[
https://issues.apache.org/jira/browse/AXIS2-5225?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andreas Veithen moved AXIS-2856 to AXIS2-5225:
----------------------------------------------
Component/s: (was: Basic Architecture)
Affects Version/s: (was: 1.5)
1.5
Key: AXIS2-5225 (was: AXIS-2856)
Project: Axis2 (was: Axis)
> Host provided by authenticator is treated incorrectly
> -----------------------------------------------------
>
> Key: AXIS2-5225
> URL: https://issues.apache.org/jira/browse/AXIS2-5225
> Project: Axis2
> Issue Type: Bug
> Affects Versions: 1.5
> Environment: any OS
> Reporter: Kirill Safonov
>
> As of 1.5.1 AbstractHTTPSender.setAuthenticationInfo() obtains host from
> authenticator. Then this value is used to:
> 1) Create NTCredentials instance. Here 'host' is expected to describe source
> party (Javadoc: "The host the authentication request is originating from...")
> 2) Create AuthScope instance. Here 'host' is stored and AuthScope instance is
> later matched with another instance provided by
> HttpMethodDirector.authenticateHost(), which uses host from connection
> (points to target machine).
> So, client has to pass server host to NTCredentials constructor, otherwise
> authentication will not be performed as expected. This contradicts to Javadoc
> and also may cause problems with NTLM authentication where client host name
> (and not server name) is part of the handshake message.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
