Caching of a HTTP/1.1 401 Unauthorized response?

kralo

It does seem, that davdroid could benefit from caching the server responses where it is asked to authorize, e.g.

37.201.X - - [30/May/2016:00:33:08 +0000] "PUT /sabretest/cal.php/calendars/admin/testing/b8f655dc-48cb-4f87-ab4a-e38ed5ddbeac.ics HTTP/1.1" 401 432 "-" "DAVdroid/1.0.9.1 (2016/05/27; dav4android; okhttp3) Android/5.1.1"
37.201.X - - [30/May/2016:00:33:09 +0000] "PUT /sabretest/cal.php/calendars/admin/testing/b8f655dc-48cb-4f87-ab4a-e38ed5ddbeac.ics HTTP/1.1" 201 - "-" "DAVdroid/1.0.9.1 (2016/05/27; dav4android; okhttp3) Android/5.1.1"

37.201.X - - [30/May/2016:00:33:09 +0000] "REPORT /sabretest/cal.php/calendars/admin/testing/ HTTP/1.1" 401 473 "-" "DAVdroid/1.0.9.1 (2016/05/27; dav4android; okhttp3) Android/5.1.1"
37.201.X - - [30/May/2016:00:33:09 +0000] "REPORT /sabretest/cal.php/calendars/admin/testing/ HTTP/1.1" 207 1086 "-" "DAVdroid/1.0.9.1 (2016/05/27; dav4android; okhttp3) Android/5.1.1"`

Every Time davdroid is told to authenticate, (WWW-Authenticate: Digest realm="...") and does so in the subsequent request, but “forgets it” immediately after. Wouldn’t it be wise to authenticate in the next X sessions from the beginning as well ? Could save some round-trips…

rfc2822

@kralo This only happens when you’re using Digest auth.

Please use Basic auth (the only useful case I can imagine for Digest auth is to authenticate against external services; in terms of security, there should be no advantage because TLS should be used in any case) and set DAVdroid to pre-emptive auth (= always send the authentication header with the request), or
improve the BasicDigestAuthenticator, which I had to write from scratch (I guess it would not be much work, you would have to check the realm and perhaps domain, insert the tokens and handle re-authentication) because okhttp doesn’t provide (Digest) auth by default (and they didn’t want my implementation; you can also read about extra round-trips there).

rfc2822

Since dav4android ff40bfd, credentials are cached for Digest authentication, too.

Caching of a HTTP/1.1 401 Unauthorized response?

Similar topics

Some WebCal subscriptions cannot find webcal-capable app even though ICSx5 is installed
DAVx⁵ • solved bug • • liamcooper

Nextcloud Sync Issue, working fine on one phone, not on the other
DAVx⁵ • solved duplicate • • chbmb

Group error messages
Ideas, future talk, development • enhancement • • rugk

Caching of a HTTP/1.1 401 Unauthorized response?

Similar topics

Some WebCal subscriptions cannot find webcal-capable app even though ICSx5 is installed DAVx⁵ • solved bug • • liamcooper

Nextcloud Sync Issue, working fine on one phone, not on the other DAVx⁵ • solved duplicate • • chbmb

Group error messages Ideas, future talk, development • enhancement • • rugk

Some WebCal subscriptions cannot find webcal-capable app even though ICSx5 is installed
DAVx⁵ • solved bug • • liamcooper

Nextcloud Sync Issue, working fine on one phone, not on the other
DAVx⁵ • solved duplicate • • chbmb

Group error messages
Ideas, future talk, development • enhancement • • rugk