You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Carlos Rodrigues (JIRA)" <ji...@apache.org> on 2018/10/29 22:26:00 UTC
[jira] [Updated] (HTTPCLIENT-1949) Digest authentication is not
working properly behind a proxy server
[ https://issues.apache.org/jira/browse/HTTPCLIENT-1949?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Carlos Rodrigues updated HTTPCLIENT-1949:
-----------------------------------------
Priority: Critical (was: Major)
> Digest authentication is not working properly behind a proxy server
> -------------------------------------------------------------------
>
> Key: HTTPCLIENT-1949
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1949
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Affects Versions: 4.5.6
> Reporter: Carlos Rodrigues
> Priority: Critical
>
> I wrote a client to authenticate with a server that requires digest authentication. Everything went OK if client is connecting directly to the server.
> Adding a proxy server in the middle all the requests returned 401 Unauthorized.
> After digging a little in the httpclient code, mainly in DigestScheme, I figured that "uri" used to calculate the digest request is an absolute uri but the request that hits the server is an absolute path. So the server is unable to calculate the "response" parameter properly.
> I would suggest to use the uri path URI(request.getRequestLine().getUri()).getPath() instead of request.getRequestLine().getUri()
> *Original: DigestScheme.java*
> {code:java}
> @Override
> public Header authenticate(
> final Credentials credentials,
> final HttpRequest request,
> final HttpContext context) throws AuthenticationException {
> Args.notNull(credentials, "Credentials");
> Args.notNull(request, "HTTP request");
> if (getParameter("realm") == null) {
> throw new AuthenticationException("missing realm in challenge");
> }
> if (getParameter("nonce") == null) {
> throw new AuthenticationException("missing nonce in challenge");
> }
> // Add method name and request-URI to the parameter map
> getParameters().put("methodname", request.getRequestLine().getMethod());
> getParameters().put("uri", request.getRequestLine().getUri());
> final String charset = getParameter("charset");
> if (charset == null) {
> getParameters().put("charset", getCredentialsCharset(request));
> }
> return createDigestHeader(credentials, request);
> }
> {code}
>
> *Correction: DigestScheme.java*
> {code:java}
> @Override
> public Header authenticate(
> final Credentials credentials,
> final HttpRequest request,
> final HttpContext context) throws AuthenticationException {
> Args.notNull(credentials, "Credentials");
> Args.notNull(request, "HTTP request");
> if (getParameter("realm") == null) {
> throw new AuthenticationException("missing realm in challenge");
> }
> if (getParameter("nonce") == null) {
> throw new AuthenticationException("missing nonce in challenge");
> }
> // Add method name and request-URI to the parameter map
> getParameters().put("methodname", request.getRequestLine().getMethod());
> getParameters().put("uri", new URI(request.getRequestLine().getUri()).getPath());
> final String charset = getParameter("charset");
> if (charset == null) {
> getParameters().put("charset", getCredentialsCharset(request));
> }
> return createDigestHeader(credentials, request);
> }
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org