Jun 17, 2010 at 3:14 PM
Edited Jun 17, 2010 at 3:23 PM
I seem have an issue when IE issues concurrent requests to a Jetty server using WAFFLE.
I'm using a servlet that delivers an HTML page which has referenced resources. For some reason, it fails to read just one of the referenced resources; the flow is this for the resource:
- IE sends the request without authentication.
- WAFFLE responds with 401.
- IE sends the first part of the authentication (keep in mind I'm not 100% familiar with the challenge-response mechanism).
- WAFFLE responds.
- IE then fails to request the resource with authentication.
Not only does it not request the resource, it spins, failing to load. It doesn't even time out.
If I swap the servlet for something that delivers a small, static HTML page, then it *sometimes* happens. It's usually the first or second referenced resource that fails to load.
My suspicion is that IE is eagerly requesting resources whilst the HTML is being downloaded -- hence, using a complex servlet that does processing will increase the probability that it will occur.
Any suggestions? I can open an issue if required.
I also notice that in NegotiateSecurityFilter.doFilter(), request.getUserPrincipal() always returns null -- there is no cross-request authentication going on. I'm not sure of the effect of that, except that loading each resource requires an authorization
check (and slows it down slightly).
Thank you in advance.
(Edit: Apparently, marking NegotiateSecurityFilter.doFilter() synchronized reduces the frequency of problems, but does not eliminate it. Sorry.)