Basic Authentication fails with counter-intuitive exception
See original GitHub issueKtor Version
1.1.3
Ktor Engine Used(client or server and name)
Apache client only
JVM Version, Operating System and Relevant Context
JVM from OpenJDK 1.8.0_191 Ubuntu 18.04 operating system
operating with io.ktor:ktor-client-core
and io.ktor:ktor-client-apache
only.
Connecting to an external 3rd party service, so the server is not on ktor and is to be considered a black box.
io.ktor:ktor-client-auth
plugin for Basic Authentication.
Feedback
When (accidentally) using the wrong username/password for BasicAuthProvider
in the io.ktor:ktor-client-auth
plugin, the client ultimately throws a SendCountExceedException
because the engine just tries sending again and again until the treshold is reached/surpassed.
I would expect and wish for a more meaningful exception to be thrown when authorization fails. The server does correctly yield response code 401
.
Issue Analytics
- State:
- Created 4 years ago
- Comments:10 (5 by maintainers)
Top Results From Across the Web
Deprecation of Basic authentication in Exchange Online
We're removing the ability to use Basic authentication in Exchange Online for Exchange ActiveSync (EAS), POP, IMAP, Remote PowerShell, Exchange ...
Read more >"Incorrect Basic Authentication formatting" errors are being ...
Errors with message "Incorrect Basic Authentication formatting." are being logged in the error logs. Steps to Reproduce.
Read more >Spring Security basic auth exception lead to unwanted /error ...
I have simple spring-boot rest api service with following security config: @Bean public SecurityFilterChain filterChain(HttpSecurity http) ...
Read more >htmlspecialchars - Manual - PHP
Certain characters have special significance in HTML, and should be represented by HTML entities if they are to preserve their meanings.
Read more >BasicAuthentication policy runtime error troubleshooting
This error occurs if the variable containing the Base64 encoded string specified in the <Source> element of the BasicAuthentication policy is either:.
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
I could try to help with this one, it seems to be a fairly straightforward issue to start with. I managed to reproduce the problem here.
But just to have a better context, why do we have
ktor-client-auth
andktor-client-auth-basic
?As far as I understood
ktor-client-auth-basic
just intercept the request and append the header, while the other use this complex retry mechanism which I’m still digging into. Shouldn’t we have just one of them with the possibility to retry or not?Any considerations before I start working on this?
Sure!