classification
Title: urllib2 digest authentication doesn't work when connecting to a Catalyst server.
Type: behavior Stage:
Components: Library (Lib) Versions: Python 3.2, Python 3.1, Python 2.7
process
Status: open Resolution:
Dependencies: Superseder:
Assigned To: Nosy List: orsenthil, warpr
Priority: normal Keywords:

Created on 2010-08-30 11:54 by warpr, last changed 2010-08-30 19:32 by r.david.murray.

Messages (1)
msg115207 - (view) Author: Kuno Woudt (warpr) Date: 2010-08-30 11:54 
In the WWW-Authenticate header Catalyst::Authentication::Credential::HTTP sends the following value for qop:

qop="auth,auth-int"

This is identical to the example given in section 3.5 of the RFC (http://tools.ietf.org/html/rfc2617#section-3.5 ), so I assume this is correct.

urllib2 does not expect multiple values for qop, and only works when qop="auth".

I've managed to work around it with:

class DigestAuthHandler (urllib2.HTTPDigestAuthHandler):
    def get_authorization (self, req, chal):
        qop = chal.get ('qop', None)
        if qop and ',' in qop and 'auth' in qop.split (','):
            chal['qop'] = 'auth'

        return urllib2.HTTPDigestAuthHandler.get_authorization (self, req, chal)
History
Date User Action Args
2010-08-30 19:32:06r.david.murraysetnosy: + orsenthil

versions: - Python 2.6, Python 2.5, Python 3.3
2010-08-30 11:54:15warprcreate