[Bug-wget] Sprint Security non-challenge use case

bug-wget

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug-wget] Sprint Security non-challenge use case

From:	Tim Pizey
Subject:	[Bug-wget] Sprint Security non-challenge use case
Date:	Thu, 1 Jul 2010 13:23:20 +0100

Hi Micah and list,

Thanks for a great utility, whose size and complexity I am only just
beginning to appreciate.

I have just been tripped up by the newish (post 1.10.2 ) behaviour of
wget, that it relies upon a challenge prior to supplying
authentication headers.

I have written up the problem at
http://tim-pizey.blogspot.com/2010/07/using-both-http-basic-and-session-based.html

To paraphrase: I think the old behaviour was more intuitive: if user
supplies username and password pass them on to server.

The Spring Security auto-config (ie their default) is to respect
http-basic authentication if it is supplied but to redirect the 'user'
to a forms based login if it is not supplied, ie not to issue a
challenge.

So I suggest that at the least the manpage wording is changed, if not
the behaviour reverted.

yours
Tim

-- 
Tim Pizey
Centre for Genomics and Global Health <http://cggh.org>

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug-wget] Sprint Security non-challenge use case, Tim Pizey <=
- Re: [Bug-wget] Sprint Security non-challenge use case, Micah Cowan, 2010/07/01
  - Re: [Bug-wget] Sprint Security non-challenge use case, Tim Pizey, 2010/07/01

Next by Date: Re: [Bug-wget] Sprint Security non-challenge use case
Next by thread: Re: [Bug-wget] Sprint Security non-challenge use case
Index(es):
- Date
- Thread