<p>最近我有时间复习这个问题,我想我找到了回答。它有点像pythonurllib2的bug。在urllib2中:</p>
<pre><code>class AbstractDigestAuthHandler:
def http_error_auth_reqed(self, auth_header, host, req, headers):
authreq = headers.get(auth_header, None)
if self.retried > 5:
# Don't fail endlessly - if we failed once, we'll probably
# fail a second time. Hm. Unless the Password Manager is
# prompting for the information. Crap. This isn't great
# but it's better than the current 'repeat until recursion
# depth exceeded' approach <wink>
raise HTTPError(req.get_full_url(), 401, "digest auth failed",
headers, None)
else:
self.retried += 1
if authreq:
scheme = authreq.split()[0]
if scheme.lower() == 'digest':
return self.retry_http_digest_auth(req, authreq)
</code></pre>
<p>这里的authreq是:</p>
^{pr2}$
<p>在authreq.split()[0]将是“Basic”,它永远不会是“digest”,因此urllib2不会在摘要式身份验证中执行第二个请求。</p>
<p>基本上urllib2假设第一个401响应头中只能有一个身份验证。不幸的是,此服务器返回两种类型的身份验证。</p>
<p>要解决此问题,可以使用基本身份验证,也可以使用其他库,如“请求”。</p>
