cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Polar Humenn (JIRA)" <>
Subject [jira] Commented: (CXF-430) HTTPConduit support for non-preemptive Basic Auth
Date Tue, 28 Aug 2007 20:07:33 GMT


Polar Humenn commented on CXF-430:

Hey Dan,

Wow, I thought we took care of that a long time ago. I guess this was just 
a bookkeeping thing.  How's the release going?


Polar Humenn                  Adiron, LLC       2-212 CST
Phone: 315-278-1648           Syracuse, NY 13244-4100
Fax:   315-443-4745 

> HTTPConduit support for non-preemptive Basic Auth
> -------------------------------------------------
>                 Key: CXF-430
>                 URL:
>             Project: CXF
>          Issue Type: New Feature
>          Components: Transports
>            Reporter: Eoghan Glynn
>            Assignee: Eoghan Glynn
>             Fix For: 2.0.1
> The current client-side support for HTTP Basic authorization is just a place-holder,
with the following short-comings:
> - credentials are only passed pre-emptively, i.e. in advance of an actual 401 challenge
> - the AuthorizationPolicy only allows a single username and password to be configured,
without any reference to a particular realm or targetURI
> - there is no specific handling of 401 challenges, or attempt to trasparently resend
> - this are no hooks to allow the client application participate in the trust evaluation
before handing out the username/password

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message