On 23 January 2013 17:21, Daz DeBoer <[email protected]> wrote:
> > > On 23 January 2013 16:24, Adam Murdoch <[email protected]>wrote: > >> >> On 24/01/2013, at 3:47 AM, Daz DeBoer wrote: >> >> G'day >> >> Another issue has been discovered with 1.4-rc-2: >> http://issues.gradle.org/browse/GRADLE-2650. >> >> It's unfortunate that the symptoms of this issue are very similar to >> http://issues.gradle.org/browse/GRADLE-2641 which was fixed in 1.4-rc-2. >> This similarity meant that we originally thought it was the same issue. >> >> It's possible that the fix is as simple as setting http.keepAlive = >> "true" explicitly in our code, to workaround the bug in HttpClient 4.2.2. >> I'm waiting to hear back on this front. >> >> If that doesn't fix the issue, we might want to consider introducing a >> system property that would permit a user to specify which authentication >> scheme should be used. That would also allow users to avoid the needless >> attempts at NTLM authentication with every request, as well as removing the >> warning that is often emitted about NEGOTIATE credentials not being >> available. >> There is actually a standard java system property for this, so we could >> simply honour that preference: ( >> http://docs.oracle.com/javase/7/docs/technotes/guides/net/http-auth.html) >> >> http.auth.preference="scheme" >> >> Finally, we could consider upgrading to HttpClient 4.2.3, which may have >> resolved this issue. I think we should do this for 1.5, as the new version >> has vastly improved NTML authentication that might allow us to replace the >> JCIFS implementation we currently use. We could use a custom value like >> http.auth.preference="jcifs" to permit users to continue using the old >> implementation (until we are confident the new implementation works). >> >> >> The question is whether we need to do anything for the 1.4 release. >> > > My feeling is that this is a serious issue that will impact pretty much > everyone using NTLM authentication. > > >> My understanding is that, right now, if I use a proxy that requires (or >> just prefers) NTLM authentication and I haven't explicitly set >> http.keepAlive = true, then I'm going to hit the problem. >> > > I suspect that this is the problem, and I hope that the fix is as simple > as setting http.keepAlive = "true". I'm awaiting feedback from the reporter. > So I heard back, and with systemProp.http.keepAlive = "true", the problem is rectified. My plan is to add this fix and try to put out an rc-3 out today. Is there anything else that needs to go in? -- Darrell (Daz) DeBoer Principal Engineer, Gradleware http://www.gradleware.com
