Mike
On Jan 7, 2004, at 11:17 AM, Kalnichevski, Oleg wrote:
Has anyone looked at this one? Any feedback so far?
Oleg
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Monday, December 15, 2003 12:40
To: [EMAIL PROTECTED]
Subject: DO NOT REPLY [Bug 25529] New: - Redesign of HTTP authentication
framework
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25529>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25529
Redesign of HTTP authentication framework
Summary: Redesign of HTTP authentication framework Product: Commons Version: Nightly Builds Platform: All OS/Version: All Status: NEW Severity: Enhancement Priority: Other Component: HttpClient AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED]
The existing HTTP authentication framework has got a few glaring deficiencies:
- Authentication headers management evolved (or degraded) into a some sort of
black art and proved very error-prone.
- Existing logic intended to deal with authentication failures and
authentication failure recovery is flawed. The resolution of the bug #20089 did
appear possible without a better approach than the one based on AuthScheme#getID.
On top of that authentication logic got quite messy with the series of attempts
to fix breakages in complex authentication schemes (the latest being NTLM proxy
+ basic host fix)
The patch I am about to attach is an attempt to address all the shortcomings
mentioned above. It builds upon my previous patch that enabled authentication
schemes to maintain authentication state and presents a complete redesign of the
existing HTTP authentication framework.
Basically there's no authentication code left untouched, so please do take a
closer look. Critique, comments, suggestions welcome.
Oleg
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
