Caching of a HTTP/1.1 401 Unauthorized response?

kralo

It does seem, that davdroid could benefit from caching the server responses where it is asked to authorize, e.g.

37.201.X - - [30/May/2016:00:33:08 +0000] "PUT /sabretest/cal.php/calendars/admin/testing/b8f655dc-48cb-4f87-ab4a-e38ed5ddbeac.ics HTTP/1.1" 401 432 "-" "DAVdroid/1.0.9.1 (2016/05/27; dav4android; okhttp3) Android/5.1.1"
37.201.X - - [30/May/2016:00:33:09 +0000] "PUT /sabretest/cal.php/calendars/admin/testing/b8f655dc-48cb-4f87-ab4a-e38ed5ddbeac.ics HTTP/1.1" 201 - "-" "DAVdroid/1.0.9.1 (2016/05/27; dav4android; okhttp3) Android/5.1.1"

37.201.X - - [30/May/2016:00:33:09 +0000] "REPORT /sabretest/cal.php/calendars/admin/testing/ HTTP/1.1" 401 473 "-" "DAVdroid/1.0.9.1 (2016/05/27; dav4android; okhttp3) Android/5.1.1"
37.201.X - - [30/May/2016:00:33:09 +0000] "REPORT /sabretest/cal.php/calendars/admin/testing/ HTTP/1.1" 207 1086 "-" "DAVdroid/1.0.9.1 (2016/05/27; dav4android; okhttp3) Android/5.1.1"`

Every Time davdroid is told to authenticate, (WWW-Authenticate: Digest realm="...") and does so in the subsequent request, but “forgets it” immediately after. Wouldn’t it be wise to authenticate in the next X sessions from the beginning as well ? Could save some round-trips…

rfc2822

@kralo This only happens when you’re using Digest auth.

Please use Basic auth (the only useful case I can imagine for Digest auth is to authenticate against external services; in terms of security, there should be no advantage because TLS should be used in any case) and set DAVdroid to pre-emptive auth (= always send the authentication header with the request), or
improve the BasicDigestAuthenticator, which I had to write from scratch (I guess it would not be much work, you would have to check the realm and perhaps domain, insert the tokens and handle re-authentication) because okhttp doesn’t provide (Digest) auth by default (and they didn’t want my implementation; you can also read about extra round-trips there).

rfc2822

Since dav4android ff40bfd, credentials are cached for Digest authentication, too.

Caching of a HTTP/1.1 401 Unauthorized response?

Similar topics

Invalid TimeZone ID []
DAVx⁵ • solved 3rd-party issue • • hopkins

Suggestion: changing carddav category/group options should resync all contacts
Ideas, future talk, development • • Nicoco

Prompt to accept and pin self-signed certificates
DAVx⁵ • enhancement duplicate • • AutoImport-nodiscc

Caching of a HTTP/1.1 401 Unauthorized response?

Similar topics

Invalid TimeZone ID [] DAVx⁵ • solved 3rd-party issue • • hopkins

Suggestion: changing carddav category/group options should resync all contacts Ideas, future talk, development • • Nicoco

Prompt to accept and pin self-signed certificates DAVx⁵ • enhancement duplicate • • AutoImport-nodiscc

Invalid TimeZone ID []
DAVx⁵ • solved 3rd-party issue • • hopkins

Suggestion: changing carddav category/group options should resync all contacts
Ideas, future talk, development • • Nicoco

Prompt to accept and pin self-signed certificates
DAVx⁵ • enhancement duplicate • • AutoImport-nodiscc