Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Invalid
-
4.3.5, 4.3.6
-
None
-
None
Description
// 1. create one HttpClient with multi thread connection manager:
HttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(...)
HttpClient client = HttpClientBuilder.create()
.setConnectionManager(connManager)
...
.build();AuthSchemeBase auth = new BasicScheme();
AuthCache authCache = new BasicAuthCache();
authCache.put(host, auth);CredentialsProvider provider = ...;
HttpClientContext context = HttpClientContext.create();
context.setCredentialsProvider(provider);
context.setAuthCache(authCache);
// 2. do parallel requests:
// multi thread:
HttpGet get = new HttpGet(requestUrl);
HttpResponse resp = client.execute(host, get, context);
In 4.3.5 sometimes gets random wrong header: "Authorization: Basic YXZ2dml0aXR...="
In 4.3.6 sometimes happens NullPointerException
Because org.apache.http.impl.auth.BasicScheme.authenticate(...) use not thread save base64codec:
org.apache.http.impl.auth.BasicScheme:165
final byte[] base64password = base64codec.encode(
EncodingUtils.getBytes(tmp.toString(), getCredentialsCharset(request)));
This is fix for myself:
AuthSchemeBase auth = new BasicScheme() {
@Override
public Header authenticate(Credentials credentials, HttpRequest request, HttpContext context) throws AuthenticationException {
synchronized (this) {
return super.authenticate(credentials, request, context);
}
}
}