HTTP basic user authentication : “Authorization” header not accepted (case-sensitive)

I'm using HTTP Header Basic authentication to send username and password to the server:

Code:

List<String> as = new ArrayList<String>();

HttpTransportProperties.Authenticator basicAuth = new HttpTransportProperties.Authenticator();



as.add(Authenticator.BASIC);

basicAuth.setAuthSchemes(as);



basicAuth.setUsername("ABC");

basicAuth.setPassword("password");



basicAuth.setPreemptiveAuthentication(true);



serviceStub._getServiceClient().getOptions().setProperty(

                org.apache.axis2.transport.http.HTTPConstants.AUTHENTICATE,

                basicAuthenticator);

I'm using Tomcat 6 as a server.

In catalina.log file, I can see the following:

header=authorization=Basic U2hyZXlhczpwYXNzd29yZA==

I'm expecting "authorization" as "Authorization" i.e. Captial 'A' in authorization.

I've checked many existing post but not able to find the answer.

Could you please advice how to achieve above result?

Thanks in advance

edited Nov 21 '18 at 7:19

Abhijit

315213

asked Nov 21 '18 at 7:15

user2078308

add a comment |

I'm using HTTP Header Basic authentication to send username and password to the server:

Code:

List<String> as = new ArrayList<String>();

HttpTransportProperties.Authenticator basicAuth = new HttpTransportProperties.Authenticator();



as.add(Authenticator.BASIC);

basicAuth.setAuthSchemes(as);



basicAuth.setUsername("ABC");

basicAuth.setPassword("password");



basicAuth.setPreemptiveAuthentication(true);



serviceStub._getServiceClient().getOptions().setProperty(

                org.apache.axis2.transport.http.HTTPConstants.AUTHENTICATE,

                basicAuthenticator);

I'm using Tomcat 6 as a server.

In catalina.log file, I can see the following:

header=authorization=Basic U2hyZXlhczpwYXNzd29yZA==

I'm expecting "authorization" as "Authorization" i.e. Captial 'A' in authorization.

I've checked many existing post but not able to find the answer.

Could you please advice how to achieve above result?

Thanks in advance

edited Nov 21 '18 at 7:19

Abhijit

315213

asked Nov 21 '18 at 7:15

user2078308

add a comment |

I'm using HTTP Header Basic authentication to send username and password to the server:

Code:

List<String> as = new ArrayList<String>();

HttpTransportProperties.Authenticator basicAuth = new HttpTransportProperties.Authenticator();



as.add(Authenticator.BASIC);

basicAuth.setAuthSchemes(as);



basicAuth.setUsername("ABC");

basicAuth.setPassword("password");



basicAuth.setPreemptiveAuthentication(true);



serviceStub._getServiceClient().getOptions().setProperty(

                org.apache.axis2.transport.http.HTTPConstants.AUTHENTICATE,

                basicAuthenticator);

I'm using Tomcat 6 as a server.

In catalina.log file, I can see the following:

header=authorization=Basic U2hyZXlhczpwYXNzd29yZA==

I'm expecting "authorization" as "Authorization" i.e. Captial 'A' in authorization.

I've checked many existing post but not able to find the answer.

Could you please advice how to achieve above result?

Thanks in advance

edited Nov 21 '18 at 7:19

Abhijit

315213

asked Nov 21 '18 at 7:15

user2078308

I'm using HTTP Header Basic authentication to send username and password to the server:

Code:

List<String> as = new ArrayList<String>();

HttpTransportProperties.Authenticator basicAuth = new HttpTransportProperties.Authenticator();



as.add(Authenticator.BASIC);

basicAuth.setAuthSchemes(as);



basicAuth.setUsername("ABC");

basicAuth.setPassword("password");



basicAuth.setPreemptiveAuthentication(true);



serviceStub._getServiceClient().getOptions().setProperty(

                org.apache.axis2.transport.http.HTTPConstants.AUTHENTICATE,

                basicAuthenticator);

I'm using Tomcat 6 as a server.

In catalina.log file, I can see the following:

header=authorization=Basic U2hyZXlhczpwYXNzd29yZA==

I'm expecting "authorization" as "Authorization" i.e. Captial 'A' in authorization.

