​Do I correctly understand that a 401 / WWW-Authenticate should NOT be sent
in response to my POST request, which includes the Basic Auth user+password
header, and for which I've asked libcurl to use only Basic Auth via
curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC)​?

Because that's what the server is sending me just prior to or just after
the error message from libcurl: "Authentication problem. Ignoring this."

I am able to connect to this server using the SoapUI tool, and can see that
it sends the entire POST twice, the initial time and then again in response
to the 401 / WWW-Authenticate response.

..chris

From: Daniel Stenberg <daniel_at_haxx.se>
>
> On Tue, 7 Oct 2014, Steve Holme wrote:
> > Certainly with a GET request I would expect to see the following in your
> log:
> >
> > * An initial request for the page or resource that is in your url
> > * The server will the respond with a 401 and set the appropriate
> > WWW-Authentication headers (listing Basic with the realm option - like
> the
> > response you received did)
>

> That's only what libcurl does if you ask for more than one auth type. If
> you
> only ask for Basic, then libcurl will provide the correct header at once
> and
> it should work on the first shot.
>

> If that fails (== a 401 is returned), then the server didn't accept the
> given
> user+password. Period.
>

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-10-08