PUT request with Auth results in invalid 401 response
32 views
Skip to first unread message
Tony Primerano
Aug 11, 2012, 3:50:26 PM8/11/12
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to phusion-...@googlegroups.com
This is a long shot but since it was mentioned 444 I figured I'd ask.
We have a case where issuing PUT request in our production environment for a protected resource sometimes returns a 401 without a content-length and no body. I have no idea if Rails/Rack or Passenger is messing up the response.
Here is a good response (minus the body with passenger and OS info)
HTTP/1.1 401 Authorization Required
Date: Fri, 10 Aug 2012 14:30:35 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 3.0.12
WWW-Authenticate: Basic realm="example.org"
X-UA-Compatible: IE=Edge,chrome=1
Cache-Control: no-cache
X-Runtime: 0.021475
X-Rack-Cache: invalidate, pass
Status: 401
Vary: Accept-Encoding
Content-Length: 107
Content-Type: text/html; charset=utf-8
Set-Cookie: BIGipServerprsapp-http=295856534.20480.0000; path=/
One interesting thing I found. This 401 is on an API call and the client is doing a PUT of xml data but they set their content-type to text/html. If I change it to text/xml the 401s seem to work all the time.
I'm in the process of trying to get them to change their code but I'd like to find the root cause of the broken 401 to ensure they won't see it again.
another side note. Their httpclient happily accepts the broken 401 and sends credentials but we recently add mod-proxy to the mix so now the bad 401 becomes a 502 :-\
Thanks in advance for any pointers
Tony
We have a case where issuing PUT request in our production environment for a protected resource sometimes returns a 401 without a content-length and no body. I have no idea if Rails/Rack or Passenger is messing up the response.
Here is a good response (minus the body with passenger and OS info)
HTTP/1.1 401 Authorization Required
Date: Fri, 10 Aug 2012 14:30:35 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 3.0.12
WWW-Authenticate: Basic realm="example.org"
X-UA-Compatible: IE=Edge,chrome=1
Cache-Control: no-cache
X-Runtime: 0.021475
X-Rack-Cache: invalidate, pass
Status: 401
Vary: Accept-Encoding
Content-Length: 107
Content-Type: text/html; charset=utf-8
Set-Cookie: BIGipServerprsapp-http=295856534.20480.0000; path=/
One interesting thing I found. This 401 is on an API call and the client is doing a PUT of xml data but they set their content-type to text/html. If I change it to text/xml the 401s seem to work all the time.
I'm in the process of trying to get them to change their code but I'd like to find the root cause of the broken 401 to ensure they won't see it again.
another side note. Their httpclient happily accepts the broken 401 and sends credentials but we recently add mod-proxy to the mix so now the bad 401 becomes a 502 :-\
Thanks in advance for any pointers
Tony
Reply all
Reply to author
Forward
0 new messages