I've checked many existing post but not able to find the answer.

Could you please advice how to achieve above result?

Thanks in advance

java http basic-authentication tomcat6

edited Nov 21 '18 at 7:19

Abhijit

315213

asked Nov 21 '18 at 7:15

user2078308

edited Nov 21 '18 at 7:19

Abhijit

315213

asked Nov 21 '18 at 7:15

user2078308

edited Nov 21 '18 at 7:19

Abhijit

315213

edited Nov 21 '18 at 7:19

Abhijit

315213

edited Nov 21 '18 at 7:19

Abhijit

315213

asked Nov 21 '18 at 7:15

user2078308

asked Nov 21 '18 at 7:15

user2078308

asked Nov 21 '18 at 7:15

user2078308

add a comment |

1 Answer
1

active

oldest

votes

HTTP Headers field names, as authorization, are case insensitive

From RFC 2616 - "Hypertext Transfer Protocol -- HTTP/1.1", Section 4.2, "Message Headers":

Each header field consists of a name followed by a colon (":") and the field value. Field names are case-insensitive.

So case shouldn't matter

EDIT Add a newer HTTP/1.1 document for reference

edited Nov 21 '18 at 9:26

answered Nov 21 '18 at 7:29

user7294900

22.1k113259

1

Correct answer, but you are citing a very obsolete spec.

– Julian Reschke
Nov 21 '18 at 9:23

@JulianReschke Add a newer HTTP/1.1 document for reference

– user7294900
Nov 21 '18 at 9:26

Thanks for your comment. Its good that field names are case case-insensitive. Are there any options if we need to still change these fields?

– user2078308
Nov 21 '18 at 10:21

@user2078308 shouldn't last line use basicAuth and not basicAuthenticator?

– user7294900
Nov 21 '18 at 10:29

@user7294900 - ya..I already corrected that in my code. Do you know any options to change "authentication" to "Authentication"?

– user2078308
Nov 21 '18 at 10:45

|
show 7 more comments

Your Answer

StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});

}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53406982%2fhttp-basic-user-authentication-authorization-header-not-accepted-case-sensi%23new-answer', 'question_page');
}
);

Post as a guest

Name

Required, but never shown

1 Answer
1

active

oldest

votes

1 Answer
1

active

oldest

votes

HTTP Headers field names, as authorization, are case insensitive

From RFC 2616 - "Hypertext Transfer Protocol -- HTTP/1.1", Section 4.2, "Message Headers":

Each header field consists of a name followed by a colon (":") and the field value. Field names are case-insensitive.

So case shouldn't matter

EDIT Add a newer HTTP/1.1 document for reference

edited Nov 21 '18 at 9:26

answered Nov 21 '18 at 7:29

user7294900

22.1k113259

1

Correct answer, but you are citing a very obsolete spec.

– Julian Reschke
Nov 21 '18 at 9:23

@JulianReschke Add a newer HTTP/1.1 document for reference

– user7294900
Nov 21 '18 at 9:26

Thanks for your comment. Its good that field names are case case-insensitive. Are there any options if we need to still change these fields?

– user2078308
Nov 21 '18 at 10:21

@user2078308 shouldn't last line use basicAuth and not basicAuthenticator?

– user7294900
Nov 21 '18 at 10:29

@user7294900 - ya..I already corrected that in my code. Do you know any options to change "authentication" to "Authentication"?

– user2078308
Nov 21 '18 at 10:45

|
show 7 more comments

HTTP Headers field names, as authorization, are case insensitive

From RFC 2616 - "Hypertext Transfer Protocol -- HTTP/1.1", Section 4.2, "Message Headers":

Each header field consists of a name followed by a colon (":") and the field value. Field names are case-insensitive.

So case shouldn't matter

EDIT Add a newer HTTP/1.1 document for reference

edited Nov 21 '18 at 9:26

answered Nov 21 '18 at 7:29

user7294900

22.1k113259

1

Correct answer, but you are citing a very obsolete spec.

– Julian Reschke
Nov 21 '18 at 9:23

@JulianReschke Add a newer HTTP/1.1 document for reference

– user7294900
Nov 21 '18 at 9:26

Thanks for your comment. Its good that field names are case case-insensitive. Are there any options if we need to still change these fields?

