> What does "supported by jre" mean? Not even Basic Authentication is
> supported in the sense, that I have to create an "Authorization"
> header anyways.
I think of "supported by" in a way that the java plugin is able to use
the browser proxy settings and supports NTLM authentication for
URLConnections without additional configuration.
However, I identified the reason that caused xmlrpc-calls to fail if
the client is behind a NTLM-Proxy using ssl. There is a bug in the
java_net classes for java 1.4 and 1.5 (they say it's fixed in 1.6)
that causes this (*) line in DefaultXmlRpcTransport to block any
further network traffic:
public InputStream sendXmlRpc(byte [] request)
throws IOException
{
con = url.openConnection();
con.setDoInput(true);
con.setDoOutput(true);
con.setUseCaches(false);
con.setAllowUserInteraction(false);
// (*) con.setRequestProperty("Content-Length",
Integer.toString(request.length)); <- EVIL jdk java_net Bug
con.setRequestProperty("Content-Type", "text/xml");
if (auth != null)
{
con.setRequestProperty("Authorization", "Basic " + auth);
}
OutputStream out = con.getOutputStream();
out.write(request);
out.flush();
out.close();
return con.getInputStream();
}
After patching the xmlrpc library and commenting this line, everything
works as expected.
This problem is not your fault, but as this is an issue for many
people behind microsoft firewalls/proxies, I'd like to encourage you
to omit the explicit setting of the Content-Length.
Markus
