jonenst commented on PR #773: URL: https://github.com/apache/httpcomponents-client/pull/773#issuecomment-3795467435
Hi @rschmitt, Awesome write up. For info, I think there are a lot of places requiring the use of basic auth proxy authentication. I myself have been required to use it in multiples companies. Developpers of java tools/libs will have to proactively add the code to register proxy passwords (or wait for the first bug report). For such broken/lacking programs, with your proposa, at least power users will know how to setup a local squid proxy reexposing their basic auth proxy as unauthenticated (which is an improvement to the current situation where this is not even possible. Although it will feel terrible: just like cntlm but without good perceived reason). And regular users will be just be blocked trying to set -DproxyUser -DproxyPassword in many crazy different ways because they expect tools/libs to use them. Graddle supports proxyUser/proxyPassword : https://docs.gradle.org/current/userguide/networking.html Maven requires you to set their own bespoke config : https://maven.apache.org/guides/mini/guide-proxies.html ``` <proxies> <proxy> ... <username>proxyuser</username> <password>somepassword</password> ``` I think Intellij and eclipse are the same (required bespoke config in menus). (Contrast that with vscode that just reads from the venerable curl env variable http_proxy) Speaking of the amazon sdk, they are the only java software I know that read the venerable curl environment variable env.http_proxy, env.https_proxy, and maybe they read user/password from them and run the code to register it to the jdk? Maybe you can adk them why they did that, and if it would be a good idea for httpcomponents to do the same if you feel that having the password next to the host is a strong advantage. Note however that you can also get bitten by this behavior when you don't expect your java programs to use the variables and the proxy and they don't work properly because they should do direct requests. A downside of try to beat the status quo I guess. Cheers, Jon -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