– user2078308
Nov 21 '18 at 10:21

@user2078308 shouldn't last line use basicAuth and not basicAuthenticator?

– user7294900
Nov 21 '18 at 10:29

@user7294900 - ya..I already corrected that in my code. Do you know any options to change "authentication" to "Authentication"?

– user2078308
Nov 21 '18 at 10:45

|
show 7 more comments

HTTP Headers field names, as authorization, are case insensitive

From RFC 2616 - "Hypertext Transfer Protocol -- HTTP/1.1", Section 4.2, "Message Headers":

Each header field consists of a name followed by a colon (":") and the field value. Field names are case-insensitive.

So case shouldn't matter

EDIT Add a newer HTTP/1.1 document for reference

edited Nov 21 '18 at 9:26

answered Nov 21 '18 at 7:29

user7294900

22.1k113259

HTTP Headers field names, as authorization, are case insensitive

From RFC 2616 - "Hypertext Transfer Protocol -- HTTP/1.1", Section 4.2, "Message Headers":

Each header field consists of a name followed by a colon (":") and the field value. Field names are case-insensitive.

So case shouldn't matter

EDIT Add a newer HTTP/1.1 document for reference

edited Nov 21 '18 at 9:26

answered Nov 21 '18 at 7:29

user7294900

22.1k113259

edited Nov 21 '18 at 9:26

answered Nov 21 '18 at 7:29

user7294900

22.1k113259

answered Nov 21 '18 at 7:29

user7294900

22.1k113259

answered Nov 21 '18 at 7:29

user7294900

22.1k113259

1

Correct answer, but you are citing a very obsolete spec.

– Julian Reschke
Nov 21 '18 at 9:23

@JulianReschke Add a newer HTTP/1.1 document for reference

– user7294900
Nov 21 '18 at 9:26

Thanks for your comment. Its good that field names are case case-insensitive. Are there any options if we need to still change these fields?

– user2078308
Nov 21 '18 at 10:21

@user2078308 shouldn't last line use basicAuth and not basicAuthenticator?

– user7294900
Nov 21 '18 at 10:29

@user7294900 - ya..I already corrected that in my code. Do you know any options to change "authentication" to "Authentication"?

– user2078308
Nov 21 '18 at 10:45

|
show 7 more comments

1

Correct answer, but you are citing a very obsolete spec.

– Julian Reschke
Nov 21 '18 at 9:23

@JulianReschke Add a newer HTTP/1.1 document for reference

– user7294900
Nov 21 '18 at 9:26

Thanks for your comment. Its good that field names are case case-insensitive. Are there any options if we need to still change these fields?

– user2078308
Nov 21 '18 at 10:21

@user2078308 shouldn't last line use basicAuth and not basicAuthenticator?

– user7294900
Nov 21 '18 at 10:29

@user7294900 - ya..I already corrected that in my code. Do you know any options to change "authentication" to "Authentication"?

– user2078308
Nov 21 '18 at 10:45

Correct answer, but you are citing a very obsolete spec.

– Julian Reschke
Nov 21 '18 at 9:23

@JulianReschke Add a newer HTTP/1.1 document for reference

– user7294900
Nov 21 '18 at 9:26

Thanks for your comment. Its good that field names are case case-insensitive. Are there any options if we need to still change these fields?

– user2078308
Nov 21 '18 at 10:21

@user2078308 shouldn't last line use basicAuth and not basicAuthenticator?

– user7294900
Nov 21 '18 at 10:29

@user7294900 - ya..I already corrected that in my code. Do you know any options to change "authentication" to "Authentication"?

– user2078308
Nov 21 '18 at 10:45

|
show 7 more comments

draft saved

draft discarded

Thanks for contributing an answer to Stack Overflow!

Please be sure to answer the question. Provide details and share your research!

But avoid …

Asking for help, clarification, or responding to other answers.

Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

Post as a guest

Name

Required, but never shown

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

Name

Required, but never shown

Name

Required, but never shown

This page is only for reference, If you need detailed information, please check here

Search This Blog

Ufyukyu