I like the new design. It makes things much simpler and more modular. I have only a few minor questions/comments:
- should the various auth/* classes be public?
- is there a need for someone to supply their own AuthScheme? it seems that all of the choices are now hard coded.
- HttpState should use standard bean naming conventions for preemptiveAuthentication, something like isAuthenticationPreemptive() and setAuthenticationPreemptive()
- there are some small style problems, and unused imports
Again, very nice work.
Mike
On Wednesday, March 19, 2003, at 03:09 PM, Oleg Kalnichevski wrote:
Folks,
I know I have been a pain in the rear ;-)
Your feedback would be highly appreciated. I know it is quite a bit of a
patch ;-) So, you are welcome to start throwing bad tomatoes at me
[Taking cover]
Oleg
On Wed, 2003-03-19 at 20:59, [EMAIL PROTECTED] wrote:DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=17884>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=17884
Multiple DIGEST authentication attempts with same credentials
------- Additional Comments From [EMAIL PROTECTED] 2003-03-19 19:59 -------
While working on a fix for this bug I have come to realize that any sort of
clean solution would require an almost complete authentication logic redesign.
Authenticator#authenticate method needed to be more modular, so that HttpClient
class could access information about authentication scheme being used. Besides,
authentication parsing logic was a complete mess. I was not sure I could fix it
without introducing subtle bugs
IMPORTANT: The patch retains full API compatibility with the existing version.
No existing code should be broken.
This patch should also fix the following bugs: http://nagoya.apache.org/bugzilla/show_bug.cgi?id=17158 http://nagoya.apache.org/bugzilla/show_bug.cgi?id=16861
You'll have to perform some manual adjustments after having applied the patch:
- create org.apache.commons.httpclient.auth package
- move AuthChallengeParser, AuthenticationException,
MalformedChallengeException, AuthScheme, AuthSchemeBase, BasicScheme,
DigestScheme, NTLMScheme, RFC2617Scheme, HttpAuthenticator classes to the newly
created package
Oleg PS: New classes have not been documented yet
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
