hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mat Gessel (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HTTPCLIENT-1458) SystemDefaultCredentialsProvider authenticates with wrong protocol for https requests
Date Fri, 07 Feb 2014 20:24:23 GMT
Mat Gessel created HTTPCLIENT-1458:
--------------------------------------

             Summary: SystemDefaultCredentialsProvider authenticates with wrong protocol for
https requests
                 Key: HTTPCLIENT-1458
                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1458
             Project: HttpComponents HttpClient
          Issue Type: Bug
          Components: HttpAuth, HttpClient
    Affects Versions: 4.3.2
         Environment: Client: Oracle Java 6/7. 
            Reporter: Mat Gessel


Java has system property settings for specifying proxies. Java has different properties for
"http" and "https". The purpose of HttpClient's SystemDefaultCredentialsProvider is to delegate
authentication to a java.net.Authenticator. Authenticator implementations commonly use the
proxy system properties. However, SDCP loses the differentiation between "http" and "https";
it always requests auth for "http". 

SystemDefaultCredentialsProvider always passes "http" as the protocol to Authenticator.requestPasswordAuthentication().
This can result in an HTTP status 407 or other 3rd party errors due to a protocol mismatch.

Here is an example of a default Authenticator that will fail because it relies on the https.proxyXXX
properties. 

Authenticator.setDefault(new Authenticator()
{
  @Override
  protected PasswordAuthentication getPasswordAuthentication()
  {
    if (getRequestorType() == RequestorType.PROXY)
    {
      if ("https".equals(getRequestingProtocol().toLowerCase()))
      {
        String host = System.getProperty("https.proxyHost", "");
        String port = System.getProperty("https.proxyPort", "443");
        String user = System.getProperty("https.proxyUser", "");
        String password = System.getProperty("https.proxyPassword", "");

        if (getRequestingHost().equalsIgnoreCase(host))
        {
          if (port != null && port.equals(Integer.toString(getRequestingPort())))
          {
            return new PasswordAuthentication(user, password.toCharArray());
          }
        }
      }
    }
    return null;
  }
});


JRE 7 Networking Properties: 
http://docs.oracle.com/javase/7/docs/api/java/net/doc-files/net-properties.html


Workaround: 
  IF: a single proxy is used and it supports http and https on the same port
  THEN: set http.proxyXXX and https.proxyXXX system properties to the same host/port.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message