The patch addresses the problem with the proxy authentication realm reported by David Rowe. HttpAuthenticator should now be picking up the correct credentials when authenticating with an NTLM proxy (NTLM authentication does not support the concept of authentication realm as defined in RFC2617).
Please let me know what you think Oleg
Index: java/org/apache/commons/httpclient/auth/HttpAuthenticator.java =================================================================== RCS file: /home/cvspublic/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/HttpAuthenticator.java,v retrieving revision 1.7 diff -u -r1.7 HttpAuthenticator.java --- java/org/apache/commons/httpclient/auth/HttpAuthenticator.java 26 May 2003 22:07:22 -0000 1.7 +++ java/org/apache/commons/httpclient/auth/HttpAuthenticator.java 7 Aug 2003 20:01:08 -0000 @@ -291,30 +291,41 @@ } String host = null; if (conn != null) { - host = proxy ? conn.getProxyHost() : conn.getHost(); + if (proxy) { + host = conn.getProxyHost(); + } else { + host = conn.getVirtualHost(); + if (host == null) { + host = conn.getHost(); + } + } } String realm = authscheme.getRealm(); // TODO: To be removed in the future. Required for backward compatibility if (realm == null) { - Header hostheader = method.getRequestHeader("host"); - if (hostheader != null) { - realm = hostheader.getValue(); - } + realm = host; } if (LOG.isDebugEnabled()) { + StringBuffer buffer = new StringBuffer(); + buffer.append("Authenticating with the "); if (realm == null) { - LOG.debug("Using default authentication realm"); + buffer.append("default"); } else { - LOG.debug("Using '" + realm + "' authentication realm"); + buffer.append('\''); + buffer.append(authscheme.getRealm()); + buffer.append('\''); } + buffer.append(" authentication realm at "); + buffer.append(host); + LOG.debug(buffer.toString()); } Credentials credentials = proxy ? state.getProxyCredentials(realm, host) : state.getCredentials(realm, host); if (credentials == null) { throw new AuthenticationException( - "No credentials available for the " + authscheme.getSchemeName() - + "authentication realm '" + realm + "'"); + "No credentials available for the '" + authscheme.getRealm() + + "' authentication realm at " + host); } String auth = authscheme.authenticate(credentials, method.getName(), method.getPath()); if (auth != null) { Index: test/org/apache/commons/httpclient/TestAuthenticator.java =================================================================== RCS file: /home/cvspublic/jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestAuthenticator.java,v retrieving revision 1.25 diff -u -r1.25 TestAuthenticator.java --- test/org/apache/commons/httpclient/TestAuthenticator.java 22 Apr 2003 17:00:26 -0000 1.25 +++ test/org/apache/commons/httpclient/TestAuthenticator.java 7 Aug 2003 20:01:15 -0000 @@ -413,9 +413,8 @@ HttpState state = new HttpState(); NTCredentials cred = new NTCredentials("username","password", "host", "domain"); - state.setCredentials("host", null, cred); + state.setCredentials(null, null, cred); HttpMethod method = new SimpleHttpMethod(new Header("WwW-AuThEnTiCaTe", challenge)); - method.addRequestHeader("Host", "host"); AuthScheme authscheme = new NTLMScheme(challenge); assertTrue(HttpAuthenticator.authenticate(authscheme, method, null, state)); assertTrue(null != method.getRequestHeader("Authorization")); @@ -428,9 +427,8 @@ HttpState state = new HttpState(); NTCredentials cred = new NTCredentials("username","password", "host", "domain"); - state.setCredentials("host", null, cred); + state.setCredentials(null, null, cred); HttpMethod method = new SimpleHttpMethod(new Header("WWW-Authenticate", challenge)); - method.addRequestHeader("Host", "host"); AuthScheme authscheme = new NTLMScheme(challenge); assertTrue(HttpAuthenticator.authenticate(authscheme, method, null, state)); assertTrue(null != method.getRequestHeader("Authorization")); @@ -452,9 +450,8 @@ HttpState state = new HttpState(); NTCredentials cred = new NTCredentials("username","password", "host", "domain"); - state.setCredentials("host", null, cred); + state.setCredentials(null, null, cred); HttpMethod method = new SimpleHttpMethod(new Header("WWW-Authenticate", challenge)); - method.addRequestHeader("Host", "host"); AuthScheme authscheme = new NTLMScheme(challenge); assertTrue(HttpAuthenticator.authenticate(authscheme, method, null, state)); assertTrue(null != method.getRequestHeader("Authorization"));
proxyauth.patch.zip
Description: Zip archive
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]