hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marcos Scriven (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HTTPCLIENT-1599) Need an alternative to the deprecated BasicScheme(ChallengeState)
Date Thu, 15 Jan 2015 01:37:34 GMT
Marcos Scriven created HTTPCLIENT-1599:

             Summary: Need an alternative to the deprecated BasicScheme(ChallengeState)
                 Key: HTTPCLIENT-1599
                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1599
             Project: HttpComponents HttpClient
          Issue Type: Improvement
          Components: HttpClient
    Affects Versions: 4.3.6
            Reporter: Marcos Scriven
            Priority: Minor

The documentation for HttpClient 4 mentions the potential security issues around preemptive

That notwithstanding, it provides the following solution (https://hc.apache.org/httpcomponents-client-ga/httpclient/examples/org/apache/http/examples/client/ClientPreemptiveBasicAuthentication.java)
         // Create AuthCache instance
            AuthCache authCache = new BasicAuthCache();
            // Generate BASIC scheme object and add it to the local
            // auth cache
            BasicScheme basicAuth = new BasicScheme();
            authCache.put(target, basicAuth);

            // Add AuthCache to the execution context
            HttpClientContext localContext = HttpClientContext.create();

This works fine, except for proxy authentication. In {{BasicScheme}}, the authenticate method
checks the ChallengeState: 


The solution thus would appear to be to set the ChallengeState to {{PROXY}}:
BasicScheme proxyScheme = new BasicScheme(ChallengeState.PROXY);

This works, but appears to have been deprecated, and there's no alternative way to set this
without first receiving a proxy auth challenge response.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org

View raw message