[CXF-6236] proxyAuthSupplier not used in HTTPConduit.setHeadersByAuthorizationPolicy - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 2.6.6, 3.0.3
Fix Version/s: None
Component/s: Transports
Labels:
None

Estimated Complexity:
Novice

Description

i'm trying to send requests to an external system which requires basic auth via an internal http proxy which uses digest auth

<http-conf:conduit name="*.http-conduit">
	<http-conf:client
		ProxyServer="proxy"
		ProxyServerPort="3128"
	/>
	<http-conf:authorization>
		<http-sec:UserName>xxx</http-sec:UserName>
		<http-sec:Password>xxx</http-sec:Password>
		<http-sec:AuthorizationType>Basic</http-sec:AuthorizationType>
	</http-conf:authorization>
	<http-conf:proxyAuthorization>
		<http-sec:UserName>proxyuser</http-sec:UserName>
		<http-sec:Password>proxypass</http-sec:Password>
		<http-sec:AuthorizationType>Digest</http-sec:AuthorizationType>
	</http-conf:proxyAuthorization>
</http-conf:conduit>

the problem is that Proxy-Authentication is always using basic auth

i think i found the problem in
org.apache.cxf.transport.http.HTTPConduit.setHeadersByAuthorizationPolicy

        String proxyAuthString = *authSupplier*.getAuthorization(proxyAuthorizationPolicy, 
                                                               url, message, null);
        if (proxyAuthString != null) {
            headers.setProxyAuthorization(proxyAuthString);
        }

the field proxyAuthSupplier was lazy initialized as DigestAuthSupplier in prepare method, but it is not used to create the header.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Christoph E.

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 02/Feb/15 14:02

Updated:: 10/Feb/15 20:29

Time Tracking

Estimated:

Remaining:

Logged:

Not Specified