This is not a bug report ;-)
I have noticed that CalDavSynchronizer does not reuse the server nonce value when authenticating. For subsequent requests this results in a lot of 'HTTP/1.1 401 Unauthorized' responses from the server.
The first client request without authentication is anwered with a nonce generated by the server:
WWW-Authenticate: Digest realm="Group-Office",qop="auth",nonce="56430a62d3d90",opaque="df58bdff8cf60599c939187d0b5c54de"
Using this value the client calculates a response value with additional items (username, password, uri, request counter etc.)
Currently, CalDavSynchronizer does it this way when syncing a single entity:
PROPFIND
Server: 401
PROPFIND with Authorization
Server: 207
REPORT
Server: 401
REPORT with Authorization
Server: 207
PUT
Server: 401
PUT with Authorization
Server: 204
GET
Server: 401
GET with Authorization
Server: 200
The necessary communication could be reduced to:
PROPFIND with Authorization
Server: 207
REPORT with Authorization
Server: 207
PUT with Authorization
Server: 204
GET with Authorization
Server: 200
I know this has no impact when syncing a single entity, but it helps to take load from the server when syncing a lot of entities. Just a possible improvement ...
The problem is the .net implementation itself, we would need to use some DigestAuthFixer Helper class similar to http://stackoverflow.com/questions/3109507/httpwebrequests-sends-parameterless-uri-in-authorization-header
Ah, yes I understand. It is interesting that .net doesn't support reusing the nonce natively.
Ticket moved from /p/outlookcaldavsynchronizer/tickets/122/