[
https://issues.apache.org/jira/browse/HTTPCLIENT-1545?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ka-Lok Fung updated HTTPCLIENT-1545:
------------------------------------
Attachment: HTTPCLIENT-1545.v2.patch.diff
Oleg,
I've attached a new patch for the unit test. I've changed the code to make
{{getToken}} package private so that the unit test can override its
implementation. This exception would have caused an endless loop in HttpClient
if {{failAuthCleanup}} didn't set {{continueNeeded}} to be false.
I had originally tried to use Mockito to mock {{Secur32}} but it turns out that
Mockito can't mock classes that are declared final :(
Please let me know how it runs on your Windows machine. Any feedback on my code
is welcome as well.
-kl
> Possible infinite loop when WindowsNegotiateScheme authentication fails
> -----------------------------------------------------------------------
>
> Key: HTTPCLIENT-1545
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1545
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient
> Affects Versions: 4.4 Alpha1
> Environment: Windows
> Reporter: Ka-Lok Fung
> Fix For: 4.4 Alpha2
>
> Attachments: HTTPCLIENT-1545.patch.diff, HTTPCLIENT-1545.v2.patch.diff
>
>
> When {{WindowsNegotiateScheme}} authentication fails, it's possible for
> HttpClient to retry the authentication in an endless loop because the
> {{continueNeeded}} flag is not set to {{false}} when authentication fails.
> One possible way of causing authentication to fail is to use a service
> principle name that is outside your Windows domain (e.g., HTTP/EXAMPLE.COM).
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
