Dear Wiki user, You have subscribed to a wiki page or wiki category on "Httpcomponents Wiki" for change notification.
The "IssueTracking/HTTPCLIENT-1625" page has been changed by MichaelOsipov: https://wiki.apache.org/HttpComponents/IssueTracking/HTTPCLIENT-1625?action=diff&rev1=2&rev2=3 Comment: Added another question = Designing HTTPCLIENT-1625 = - This page tracks the design goals of the [[https://issues.apache.org/jira/browse/HTTPCLIENT-1625|complete redesign of the GSS-based authentication in HttpClient]]. Namely, implementation decisions, known issues, awkward stuff, testing, etc. All code will be developed in a [[http://svn.apache.org/repos/asf/httpcomponents/httpclient/branches/HTTPCLIENT-1625/|separate branch]]. + This page tracks the design goals of the [[https://issues.apache.org/jira/browse/HTTPCLIENT-1625|complete redesign of the GSS-based authentication in HttpClient]]. Namely, implementation decisions, known issues, questions, testing, etc. All code will be developed in a [[http://svn.apache.org/repos/asf/httpcomponents/httpclient/branches/HTTPCLIENT-1625/|separate branch]]. <<TableOfContents>> == Implementation Decisions == - Implemenation decisions are comprised of several blocks like interface implementations, exception handling, logging. + Implemenation decisions are comprised of several blocks like interface implementations, exception handling, logging, etc. === Interface Implementations === - * `AuthSchemeProvider`: merely a factory for creating `AuthScheme` instances. Implemenation will be `GssBasedSchemeProvider`. It will take in one argument, the OID string of the desired authentication mechanism or simply the `AuthScheme` name. + * `AuthSchemeProvider`: merely a factory for creating `AuthScheme` instances. Implemenation will be `GSSBasedSchemeProvider`. It will take in one argument, the OID string of the desired authentication mechanism or simply the `AuthScheme` name. * `AuthSchemeBase` (implements `ContextAwareAuthScheme`): the implementation `GSSBasedScheme` will take in one argument, the OID string of the desired authentication mechanism or simply the `AuthScheme`. It will internally maintain a stateful `GSSContext` for the authentication against a target or a proxy. Since the implementation itself does not know when it will be nulled and garbage collected, it will maintain its state internally and release the `GSSContext` immediately upon successful completion or the first failure. This implemenation will '''not''' be threadsafe. * `Credentials`: this will be `GSSBasedCredentials` and will take in a `GSSCredential`. Useful if not the default `GSSCredential` will be used. It is also necessary to create a `GSSPrincipal` class which will wrap the `GSSName` from the credential. * `UserTokenHandler`: TBD @@ -46, +46 @@ Concrete requests are still open. - == Awkward Stuff == + == Questions == 1. Why does `MalformedChallengeException` not extend `AuthenticationException` though it is documented for authentication purposes?<<BR>>OK: `MalformedChallengeException` signals syntax violation of some sort presenting the client from understanding the challenge whereas `AuthenticationException` signals inability or unwillingness to respond to the challenge. To me these are different type of issues, but I am open to changing it in 5.0. 1. The name of `ChallengeState` is quite confusing. Where is the state? This is merely a `ChallengeHostType`.<<BR>>OK: We can deprecate it and replace with `AuthCounterpartType` or some such in 4.5. 1. Can a `ContextAwareAuthScheme` instance be reused?<<BR>>OK: It can be re-used and will automatically be re-used within the same context (requests executed with the same instance of HttpContext). + 1. Can an `HttpContext` be used concurrently? == Todos == --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
