Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-6574

Issue with Digest Authentication

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.1.2
    • Fix Version/s: 3.1.5, 3.0.8, 3.2.0
    • Component/s: Core
    • Labels:
      None
    • Estimated Complexity:
      Unknown

      Description

      When retrieving a WSDL that is behind digest authentication.
      Part of the digest algorithm uses the URL and expects it to be the full URL including any query parameters.
      So when there is a URL like http://myhost/myservice?wsdl it should be using the whole URL, but it is only using http://myhost/myservice which creates an incorrect digest token and fails the authentication.

      In the DigestAuthSupplier the method generateAuth takes the URL/URI as
      a parameter. Currently it is called like:
      di.generateAuth(currentURI.getPath(), ...

      I'll leave the 'correct' fix up to the experts, but when it's called with something like di.generateAuth(currentURI.getFile(),...
      it works because it includes the query parameters as well.

      Thank you

        Attachments

          Activity

            People

            • Assignee:
              sergey_beryozkin Sergey Beryozkin
              Reporter:
              gdelbusto George del Busto
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: