commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ol...@apache.org
Subject cvs commit: jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth BasicScheme.java DigestScheme.java NTLMScheme.java
Date Wed, 13 Aug 2003 19:58:14 GMT
olegk       2003/08/13 12:58:14

  Modified:    httpclient/src/java/org/apache/commons/httpclient/auth Tag:
                        HTTPCLIENT_2_0_BRANCH BasicScheme.java
                        DigestScheme.java NTLMScheme.java
  Log:
  Fixes the problem of Basic, Digest & NTLM authentication schemes leaking passwords in
clear text to the log.
  
  Contributed by Oleg Kalnichevski
  
  Revision  Changes    Path
  No                   revision
  No                   revision
  1.4.2.1   +4 -4      jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/BasicScheme.java
  
  Index: BasicScheme.java
  ===================================================================
  RCS file: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/BasicScheme.java,v
  retrieving revision 1.4
  retrieving revision 1.4.2.1
  diff -u -r1.4 -r1.4.2.1
  --- BasicScheme.java	26 May 2003 22:07:22 -0000	1.4
  +++ BasicScheme.java	13 Aug 2003 19:58:14 -0000	1.4.2.1
  @@ -135,7 +135,7 @@
           } catch (ClassCastException e) {
               throw new AuthenticationException(
                "Credentials cannot be used for basic authentication: " 
  -              + credentials.toString());
  +              + credentials.getClass().getName());
           }
           return BasicScheme.authenticate(usernamepassword);
       }
  
  
  
  1.4.2.1   +5 -5      jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/DigestScheme.java
  
  Index: DigestScheme.java
  ===================================================================
  RCS file: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/DigestScheme.java,v
  retrieving revision 1.4
  retrieving revision 1.4.2.1
  diff -u -r1.4 -r1.4.2.1
  --- DigestScheme.java	26 May 2003 22:07:22 -0000	1.4
  +++ DigestScheme.java	13 Aug 2003 19:58:14 -0000	1.4.2.1
  @@ -153,8 +153,8 @@
               usernamepassword = (UsernamePasswordCredentials) credentials;
           } catch (ClassCastException e) {
               throw new AuthenticationException(
  -             "Credentials cannot be used for basic authentication: " 
  -              + credentials.toString());
  +             "Credentials cannot be used for digest authentication: " 
  +              + credentials.getClass().getName());
           }
           this.getParameters().put("cnonce", createCnonce());
           this.getParameters().put("methodname", method);
  
  
  
  1.6.2.1   +4 -4      jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/NTLMScheme.java
  
  Index: NTLMScheme.java
  ===================================================================
  RCS file: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/NTLMScheme.java,v
  retrieving revision 1.6
  retrieving revision 1.6.2.1
  diff -u -r1.6 -r1.6.2.1
  --- NTLMScheme.java	21 Jun 2003 11:15:47 -0000	1.6
  +++ NTLMScheme.java	13 Aug 2003 19:58:14 -0000	1.6.2.1
  @@ -223,7 +223,7 @@
           } catch (ClassCastException e) {
               throw new AuthenticationException(
                "Credentials cannot be used for NTLM authentication: " 
  -              + credentials.toString());
  +              + credentials.getClass().getName());
           }
           return NTLMScheme.authenticate(ntcredentials, this.ntlmchallenge);
       }    
  
  
  

Mime
View raw message