Menu
▾
▴
[dotNetRDF-Develop] Issue CORE-301 has been added to a project you are monitoring.
|
From: <tr...@do...> - 2013-01-14 17:03:34
|
<p>The following issue has been added to a project that you are monitoring.</p>
<table border="0">
<tr>
<td width="90px" valign="top"><b>Title:</b></td>
<td>SPARQL update fails against Sesame Endpoint secured with Basic HTTP Authentication</td>
</tr>
<tr>
<td><b>Project:</b></td>
<td>Core Library (dotNetRDF.dll)</td>
</tr>
<tr>
<td><b>Created By:</b></td>
<td>Daeron Meyer</td>
</tr>
<tr>
<td><b>Milestone:</b></td>
<td>none</td>
</tr>
<tr>
<td><b>Category:</b></td>
<td>none</td>
</tr>
<tr>
<td><b>Priority:</b></td>
<td>Critical</td>
</tr>
<tr>
<td><b>Type:</b></td>
<td>Bug</td>
</tr>
<tr>
<td><b>Description:</b></td>
</tr>
<tr>
<td colspan="2"><p>
We have an OWLIM repository running as a sesame endpoint deployed to Tomcat. After securing all forms of access (GET, POST, PUT, DELETE) to the repositories path of the endpoint we began seeing the following in our logs and noticed that any SPARQL update was failing:</p>
<p>
198.36.94.34 - - [09/Jan/2013:22:04:51 +0000] "POST /openrdf-sesame/repositories/31FD2E58-0F06-4D16-A663-D9D142CBB66D/statements HTTP/1.1" <strong>401</strong> 951<br />
198.36.94.34 - - [09/Jan/2013:22:04:51 +0000] "update=PREFIX+rdf%3a+%3chttp%3a%2f%2fwww.w3.org%2f1999%2f02%2f22-rdf-syntax-ns%23%3e%0d%0aPREFIX+%3a+%3chttp%3a%2f%2fwww.jci.com%2fPanoptixBaseOntology%23%3e%0d%0aPREFIX+rdfs%3a%3chttp%3a%2f%2fwww.w3.org%2f2000%2f01%2frdf-schema%23%3e%0d%0aPREFIX+owl%3a%3chttp%3a%2f%2fwww.w3.org%2f2002%2f07%2fowl%23%3e%0d%0aINSERT+DATA%0d%0a%7b%0d%0a%3chttp%3a%2f%2fwww.jci.com%2fPanoptixBaseOntology%234569752E-4DAB-4CC3-A979-D6502D1A3004%3e+rdf%3atype+owl%3aNamedIndividual+.%0d%0a%3chttp%3a%2f%2fwww.jci.com%2fPanoptixBaseOntology%234569752E-4DAB-4CC3-A979-D6502D1A3004%3e+rdf%3atype+%3aPoint+.%0d%0a%3chttp%3a%2f%2fwww.jci.com%2fPanoptixBaseOntology%234569752E-4DAB-4CC3-A979-D6502D1A3004%3e+%3aname+%22Daeron%22+.%0d%0a%3chttp%3a%2f%2fwww.jci.com%2fPanoptixBaseOntology%234569752E-4DAB-4CC3-A979-D6502D1A3004%3e+%3adescription+%22Daeron%22+.%0d%0a%3chttp%3a%2f%2fwww.jci.com%2fPanoptixBaseOntology%234569752E-4DAB-4CC3-A979-D6502D1A3004%3e+%3apointGuid+%2220000000-0000-0000-0000-000000000000%22+.%0d%0a%7dPOST /openrdf-sesame/repositories/31FD2E58-0F06-4D16-A663-D9D142CBB66D/statements HTTP/1.1" <strong>501</strong> 3110</p>
<p>
Looking into the source code for the BaseSesameHttpProtocolConnector I noticed that in HttpWebRequest CreateRequest(....) you are setting the NetworkCredential on the request when one is provided:</p>
<p>
if (this._hasCredentials)<br />
{<br />
NetworkCredential credentials = new NetworkCredential(this._username, this._pwd);<br />
request.Credentials = credentials; <br />
}</p>
<p>
However, you failed to set request.PreAuthenticate = true; This means that in some cases the credential will simply not be sent which appears to be what happened here - thus the 401 response and garbage/501 on the post contents which got processed by Tomcat as a second HTTP Request. More information here:</p>
<p>
http://stackoverflow.com/questions/1702426/httpwebrequest-not-passing-credentials</p>
<p>
http://msdn.microsoft.com/en-us/library/system.net.httpwebrequest.preauthenticate.aspx</p>
<p>
Please fix this by setting request.PreAuthenticate = true.</p>
<p>
</p></td>
</tr>
</table>
<p>
More information on this issue can be found at
<a href="http://www.dotnetrdf.org/tracker/Issues/IssueDetail.aspx?id=301" target="_blank">http://www.dotnetrdf.org/tracker/Issues/IssueDetail.aspx?id=301</a></p>
<p style="text-align:center;font-size:8pt;padding:5px;">
If you no longer wish to receive notifications, please visit <a href="http://www.dotnetrdf.org/tracker/Account/UserProfile.aspx" target="_blank">your profile</a> and change your notifications options.
</p>
|
