hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Oleg Kalnichevski (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HTTPCLIENT-917) When authentication is invalidated during redirection, proxy authentication also should be invalidated
Date Wed, 24 Feb 2010 12:28:27 GMT

    [ https://issues.apache.org/jira/browse/HTTPCLIENT-917?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12837757#action_12837757
] 

Oleg Kalnichevski commented on HTTPCLIENT-917:
----------------------------------------------

I am not a patent lawyer, so whatever I have to say on the matter has no bearing of what so
ever. The only group of people that can make definitive statements on the matter is the ASF
legal committee. If they decide it is okay to use algorithms in the ASF code that may _potentially_
be covered by patents held by Microsoft, the matter would be settled. However, given the fact
they have been unable to make up their mind about the use of LGPL code in ASF code for years,
I would not be holding my breath.

Welcome to the wonderful world of ASF bureaucracy.

Until this matter is decided upon by the ASF legal people I _personally_ will not touch Microsoft
specific code with a barge pole. If MetaCarta, Inc have enough lawyers sitting around, good
for you. I am just a regular guy writing code at his spare time. A mere potential threat of
a lawsuit is enough for me.  

I am aware of multiple open-source implementations of the NTLM protocol. However this is not
a copyright matter, but that of intellectual property rights. This is about a liability for
the use of Microsoft IP in commercial products, not for writing open-source code. The existence
of open-source implementations does not prove or disprove anything.

> When authentication is invalidated during redirection, proxy authentication also should
be invalidated
> ------------------------------------------------------------------------------------------------------
>
>                 Key: HTTPCLIENT-917
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-917
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient
>    Affects Versions: 3.1 Final
>            Reporter: Karl Wright
>         Attachments: proxy-auth-invalidate.patch
>
>
> This was discovered during use by Lucene Connector Framework, on 3.1.
> When a document is fetched through a proxy authenticated with NTLM, and
> that document is a redirection (301 or 302), the httpclient fails to
> properly use the right proxy credentials on the subsequent document
> fetch. This leads to 407 errors on these kinds of documents.
> I've attached a proposed patch.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message