id	summary	reporter	owner	description	type	status	priority	milestone	component	resolution	keywords	cc	branch	branch_author	launchpad_bug
5671	HTTPAuthSessionWrapper calls Request.finish() on closed connection	tomsheffler		"When a credentials checker raises an exception in the deferred returned from requestAvatarId, an exception is sometimes raises rather than a '401 unauthorized' response generated.

This condition can be recreated under the following conditions
- the exception is raised after a time delay
- the client requesting the authorization is not strictly HTTP/1.1 compliant, or is otherwise misbehaving

The attached server and examples recreate the problem.  See the comments at the top of the attached server, serv3.py, for shell command stimuli that illustrate the conditions.

"	defect	new	normal		web		auth, deferred, closed connection	jknight tom.sheffler@…