[
https://issues.apache.org/jira/browse/HTTPCLIENT-1748?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15383797#comment-15383797
]
ASF GitHub Bot commented on HTTPCLIENT-1748:
--------------------------------------------
Github user ok2c commented on a diff in the pull request:
https://github.com/apache/httpclient/pull/55#discussion_r71292523
--- Diff:
httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/SystemDefaultCredentialsProvider.java
---
@@ -88,35 +93,51 @@ public void setCredentials(final AuthScope authscope,
final Credentials credenti
private static PasswordAuthentication getSystemCreds(
final AuthScope authscope,
- final Authenticator.RequestorType requestorType) {
+ final Authenticator.RequestorType requestorType,
+ final HttpContext context) {
final String hostname = authscope.getHost();
final int port = authscope.getPort();
final HttpHost origin = authscope.getOrigin();
final String protocol = origin != null ? origin.getSchemeName() :
(port == 443 ? "https" : "http");
+
+ final URL targetHostURL;
+ if (context != null) {
+ final HttpUriRequest httpUriRequest = (HttpUriRequest)
context.getAttribute(HttpCoreContext.HTTP_REQUEST);
--- End diff --
One cannot assume the request object in the context to be always of type of
HttpUriRequest. It would be safer to use the generic HttpRequest type here.
Otherwise everything looks good to me.
> When run in java applet, SystemDefaultCredentialsProvider fails to get
> authentication from Authenticator
> --------------------------------------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1748
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1748
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient
> Affects Versions: 4.5
> Environment: Windows, application running in a java applet started by
> firefox, connection to a remote server via a squid proxy with basic
> authentication
> Reporter: Sébastien Caille
> Priority: Trivial
>
> Hello,
> The java applets are deprecated, but the issue may impact other use cases.
> During a POST call made from a java applet via a proxy server with basic
> authentication, SystemDefaultCredentialsProvider.getSystemCreds(...) calls
> Authenticator.requestPasswordAuthentication, which wrongly returns "null"
> authentication.
> The java applet console shows that a NullPointerException was ignored.
> I managed to fix the issue by providing the following values to
> Authenticator.requestPasswordAuthentication (getSystemCreds is currently
> providing null for those ones ):
> prompt = authscope.getRealm()
> url = context.getAttribute(HttpClientContext.HTTP_TARGET_HOST)
> Both values are needed ( prompt == null && url != null -> dialog box asking
> for credentials, prompt != null && url == null -> crashes firefox)
> Note that when downloading the applet jar files, the java is providing values
> for all the parameters of Authenticator.requestPasswordAuthentication
> (according to a breakpoint in requestPasswordAuthentication).
> Thanks
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
