Return-Path: Delivered-To: apmail-hc-dev-archive@www.apache.org Received: (qmail 74244 invoked from network); 24 Feb 2010 09:14:48 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 24 Feb 2010 09:14:48 -0000 Received: (qmail 95693 invoked by uid 500); 24 Feb 2010 09:14:48 -0000 Delivered-To: apmail-hc-dev-archive@hc.apache.org Received: (qmail 95647 invoked by uid 500); 24 Feb 2010 09:14:48 -0000 Mailing-List: contact dev-help@hc.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "HttpComponents Project" Delivered-To: mailing list dev@hc.apache.org Received: (qmail 95637 invoked by uid 99); 24 Feb 2010 09:14:48 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 24 Feb 2010 09:14:48 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 24 Feb 2010 09:14:48 +0000 Received: from brutus.apache.org (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id DEB5429A0013 for ; Wed, 24 Feb 2010 01:14:27 -0800 (PST) Message-ID: <1443257269.487591267002867910.JavaMail.jira@brutus.apache.org> Date: Wed, 24 Feb 2010 09:14:27 +0000 (UTC) From: "Oleg Kalnichevski (JIRA)" To: dev@hc.apache.org Subject: [jira] Commented: (HTTPCLIENT-917) When authentication is invalidated during redirection, proxy authentication also should be invalidated In-Reply-To: <820816960.471621266957928231.JavaMail.jira@brutus.apache.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HTTPCLIENT-917?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12837701#action_12837701 ] Oleg Kalnichevski commented on HTTPCLIENT-917: ---------------------------------------------- Karl, (1) HttpComponents is an open-source project overseen by ASF. The only thing we can truly _guarantee_ here is that you get full source code and _nothing_ else. (2) HttpClient 4.0 does a lot of things very differently compared to HttpClient 3.1, so there is really no way of telling whether the problem is still there without proper testing. However, just by looking at the code I do think HttpClient 4.0 is no longer affected by the bug. http://hc.apache.org/httpcomponents-client/httpclient/xref/org/apache/http/impl/client/DefaultRequestDirector.html#995 (3) I will commit your patch to the 3.x branch tonight. (4) I am not sure I fully understand why you are not able to upgrade Lucene Connector Framework to the latest version of HttpClient and what this has to do with Debian stable. Oleg > When authentication is invalidated during redirection, proxy authentication also should be invalidated > ------------------------------------------------------------------------------------------------------ > > Key: HTTPCLIENT-917 > URL: https://issues.apache.org/jira/browse/HTTPCLIENT-917 > Project: HttpComponents HttpClient > Issue Type: Bug > Components: HttpClient > Affects Versions: 3.1 Final > Reporter: Karl Wright > Attachments: proxy-auth-invalidate.patch > > > This was discovered during use by Lucene Connector Framework, on 3.1. > When a document is fetched through a proxy authenticated with NTLM, and > that document is a redirection (301 or 302), the httpclient fails to > properly use the right proxy credentials on the subsequent document > fetch. This leads to 407 errors on these kinds of documents. > I've attached a proposed patch. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org For additional commands, e-mail: dev-help@hc.apache.org