You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by ol...@apache.org on 2013/01/25 14:18:23 UTC
svn commit: r1438494 - in /httpcomponents/httpclient/branches/4.2.x:
RELEASE_NOTES.txt
httpclient/src/main/java/org/apache/http/impl/auth/BasicScheme.java
httpclient/src/main/java/org/apache/http/impl/auth/GGSSchemeBase.java
Author: olegk
Date: Fri Jan 25 13:18:23 2013
New Revision: 1438494
URL: http://svn.apache.org/viewvc?rev=1438494&view=rev
Log:
HTTPCLIENT-1305: Ensure chunking is disabled when applying Base64 encoding
Modified:
httpcomponents/httpclient/branches/4.2.x/RELEASE_NOTES.txt
httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/BasicScheme.java
httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/GGSSchemeBase.java
Modified: httpcomponents/httpclient/branches/4.2.x/RELEASE_NOTES.txt
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.2.x/RELEASE_NOTES.txt?rev=1438494&r1=1438493&r2=1438494&view=diff
==============================================================================
--- httpcomponents/httpclient/branches/4.2.x/RELEASE_NOTES.txt (original)
+++ httpcomponents/httpclient/branches/4.2.x/RELEASE_NOTES.txt Fri Jan 25 13:18:23 2013
@@ -1,3 +1,11 @@
+Changes since Release 4.2.3
+-------------------
+
+* [HTTPCLIENT-1305] Ensure chunking is disabled when applying Base64 encoding.
+ Contributed by Oleg Kalnichevski <olegk at apache.org>
+
+
+
Release 4.2.3
-------------------
Modified: httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/BasicScheme.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/BasicScheme.java?rev=1438494&r1=1438493&r2=1438494&view=diff
==============================================================================
--- httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/BasicScheme.java (original)
+++ httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/BasicScheme.java Fri Jan 25 13:18:23 2013
@@ -184,7 +184,7 @@ public class BasicScheme extends RFC2617
tmp.append((credentials.getPassword() == null) ? "null" : credentials.getPassword());
byte[] base64password = Base64.encodeBase64(
- EncodingUtils.getBytes(tmp.toString(), charset));
+ EncodingUtils.getBytes(tmp.toString(), charset), false);
CharArrayBuffer buffer = new CharArrayBuffer(32);
if (proxy) {
Modified: httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/GGSSchemeBase.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/GGSSchemeBase.java?rev=1438494&r1=1438493&r2=1438494&view=diff
==============================================================================
--- httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/GGSSchemeBase.java (original)
+++ httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/GGSSchemeBase.java Fri Jan 25 13:18:23 2013
@@ -62,7 +62,6 @@ public abstract class GGSSchemeBase exte
private final Log log = LogFactory.getLog(getClass());
private final boolean stripPort;
- private final Base64 base64codec;
/** Authentication process state */
private State state;
@@ -72,7 +71,6 @@ public abstract class GGSSchemeBase exte
GGSSchemeBase(boolean stripPort) {
super();
- this.base64codec = new Base64();
this.state = State.UNINITIATED;
this.stripPort = stripPort;
}
@@ -110,7 +108,7 @@ public abstract class GGSSchemeBase exte
/**
* @deprecated (4.2) Use {@link ContextAwareAuthScheme#authenticate(Credentials, HttpRequest, org.apache.http.protocol.HttpContext)}
*/
- @Deprecated
+ @Deprecated
public Header authenticate(
final Credentials credentials,
final HttpRequest request) throws AuthenticationException {
@@ -170,7 +168,7 @@ public abstract class GGSSchemeBase exte
throw new AuthenticationException(gsse.getMessage());
}
case TOKEN_GENERATED:
- String tokenstr = new String(base64codec.encode(token));
+ String tokenstr = new String(Base64.encodeBase64(token, false));
if (log.isDebugEnabled()) {
log.debug("Sending response '" + tokenstr + "' back to the auth server");
}
@@ -197,7 +195,7 @@ public abstract class GGSSchemeBase exte
log.debug("Received challenge '" + challenge + "' from the auth server");
}
if (state == State.UNINITIATED) {
- token = base64codec.decode(challenge.getBytes());
+ token = Base64.decodeBase64(challenge.getBytes());
state = State.CHALLENGE_RECEIVED;
} else {
log.debug("Authentication already attempted");
Re: svn commit: r1438494
Posted by sebb <se...@gmail.com>.
On 25 January 2013 14:51, Oleg Kalnichevski <ol...@apache.org> wrote:
> On Fri, 2013-01-25 at 14:12 +0000, sebb wrote:
>
> ...
>
>> > - String tokenstr = new String(base64codec.encode(token));
>> > + String tokenstr = new String(Base64.encodeBase64(token, false));
>>
>> This change means that the Base64 class will be recreated for each
>> call (it is created internally)
>>
>> Would it not be better to change the final instance variable instead?
>>
>
> I did not realize that static method created a new instance of the class
> internally. This is certainly not optimal. Good catch! Thank you! I'll
> get it fixed.
OK, no problem.
I guess we ought to document that behaviour in Codec; I'll raise a JIRA
> Oleg
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
> For additional commands, e-mail: dev-help@hc.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org
Re: svn commit: r1438494
Posted by Oleg Kalnichevski <ol...@apache.org>.
