[jira] Commented: (XMLRPC-64) DefaultXmlRpcTransportFactory forgets authentication setting when using http

Fri, 01 Jul 2005 02:45:05 -0700 

    [ 
http://issues.apache.org/jira/browse/XMLRPC-64?page=comments#action_12314879 ] 

Andreas Sahlbach commented on XMLRPC-64:
----------------------------------------

Ok, I wasn't done yet, obviously, but I accidently hit the darn enter key... 
Here comes the rest:

After some debugging it boiled down to the following function in 
DefaultXmlRpcTransportFactory:
=============================================================
public XmlRpcTransport createTransport() throws XmlRpcClientException
    {
        if ("https".equals(url.getProtocol()))
        {
            if (httpsTransportFactory == null)
            {
                Properties properties = new Properties();

                properties.put(XmlRpcTransportFactory.TRANSPORT_URL, url);
                properties.put(XmlRpcTransportFactory.TRANSPORT_AUTH, auth);

                setHTTPSTransport(DEFAULT_HTTPS_PROVIDER, properties);
            }

            return httpsTransportFactory.createTransport();
        }

        return new DefaultXmlRpcTransport(url);    // <---- should be new 
DefaultXmlRpcTransport(url,auth) IMHO, a.sahlbach
    }
=================================================================
As you can see the function creates a DefaultXmlRpcTransport, if it is not SSL. 
Problem is, that it is not providing the authentication to this 
DefaultXmlRpcTransport, so that it is created without Authentication settings. 
See comment above for a possible patch.



> DefaultXmlRpcTransportFactory forgets authentication setting when using http
> ----------------------------------------------------------------------------
>
>          Key: XMLRPC-64
>          URL: http://issues.apache.org/jira/browse/XMLRPC-64
>      Project: XML-RPC
>         Type: Bug
>   Components: Source
>     Versions: 2.0
>     Reporter: Andreas Sahlbach

>
> We normally use XMLRPC via SSL. But for interprocess communication from 
> webapp to webapp on the same server we use a normal HTTP port (bound only to 
> localhost, so we can skip the SSL overhead). The XMLRPC port is secured via 
> Basic Authentication in both cases.
> I am setting the authentication at the client by creating a 
> DefaultXmlRpcTransportFactory, setting the authentication at it and deliver 
> it when I am creating the XMLRPC client. The problem is, that if the URL is 
> http, no authentication was sent. If I just change the URL to https, the 
> authentication was used.
> After some debugging it boild

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira

Reply via email to