[
https://issues.apache.org/jira/browse/HTTPCLIENT-2356?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17914771#comment-17914771
]
Istvan Toth commented on HTTPCLIENT-2356:
-----------------------------------------
I THINK that the new API and Auth code is general enough for SCRAM.
Unfortunately, I cannot guarantee that these changes are sufficient without
attempting to implement SCRAM.
There are two (related) problems with the current API and auth code:
* It does not process tokens for 200 responses
* AuthScheme does not let us error out locally when receiving a token
I only have passing familiarity with SCRAM, but I think that the token flow is
very similar to mutal auth SPNEGO, and fixing the above issues SHOULD be enough
for implementing SCRAM in the future. The token/control flow for authenticating
the server and erroring out if it's unsuccessful should be very similar, if not
identical.
> Extend AuthScheme API and Authentication Logic to Enable SPNEGO Mutual
> Authentication
> -------------------------------------------------------------------------------------
>
> Key: HTTPCLIENT-2356
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2356
> Project: HttpComponents HttpClient
> Issue Type: Sub-task
> Reporter: Istvan Toth
> Priority: Major
>
> The current AuthScheme interface and authentication code (mostly in
> HttpAuthenticator) makes some assumptions about the authentication dialog
> that makes it impossible to implement mutual SPNEGO authentication.
> This patch aims to extend the AuthScheme API, and the authentication logic to
> allow implementing SPNEGO authentication.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
