axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Oleg Kalnichevski (JIRA)" <j...@apache.org>
Subject [jira] Commented: (AXIS2-2274) Axis 2 as a client, access https:// doesn't work
Date Fri, 02 Mar 2007 18:02:51 GMT

    [ https://issues.apache.org/jira/browse/AXIS2-2274?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12477391
] 

Oleg Kalnichevski commented on AXIS2-2274:
------------------------------------------

I am not really "assigned" to this issue. All I am saying I see nothing wrong with Axis2 code
as far as HttpClient is concerned. Per default Axis2 uses AuthScope.ANY_PORT as the port value
for the auth scope, therefore the port the target server is listening on should not matter.
The same set of credentials will apply to any port of the given target host.

Oleg  

> Axis 2 as a client, access https:// doesn't work
> ------------------------------------------------
>
>                 Key: AXIS2-2274
>                 URL: https://issues.apache.org/jira/browse/AXIS2-2274
>             Project: Axis 2.0 (Axis2)
>          Issue Type: Bug
>          Components: transports
>    Affects Versions: 1.1
>            Reporter: jeff ling
>         Assigned To: Saminda Wishwajith Abeyruwan
>            Priority: Critical
>
> When the server is IIS, https doesn't work. https itself is supported through Httpclient.
>                     The credential is put in to "state" as:
>                        agent.getState().setCredentials(new AuthScope(host, port, realm),
creds);
>                     The problem is that if it's https, real port is implied, and the
"port" here is the default "80". However, when the response comes back, the actually port
(usually 433) is returned. That caused the credential (provider) not found. 
> This is only one of the issues. The credential handling code below is really wrong:
>                 if (host != null) {
>                     if (domain != null) {
>                         /*Credentials for NTLM Authentication*/
>                         creds = new NTCredentials(username, password, host, domain);
>                     } else {
>                         /*Credentials for Digest and Basic Authentication*/
>                         creds = new UsernamePasswordCredentials(username, password);
>                     }
>                     agent.getState().setCredentials(new AuthScope(host, port, realm),
creds);
>                 } else {
>                     /*Credentials only for Digest and Basic Authentication*/
>                     creds = new UsernamePasswordCredentials(username, password);
>                     agent.getState().setCredentials(new AuthScope(AuthScope.ANY), creds);
>                 }
> First,  whether it's basic or Digest is not decided by whether domain name exists, and
realm applies to basic and digest, not integrated. If you look at the IIS web server config
screen, you will see. 

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: axis-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-dev-help@ws.apache.org


Mime
View raw message