--- a/urllib2_kerberos.py
+++ b/urllib2_kerberos.py
@@ -42,6 +42,7 @@ class AbstractKerberosAuthHandler:
         """checks for "Negotiate" in proper auth header
         """
         authreqs = headers.getheaders(self.auth_header)
+        log.debug('authreqs = %s', authreqs)
 
         if authreqs:
 
@@ -51,10 +52,10 @@ class AbstractKerberosAuthHandler:
                 if mo:
                     return mo.group(1)
                 else:
-                    log.debug("regex failed on: %s" % authreq)
+                    log.debug("regex failed on: %s", authreq)
 
         else:
-            log.debug("%s header not found" % self.auth_header)
+            log.debug("%s header not found", self.auth_header)
 
         return None
 
@@ -64,10 +65,10 @@ class AbstractKerberosAuthHandler:
 
     def generate_request_header(self, req, headers, neg_value):
         self.retried += 1
-        log.debug("retry count: %d" % self.retried)
+        log.debug("retry count: %d", self.retried)
 
         host = req.get_host()
-        log.debug("req.get_host() returned %s" % host)
+        log.debug("req.get_host() returned %s", host)
 
         tail, sep, head = host.rpartition(':')
         domain = tail if tail else head
@@ -75,7 +76,7 @@ class AbstractKerberosAuthHandler:
         result, self.context = k.authGSSClientInit("HTTP@%s" % domain)
 
         if result < 1:
-            log.warning("authGSSClientInit returned result %d" % result)
+            log.warning("authGSSClientInit returned result %d", result)
             return None
 
         log.debug("authGSSClientInit() succeeded")
@@ -83,7 +84,7 @@ class AbstractKerberosAuthHandler:
         result = k.authGSSClientStep(self.context, neg_value)
 
         if result < 0:
-            log.warning("authGSSClientStep returned result %d" % result)
+            log.warning("authGSSClientStep returned result %d", result)
             return None
 
         log.debug("authGSSClientStep() succeeded")
@@ -104,7 +105,7 @@ class AbstractKerberosAuthHandler:
         if  result < 1:
             # this is a critical security warning
             # should change to a raise --Tim
-            log.critical("mutual auth failed: authGSSClientStep returned result %d" % result)
+            log.critical("mutual auth failed: authGSSClientStep returned result %d", result)
             pass
 
     def clean_context(self):
@@ -134,12 +135,13 @@ class AbstractKerberosAuthHandler:
             req.add_unredirected_header(self.authz_header, neg_hdr)
             resp = self.parent.open(req)
 
-            self.authenticate_server(resp.info())
+            if resp.getcode() != 200:
+                self.authenticate_server(resp.info())
 
             return resp
 
         except k.GSSError, e:
-            log.critical("GSSAPI Error: %s/%s" % (e[0][0], e[1][0]))
+            log.critical("GSSAPI Error: %s/%s", (e[0][0], e[1][0]))
             return None
 
         finally: