ant-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Maarten Coene (JIRA)" <j...@apache.org>
Subject [jira] Resolved: (IVY-1211) Use IvyAuthenticator only when it is really necessary
Date Sun, 01 Aug 2010 22:27:15 GMT

     [ https://issues.apache.org/jira/browse/IVY-1211?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Maarten Coene resolved IVY-1211.
--------------------------------

         Assignee: Maarten Coene
    Fix Version/s: 2.2.0
       Resolution: Fixed

Fixed in trunk in 2.2.x branch.

The following changes were made:
- only set the IvyAuthenticator if the protocol is "http" or "https"
- only log a warning if the permission isn't there to set the default authenticator

Could you give it a try to see if this works for you?

> Use IvyAuthenticator only when it is really necessary
> -----------------------------------------------------
>
>                 Key: IVY-1211
>                 URL: https://issues.apache.org/jira/browse/IVY-1211
>             Project: Ivy
>          Issue Type: Improvement
>            Reporter: Mark Zheng
>            Assignee: Maarten Coene
>            Priority: Critical
>             Fix For: 2.2.0
>
>
> Currently, Ivy uses BasicURLHandler to locate resources and to open an input stream on
it. According to the implementation of the release 2.1.0, the constructor of the BasicURLHandler
forces the JVM to load the IvyAuthenticator class. This action will have to assume that the
"java.net.NetPermission: setDefaultAuthenticator" has already been granted to Ivy, since the
IvyAuthenticator will set itself as the JVM's default authenticator.
> However, It will fail in web application when the web container does not grant the NetPermission
to ivy. It will causes the whole web application failed because the class BasicURLHandler
cannot be initialized.
> Also, sometimes the user only needs to load some resources in its own application's classpath,
in which case there is no need to use an authenticator, thus no need to grant Ivy the "java.net.NetPermission:
setDefaultAuthenticator". However, currently the user has to grant the permission even if
this makes little sense. It will be better if the BasicURLHandler uses IvyAuthenticator only
when it is really necessary.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message