Return-Path: Delivered-To: apmail-jakarta-commons-httpclient-dev-archive@www.apache.org Received: (qmail 61277 invoked from network); 18 Sep 2003 08:22:09 -0000 Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12) by minotaur-2.apache.org with SMTP; 18 Sep 2003 08:22:09 -0000 Received: (qmail 78727 invoked by uid 500); 18 Sep 2003 08:21:41 -0000 Delivered-To: apmail-jakarta-commons-httpclient-dev-archive@jakarta.apache.org Received: (qmail 78605 invoked by uid 500); 18 Sep 2003 08:21:40 -0000 Mailing-List: contact commons-httpclient-dev-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Commons HttpClient Project" Reply-To: "Commons HttpClient Project" Delivered-To: mailing list commons-httpclient-dev@jakarta.apache.org Received: (qmail 78578 invoked from network); 18 Sep 2003 08:21:39 -0000 Received: from unknown (HELO nose.ch) (195.134.131.71) by daedalus.apache.org with SMTP; 18 Sep 2003 08:21:39 -0000 Received: (qmail 2200 invoked from network); 18 Sep 2003 08:21:51 -0000 Received: from calvin.nose.ch (HELO nose.ch) (192.168.1.7) by 0 with SMTP; 18 Sep 2003 08:21:51 -0000 Message-ID: <3F696B1F.2010708@nose.ch> Date: Thu, 18 Sep 2003 10:21:51 +0200 From: =?ISO-8859-1?Q?Ortwin_Gl=FCck?= User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030612 X-Accept-Language: de-ch, en-us MIME-Version: 1.0 To: Commons HttpClient Project Subject: Re: [PATCH] Reworked digest auth References: <3F6062B2.7080600@nose.ch> <1063446510.2923.12.camel@kczrh-okt22.corp.bearingpoint.com> <3F68179A.50403@nose.ch> <1063828994.2143.38.camel@kczrh-okt22.corp.bearingpoint.com> In-Reply-To: <1063828994.2143.38.camel@kczrh-okt22.corp.bearingpoint.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N Oleg Kalnichevski wrote: > Odi, the patch looks fine to me. I just dislike this part: > > try { > cnonce = createCnonce(); > } catch(AuthenticationException e) { > throw new RuntimeException(e.toString()); > } > > > At the very least I would rethrow the exception as > MalformedChallengeException, or, preferably, change createCnonce to > throw MalformedChallengeException instead of AuthenticationException in > the very first place. Agreed. It's not nice. The original exception that is generated is because MD5 is not available. I think this should generally trigger an unchecked exception since it is a basic feature needed for HttpClient to work (and should never happen anyway). I think createCnonce should just throw a RuntimeException instead of AuthenticationException. The AuthenticationException is sematically wrong here anyway. > As to the stateful authentication framework, it sounds like a reasonable > improvement, but I suggest that we hold it off until the comprehensive > API redesign that should follow the 2.1 release. Feel free to file a bug > report meanwhile. Okay. --------------------------------------------------------------------- To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org