Earlier we used to get 401 and based on that we are taking some decisions in our application, but now instead of getting the response, an exception is received with
java.lang.IllegalStateException: AuthScheme is null at org.apache.hc.core5.util.Asserts.notNull(Asserts.java:56) at org.apache.hc.client5.http.impl.auth.HttpAuthenticator.updateAuthState(HttpAuthenticator.java:229)
After digging into the library code, I found that authEchange state is set as challenged as below are the header present in the response,
- "WWW-Authenticate: WSS-JWT"
- "WWW-Authenticate: Negotiate"
- "WWW-Authenticate: NTLM"
And it tried the same endpoint again.
Questions:
I didn't find/see a way to set AuthScheme that looks a error to me.
Is there any way to skip the second attempt and get the response 401.
Why this behavior is changed after library update.