hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ortwin Gl├╝ck <ortwin.glu...@nose.ch>
Subject Re: Why on earth do we differenciate between proxy and host credentials?
Date Thu, 29 Jan 2004 14:21:27 GMT

Kalnichevski, Oleg wrote:

> While going through the Odi's latest patch, I got hit by an idea. Why on earth do we
differentiate between proxy and host credentials? At the end of the day do we care? The distinction
between proxies and target hosts is not relevant from the HttpState standpoint as long as
credentials can be uniquely identified by realm/host/port. All we need to ability to differentiate
credentials by authentication realm, host AND port. I think we would make API much simpler
and authentication code much cleaner by deprecating HttpState#get/setProxyCredentials stuff
for good.  

I thought the same when making the patch. But I am not sure either if we 
should just treat them the same. Imagine a webserver and a proxy running 
on the same machine (different ports of course). They are completely 
different services and as such have different name spaces for their 
realms. So I thought it's right to treat them separately. But I may be 
too over-careful.
It's very unlikely for real-world applications to run into problems if 
we decide to mix the two name spaces. But it's just cleaner (in terms of 
following the standards) to leave it as it is, even though it makes a 
small overhead in code. BTW that code-overhead has just been reduced by 
my patch and has been transformed into a memory overhead :-)


To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org

View raw message