You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Oleg Kalnichevski (Jira)" <ji...@apache.org> on 2021/08/18 16:28:00 UTC

[jira] [Commented] (HTTPCLIENT-2171) Basic Authentication Failed With UserId containing "\"

    [ https://issues.apache.org/jira/browse/HTTPCLIENT-2171?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17401181#comment-17401181 ] 

Oleg Kalnichevski commented on HTTPCLIENT-2171:
-----------------------------------------------

[~neng1998] I see no evidence supporting this assertion. HttpClient 5 of all versions correctly encodes BASIC credentials with a '\' character in the user name. See the unit test below.

{code:java}
@Test
public void testStuff() throws Exception {        
    final HttpHost host  = new HttpHost("somehost", 80);
    final AuthScope authScope = new AuthScope(host, "some realm", null);
    final UsernamePasswordCredentials creds = new UsernamePasswordCredentials("blah/blah", "blah".toCharArray());
    final BasicCredentialsProvider credentialsProvider = new BasicCredentialsProvider();
    credentialsProvider.setCredentials(authScope, creds);
    final BasicScheme authscheme = new BasicScheme(StandardCharsets.ISO_8859_1);

    Assert.assertTrue(authscheme.isResponseReady(host, credentialsProvider, null));
    final HttpRequest request = new BasicHttpRequest("GET", "/");
    Assert.assertEquals(
            "Basic " + new String(Base64.encodeBase64("blah/blah:blah".getBytes(StandardCharsets.ISO_8859_1)), StandardCharsets.US_ASCII),
            authscheme.generateAuthResponse(host, request, null));
}
{code}

Please provide a reproducer for this issue. Otherwise I will have no choice but to close this ticket as invalid.

Oleg
 

> Basic Authentication Failed With UserId containing "\"
> ------------------------------------------------------
>
>                 Key: HTTPCLIENT-2171
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2171
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient (classic)
>    Affects Versions: 5.1
>            Reporter: neng xu
>            Priority: Major
>
> When upgrade HttpClient from 4.5.x version to 5.1, a problem happened when using UserId =ADPTestSandbox\Phoenix.API. 
> All other userIds which do not have "\" work with HttpClient5.1.
> UserId which has "\" works with HttpClient 3.x  and 4.5.x. but not HttpClient 5.1
> Test code:
> ..........
> BasicCredentialsProvider provider = new BasicCredentialsProvider();
> UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(usrId,password.toCharArray());
> provider.setCredentials(new AuthScope(null, -1), credentials);
> CloseableHttpClient httpclient = HttpClients.custom().setDefaultCredentialsProvider(provider).build();
> .............



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org