Ok, I think I found the problem.

If your http client uses preemptive authorization (i.e. the Authorization http header is sent with the encoded username and password even before the server gives an unauthorized response) , then everything works fine.

However, if you client does not send this header in the initial request and http challenge/response authentication comes into play, then we run into this issue of attempted double object creation.  With the initial request, Fedora always enters the ingest process and creates the object BEFORE the authorization challenge is sent to the client.  Therefore, when the client sends the authorization response, Fedora finds that the object was already created and we see this error.  You can see this in the snippet of the log I sent earlier.

Fedora 3.1 was working with non-preemptive authorization.  Did something change in 3.2?

On Jun 24, 2009, at 6:35 AM, Bill Branan wrote:

Hi Willy,

I just tried this and didn't have any problems. I restarted the server (to make sure there were no lingering sessions) then used Poster to POST to the URL you indicated (different host) with some simple FOXML. I was prompted for authentication by Firefox, followed by a 200 response.

You mentioned that Fedora appears to be attempting to create the object twice. Does the first attempt to create the object occur before you submit the authentication prompt? Is the object created correctly on the first attempt, or is it just an empty object that happens to have the correct PID?

Here is the FOXML I used, just for reference:

<?xml version="1.0" encoding="UTF-8"?>
<foxml:digitalObject VERSION="1.1" PID="newpid:foobar" xmlns:foxml="info:fedora/fedora-system:def/foxml#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="info:fedora/fedora-system:def/foxml# http://www.fedora.info/definitions/1/0/foxml1-1.xsd">
<foxml:property NAME="info:fedora/fedora-system:def/model#state" VALUE="Active"/>
<foxml:property NAME="info:fedora/fedora-system:def/model#label" VALUE="Label"/>


On Tue, Jun 23, 2009 at 5:41 PM, Willy Mene <wmene@stanford.edu> wrote:
I'm playing with our Fedora 3.2 instance and the REST API.  I'm using
the Firefox Poster add-on to do an http POST of some simple valid
FOXML to the (example) http://fedorabox:8080/fedora/objects/newpid:foobar
 URI and am running into problems.

The first time I attempt to do the POST, I get the error "The PID
'newpid:foobar' already exists in the registry; the object can't be re-
created." even though it is a brand new object.  However, if I search
Fedora for the object, I do find it was created.  When I look through
the logs, I see that Fedora tries to create the object twice with this
one request.

If I try to POST a second object with a new pid and new FOXML, the
requests succeeds without error.  Fedora only tries the ingest once.

My guess is that the initial authentication handshake with the first
POST causes Fedora to attempt the ingest twice.  The second POST
succeeds since the browser is already authenticated, and doesn't need
to go through the handshake.  I ran into this because I have some
client software that authenticates with every post (since it's not a
browser) and I keep running into this problem.  I did not have this
issue with 3.0 or 3.1.  I have included the stacktrace error below.

Has anyone else run into this?  Any help appreciated.


fedora.server.errors.ObjectExistsException: The PID 'newpid:foobar'
already exists in the registry; the object can't be re-created.