On Fri, 2013-01-25 at 14:12 +0000, sebb wrote:
...
> > - String tokenstr = new String(base64codec.encode(token));
> > + String tokenstr = new String(Base64.encodeBase64(token, false));
>
> This change means that the Base64 class will be recreated for each
> call (it is created internally)
>
> Would it not be better to change the final instance variable instead?
>
I did not realize that static method created a new instance of the class
internally. This is certainly not optimal. Good catch! Thank you! I'll
get it fixed.
Oleg
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org
Re: svn commit: r1438494 - in /httpcomponents/httpclient/branches/4.2.x:
RELEASE_NOTES.txt httpclient/src/main/java/org/apache/http/impl/auth/BasicScheme.java
httpclient/src/main/java/org/apache/http/impl/auth/GGSSchemeBase.java
Posted by sebb <se...@gmail.com>.
On 25 January 2013 13:18, <ol...@apache.org> wrote:
> Author: olegk
> Date: Fri Jan 25 13:18:23 2013
> New Revision: 1438494
>
> URL: http://svn.apache.org/viewvc?rev=1438494&view=rev
> Log:
> HTTPCLIENT-1305: Ensure chunking is disabled when applying Base64 encoding
>
> Modified:
> httpcomponents/httpclient/branches/4.2.x/RELEASE_NOTES.txt
> httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/BasicScheme.java
> httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/GGSSchemeBase.java
>
> Modified: httpcomponents/httpclient/branches/4.2.x/RELEASE_NOTES.txt
> URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.2.x/RELEASE_NOTES.txt?rev=1438494&r1=1438493&r2=1438494&view=diff
> ==============================================================================
> --- httpcomponents/httpclient/branches/4.2.x/RELEASE_NOTES.txt (original)
> +++ httpcomponents/httpclient/branches/4.2.x/RELEASE_NOTES.txt Fri Jan 25 13:18:23 2013
> @@ -1,3 +1,11 @@
> +Changes since Release 4.2.3
> +-------------------
> +
> +* [HTTPCLIENT-1305] Ensure chunking is disabled when applying Base64 encoding.
> + Contributed by Oleg Kalnichevski <olegk at apache.org>
> +
> +
> +
> Release 4.2.3
> -------------------
>
>
> Modified: httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/BasicScheme.java
> URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/BasicScheme.java?rev=1438494&r1=1438493&r2=1438494&view=diff
> ==============================================================================
> --- httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/BasicScheme.java (original)
> +++ httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/BasicScheme.java Fri Jan 25 13:18:23 2013
> @@ -184,7 +184,7 @@ public class BasicScheme extends RFC2617
> tmp.append((credentials.getPassword() == null) ? "null" : credentials.getPassword());
>
> byte[] base64password = Base64.encodeBase64(
> - EncodingUtils.getBytes(tmp.toString(), charset));
> + EncodingUtils.getBytes(tmp.toString(), charset), false);
>
> CharArrayBuffer buffer = new CharArrayBuffer(32);
> if (proxy) {
>
> Modified: httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/GGSSchemeBase.java
> URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/GGSSchemeBase.java?rev=1438494&r1=1438493&r2=1438494&view=diff
> ==============================================================================
> --- httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/GGSSchemeBase.java (original)
> +++ httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/impl/auth/GGSSchemeBase.java Fri Jan 25 13:18:23 2013
> @@ -62,7 +62,6 @@ public abstract class GGSSchemeBase exte
> private final Log log = LogFactory.getLog(getClass());
>
> private final boolean stripPort;
> - private final Base64 base64codec;
>
> /** Authentication process state */
> private State state;
> @@ -72,7 +71,6 @@ public abstract class GGSSchemeBase exte
>
> GGSSchemeBase(boolean stripPort) {
> super();
> - this.base64codec = new Base64();
> this.state = State.UNINITIATED;
> this.stripPort = stripPort;
> }
> @@ -110,7 +108,7 @@ public abstract class GGSSchemeBase exte
> /**
> * @deprecated (4.2) Use {@link ContextAwareAuthScheme#authenticate(Credentials, HttpRequest, org.apache.http.protocol.HttpContext)}
> */
> - @Deprecated
> + @Deprecated
> public Header authenticate(
> final Credentials credentials,
> final HttpRequest request) throws AuthenticationException {
> @@ -170,7 +168,7 @@ public abstract class GGSSchemeBase exte
> throw new AuthenticationException(gsse.getMessage());
> }
> case TOKEN_GENERATED:
> - String tokenstr = new String(base64codec.encode(token));
> + String tokenstr = new String(Base64.encodeBase64(token, false));
This change means that the Base64 class will be recreated for each
call (it is created internally)
Would it not be better to change the final instance variable instead?
> if (log.isDebugEnabled()) {
> log.debug("Sending response '" + tokenstr + "' back to the auth server");
> }
> @@ -197,7 +195,7 @@ public abstract class GGSSchemeBase exte
> log.debug("Received challenge '" + challenge + "' from the auth server");
> }
> if (state == State.UNINITIATED) {
> - token = base64codec.decode(challenge.getBytes());
> + token = Base64.decodeBase64(challenge.getBytes());
> state = State.CHALLENGE_RECEIVED;
> } else {
> log.debug("Authentication already attempted");
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org