[
https://issues.apache.org/jira/browse/HTTPCLIENT-1458?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Oleg Kalnichevski resolved HTTPCLIENT-1458.
-------------------------------------------
Resolution: Fixed
Fix Version/s: 4.4 Alpha1
I fixed the problem in 4.4 by making AuthScope retain a reference to the
HttpHost of origin (which contains protocol scheme used to connect to the
host). I do not quite like it but that was the only way to fix the problem
properly. As far as 4.3 goes the best I can do is to use 'https' for port 443
and 'http' otherwise.
Oleg
> SystemDefaultCredentialsProvider authenticates with wrong protocol for https
> requests
> -------------------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1458
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1458
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpAuth, HttpClient
> Affects Versions: 4.3.2
> Environment: Client: Oracle Java 6/7.
> Reporter: Mat Gessel
> Fix For: 4.4 Alpha1
>
>
> Java has system property settings for specifying proxies. Java has different
> properties for "http" and "https". The purpose of HttpClient's
> SystemDefaultCredentialsProvider is to delegate authentication to a
> java.net.Authenticator. Authenticator implementations commonly use the proxy
> system properties. However, SDCP loses the differentiation between "http" and
> "https"; it always requests auth for "http".
> SystemDefaultCredentialsProvider always passes "http" as the protocol to
> Authenticator.requestPasswordAuthentication(). This can result in an HTTP
> status 407 or other 3rd party errors due to a protocol mismatch.
> Here is an example of a default Authenticator that will fail because it
> relies on the https.proxyXXX properties.
> Authenticator.setDefault(new Authenticator()
> {
> @Override
> protected PasswordAuthentication getPasswordAuthentication()
> {
> if (getRequestorType() == RequestorType.PROXY)
> {
> if ("https".equals(getRequestingProtocol().toLowerCase()))
> {
> String host = System.getProperty("https.proxyHost", "");
> String port = System.getProperty("https.proxyPort", "443");
> String user = System.getProperty("https.proxyUser", "");
> String password = System.getProperty("https.proxyPassword", "");
> if (getRequestingHost().equalsIgnoreCase(host))
> {
> if (port != null &&
> port.equals(Integer.toString(getRequestingPort())))
> {
> return new PasswordAuthentication(user, password.toCharArray());
> }
> }
> }
> }
> return null;
> }
> });
> JRE 7 Networking Properties:
> http://docs.oracle.com/javase/7/docs/api/java/net/doc-files/net-properties.html
> Workaround:
> IF: a single proxy is used and it supports http and https on the same port
> THEN: set http.proxyXXX and https.proxyXXX system properties to the same
> host/port.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
