hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ortwin Gl├╝ck <ortwin.glu...@nose.ch>
Subject Re: [PATCH] Reworked digest auth
Date Thu, 18 Sep 2003 08:21:51 GMT
Oleg Kalnichevski wrote:

> Odi, the patch looks fine to me. I just dislike this part:
>         try {
>             cnonce = createCnonce();   
>         } catch(AuthenticationException e) {
>             throw new RuntimeException(e.toString());   
>         }
> At the very least I would rethrow the exception as
> MalformedChallengeException, or, preferably, change createCnonce to
> throw MalformedChallengeException instead of AuthenticationException in
> the very first place.

Agreed. It's not nice.

The original exception that is generated is because MD5 is not 
available. I think this should generally trigger an unchecked exception 
since it is a basic feature needed for HttpClient to work (and should 
never happen anyway). I think createCnonce should just throw a 
RuntimeException instead of AuthenticationException. The 
AuthenticationException is sematically wrong here anyway.

> As to the stateful authentication framework, it sounds like a reasonable
> improvement, but I suggest that we hold it off until the comprehensive
> API redesign that should follow the 2.1 release. Feel free to file a bug
> report meanwhile. 


To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org

View raw message