You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by ol...@apache.org on 2013/04/15 12:25:35 UTC
svn commit: r1467929 - in /httpcomponents/httpclient/trunk: ./
httpclient/src/main/java/org/apache/http/impl/auth/
httpclient/src/test/java/org/apache/http/impl/auth/
Author: olegk
Date: Mon Apr 15 10:25:34 2013
New Revision: 1467929
URL: http://svn.apache.org/r1467929
Log:
HTTPCLIENT-1338: (regression) Invalidated / stale DIGEST schemes do not get evicted from the auth cache
Modified:
httpcomponents/httpclient/trunk/RELEASE_NOTES.txt
httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/DigestScheme.java
httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/HttpAuthenticator.java
httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/auth/TestHttpAuthenticator.java
Modified: httpcomponents/httpclient/trunk/RELEASE_NOTES.txt
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/RELEASE_NOTES.txt?rev=1467929&r1=1467928&r2=1467929&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/RELEASE_NOTES.txt (original)
+++ httpcomponents/httpclient/trunk/RELEASE_NOTES.txt Mon Apr 15 10:25:34 2013
@@ -1,3 +1,12 @@
+Changes since release 4.3 BETA1
+-------------------
+
+* [HTTPCLIENT-1338] (regression) Invalidated / stale DIGEST schemes do not get evicted from
+ the auth cache.
+ Contributed by Oleg Kalnichevski <olegk at apache.org>
+
+
+
Release 4.3 BETA1
-------------------
Modified: httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/DigestScheme.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/DigestScheme.java?rev=1467929&r1=1467928&r2=1467929&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/DigestScheme.java (original)
+++ httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/DigestScheme.java Mon Apr 15 10:25:34 2013
@@ -474,4 +474,14 @@ public class DigestScheme extends RFC261
return encode(tmp);
}
+ @Override
+ public String toString() {
+ StringBuilder builder = new StringBuilder();
+ builder.append("DIGEST [complete=").append(complete)
+ .append(", nonce=").append(lastNonce)
+ .append(", nc=").append(nounceCount)
+ .append("]");
+ return builder.toString();
+ }
+
}
Modified: httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/HttpAuthenticator.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/HttpAuthenticator.java?rev=1467929&r1=1467928&r2=1467929&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/HttpAuthenticator.java (original)
+++ httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/auth/HttpAuthenticator.java Mon Apr 15 10:25:34 2013
@@ -75,6 +75,9 @@ public class HttpAuthenticator {
final HttpContext context) {
if (authStrategy.isAuthenticationRequested(host, response, context)) {
this.log.debug("Authentication required");
+ if (authState.getState() == AuthProtocolState.SUCCESS) {
+ authStrategy.authFailed(host, authState.getAuthScheme(), context);
+ }
return true;
} else {
switch (authState.getState()) {
Modified: httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/auth/TestHttpAuthenticator.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/auth/TestHttpAuthenticator.java?rev=1467929&r1=1467928&r2=1467929&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/auth/TestHttpAuthenticator.java (original)
+++ httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/auth/TestHttpAuthenticator.java Mon Apr 15 10:25:34 2013
@@ -116,6 +116,24 @@ public class TestHttpAuthenticator {
}
@Test
+ public void testAuthenticationRequestedAfterSuccess() throws Exception {
+ final HttpResponse response = new BasicHttpResponse(HttpVersion.HTTP_1_1, HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
+ Mockito.when(this.authStrategy.isAuthenticationRequested(
+ Mockito.any(HttpHost.class),
+ Mockito.any(HttpResponse.class),
+ Mockito.any(HttpContext.class))).thenReturn(Boolean.TRUE);
+
+ this.authState.update(this.authScheme, this.credentials);
+ this.authState.setState(AuthProtocolState.SUCCESS);
+
+ Assert.assertTrue(this.httpAuthenticator.isAuthenticationRequested(
+ this.host, response, this.authStrategy, this.authState, this.context));
+
+ Mockito.verify(this.authStrategy).isAuthenticationRequested(this.host, response, this.context);
+ Mockito.verify(this.authStrategy).authFailed(this.host, this.authScheme, this.context);
+ }
+
+ @Test
public void testAuthenticationNotRequestedUnchallenged() throws Exception {
final HttpResponse response = new BasicHttpResponse(HttpVersion.HTTP_1_1, HttpStatus.SC_OK, "OK");
Mockito.when(this.authStrategy.isAuthenticationRequested(