00:00.0000000+10:00
      Host: connectuat.snclavalinom.com
      Connection: Keep-Alive
      Cookie: LastMRH_Session=29c62c5b; MRHSession=22afd2631f7031af58bbc09829c62c5b
      Cookie2: $Version=1
      Authorization: Basic <removed intentionality>

      Response 3:

      HTTP/1.0 302 Found
      Server: BigIP
      Connection: Close
      Content-Length: 0
      Location: /my.logout.php3?errorcode=20
      Set-Cookie: LastMRH_Session=29c62c5b;path=/;secure
      Set-Cookie: MRHSession=22afd2631f7031af58bbc09829c62c5b;path=/;secure

      This is working fine on iOS because the value of MRHSession is being updated.

      Attachments

        Issue Links

          duplicates

          Improvement - An improvement or enhancement to an existing feature or task. HTTPCLIENT-1451 HttpClient does not store response cookies on a 401

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              adilmughalnintex Adil Mughal
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: