From 64bb271b2ead1c659a41c4fababbe97b453b7542 Mon Sep 17 00:00:00 2001 From: ArfyFR Date: Thu, 3 Nov 2016 11:00:33 +0100 Subject: [PATCH] Quoted-string Basic realm ctx according to rfc7235 Hi, I faced some problems with 401 message and an Android client. It yelded because in the WWW-Authenticate header the Basic ream= wasn't surrouned by "" In the https://tools.ietf.org/html/rfc7235 it is written that - Authentication parameters are name=value pairs - and "auth-param = token BWS "=" BWS ( token / quoted-string )" - and "For historical reasons, a sender MUST only generate the quoted-string syntax. Recipients might have to support both token and quoted-string syntax for maximum interoperability with existing clients that have been accepting both notations for a long time." After my modification, the Android worked again (and iOs and PC clients faicing the 401 still worked ;) ) BR, Arfy --- nginx-ldap-auth-daemon.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nginx-ldap-auth-daemon.py b/nginx-ldap-auth-daemon.py index a7f7aa3..8806183 100755 --- a/nginx-ldap-auth-daemon.py +++ b/nginx-ldap-auth-daemon.py @@ -61,7 +61,7 @@ class AuthHandler(BaseHTTPRequestHandler): if auth_header is None or not auth_header.lower().startswith('basic '): self.send_response(401) - self.send_header('WWW-Authenticate', 'Basic realm=' + ctx['realm']) + self.send_header('WWW-Authenticate', 'Basic realm="' + ctx['realm'] + '"') self.send_header('Cache-Control', 'no-cache') self.end_headers() @@ -115,7 +115,7 @@ class AuthHandler(BaseHTTPRequestHandler): self.log_error(msg) self.send_response(401) - self.send_header('WWW-Authenticate', 'Basic realm=' + ctx['realm']) + self.send_header('WWW-Authenticate', 'Basic realm="' + ctx['realm'] + '"') self.send_header('Cache-Control', 'no-cache') self.end_headers()