[jira] [Commented] (CXF-6236) proxyAuthSupplier not used in HTTPConduit.setHeadersByAuthorizationPolicy

Tue, 10 Feb 2015 12:31:40 -0800 

    [ 
https://issues.apache.org/jira/browse/CXF-6236?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14314861#comment-14314861
 ] 

Daniel Kulp commented on CXF-6236:
----------------------------------

I changed the line in question to proxyAuthSupplier, but I'm pretty sure that 
won't be enough which is why I won't close this.  For digest, we'd like need to 
cache the request like we do if authProvider flags it.   There are likely other 
40x codes we'd need to look at as well. 

> proxyAuthSupplier not used in HTTPConduit.setHeadersByAuthorizationPolicy
> -------------------------------------------------------------------------
>
>                 Key: CXF-6236
>                 URL: https://issues.apache.org/jira/browse/CXF-6236
>             Project: CXF
>          Issue Type: Bug
>          Components: Transports
>    Affects Versions: 2.6.6, 3.0.3
>            Reporter: Christoph E.
>   Original Estimate: 1h
>  Remaining Estimate: 1h
>
> i'm trying to send requests to an external system which requires basic auth 
> via an internal http proxy which uses digest auth
> {code:xml}
> <http-conf:conduit name="*.http-conduit">
>       <http-conf:client
>               ProxyServer="proxy"
>               ProxyServerPort="3128"
>       />
>       <http-conf:authorization>
>               <http-sec:UserName>xxx</http-sec:UserName>
>               <http-sec:Password>xxx</http-sec:Password>
>               <http-sec:AuthorizationType>Basic</http-sec:AuthorizationType>
>       </http-conf:authorization>
>       <http-conf:proxyAuthorization>
>               <http-sec:UserName>proxyuser</http-sec:UserName>
>               <http-sec:Password>proxypass</http-sec:Password>
>               <http-sec:AuthorizationType>Digest</http-sec:AuthorizationType>
>       </http-conf:proxyAuthorization>
> </http-conf:conduit>
> {code}
> the problem is that Proxy-Authentication is always using basic auth
> i think i found the problem in
> org.apache.cxf.transport.http.HTTPConduit.setHeadersByAuthorizationPolicy
> {code}
>         String proxyAuthString = 
> *authSupplier*.getAuthorization(proxyAuthorizationPolicy, 
>                                                                url, message, 
> null);
>         if (proxyAuthString != null) {
>             headers.setProxyAuthorization(proxyAuthString);
>         }
> {code}
> the field proxyAuthSupplier was lazy initialized as DigestAuthSupplier in 
> prepare method, but it is not used to create the header.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to