[
https://issues.apache.org/jira/browse/HTTPCLIENT-1912?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16577347#comment-16577347
]
Nicholas DiPiazza edited comment on HTTPCLIENT-1912 at 8/11/18 10:08 PM:
-------------------------------------------------------------------------
Yeah I've noticed something that is this hard to understand once it "works"
(meaning lets you authenticate and make authenticated http requests to get the
content you need), people shrug off issues with the security because they don't
care.
Can you possibly help me out a little by highlighting some changes to make to
my {{SpnegoAuth}} class to fix the issues? Or is it so far off that I wasted my
time here?
Or could you possibly highlight where in particular libserf does this
correctly?
I'm using only Java Security code here. I'm not doing anything with HTTP client
anymore.
was (Author: ndipiazza_gmail):
Yeah I've noticed something that is this hard to understand once it "works"
(meaning lets you authenticate and make authenticated http requests to get the
content you need), people shrug off issues with the security because they don't
care.
Can you possibly help me out a little by highlighting some changes to make to
my {{SpnegoAuth}} class to fix the issues? Or is it so far off that I wasted my
time here?
Or could you possibly highlight where in particular libserf does this
correctly?
> AuthSchemes.SPNEGO should be able to specify login conf and krb5 conf as
> parameters instead of system properties
> ----------------------------------------------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1912
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1912
> Project: HttpComponents HttpClient
> Issue Type: Improvement
> Components: HttpClient (classic)
> Affects Versions: 4.5.2
> Reporter: Nicholas DiPiazza
> Priority: Major
> Labels: volunteers-wanted
> Fix For: Stuck
>
>
> in order to use spenego
> see
> [example|https://github.com/jumarko/kerberos-auth-example/blob/master/src/main/java/net/curiousprogrammer/auth/kerberos/example/KerberosAuthExample.java]
> you need to specify system properties to specify a custom krb5.conf or
> login.conf location.
> It would be very useful if these could be given as parameters somehow instead
> of system properties, because in our cloud apps use case, sharing these as
> system properties at the jvm level is causing conflicts.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org
For additional commands, e-mail: dev-h...@hc.apache.org
