Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Add a config option to allow preemptive auth
See original GitHub issueHi Jest Team,
I tried to use the basic auth feature added in 0.1.6
JestClientFactory factory = new JestClientFactory();
factory.setHttpClientConfig(
new HttpClientConfig.Builder("http://localhost:9200")
.defaultCredentials("global_user", "global_password")
.build()
);
The problem is that it doesn’t do preemptive auth and AFAIK there is no way to enforce it.
Example access log from nginx fronting a test cluster
127.0.0.1 - - [26/May/2015:17:27:44 +0200] "POST /index/file/_search HTTP/1.1" 401 195 "-" "Apache-HttpClient/4.4.1 (Java/1.7.0_60)"
127.0.0.1 - user [26/May/2015:17:27:44 +0200] "POST /index/file/_search HTTP/1.1" 200 912 "-" "Apache-HttpClient/4.4.1 (Java/1.7.0_60)"
127.0.0.1 - - [26/May/2015:17:27:44 +0200] "POST /index/file/_search HTTP/1.1" 401 195 "-" "Apache-HttpClient/4.4.1 (Java/1.7.0_60)"
127.0.0.1 - user [26/May/2015:17:27:44 +0200] "POST /index/file/_search HTTP/1.1" 200 132 "-" "Apache-HttpClient/4.4.1 (Java/1.7.0_60)"
127.0.0.1 - - [26/May/2015:17:28:08 +0200] "POST /index/file/d6371446-cbbc-44af-9d3f-e299047fef79/_update HTTP/1.1" 401 195 "-" "Apache-HttpClient/4.4.1 (Java/1.7.0_60)"
127.0.0.1 - user [26/May/2015:17:28:08 +0200] "POST /index/file/d6371446-cbbc-44af-9d3f-e299047fef79/_update HTTP/1.1" 201 96 "-" "Apache-HttpClient/4.4.1 (Java/1.7.0_60)"
127.0.0.1 - - [26/May/2015:17:28:12 +0200] "POST /index/file/d6371446-cbbc-44af-9d3f-e299047fef79/_update HTTP/1.1" 401 195 "-" "Apache-HttpClient/4.4.1 (Java/1.7.0_60)"
127.0.0.1 - user [26/May/2015:17:28:13 +0200] "POST /index/file/d6371446-cbbc-44af-9d3f-e299047fef79/_update HTTP/1.1" 200 96 "-" "Apache-HttpClient/4.4.1 (Java/1.7.0_60)"
As you can see, every request starts without sending credentials, it ends up in 401 and then is repeated with basic auth included and ends up as 200.
This is an http client design decision http://stackoverflow.com/questions/2014700/preemptive-basic-authentication-with-apache-httpclient-4 and an example way to work around this is presented in their svn https://subversion.jfrog.org/jfrog/build-info/trunk/build-info-client/src/main/java/org/jfrog/build/client/PreemptiveHttpClient.java
client.getCredentialsProvider().setCredentials(
new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT),
new UsernamePasswordCredentials(userName, password)
);
localContext = new BasicHttpContext();
// Generate BASIC scheme object and stick it to the local execution context
BasicScheme basicAuth = new BasicScheme();
localContext.setAttribute("preemptive-auth", basicAuth);
// Add as the first request interceptor
client.addRequestInterceptor(new PreemptiveAuth(), 0);
The problem is that I see no way to add request interceptor and no way to add this local context on each request.
This is an important feature in context of elasticsearch, as usually you have just one server with one user/pass for your app. So sending each request twice seems really a waste in case of elasticsearch under a heavy load.
Do you agree this is a valid feature to have? Any suggestions on the implementation? I think that from an API consumer point of view the best would be to add new method preemptiveAuth(boolean) to HttpClientConfig.Builder.
Cheers, Igor
Issue Analytics
- State:
- Created 8 years ago
- Reactions:1
- Comments:8 (7 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Any updates on this issue? If not I have a look
Hello all, do you intend to add this in the next release? It is very important for my use case and I believe for a lot of other users too.