Uploaded image for project: 'HttpComponents HttpClient'
  1. HttpComponents HttpClient
  2. HTTPCLIENT-1628

Auth cache can fail when domain name contains uppercase characters

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 4.4 Final
    • Fix Version/s: 4.4.1, 4.5
    • Component/s: HttpClient (classic)
    • Labels:
      None

      Description

      Following the example for using preemptive authentication given in the documentation here will fail to authenticate if you use uppercase characters in the domain name like loCalHoST or aPache.org.

      This is a new issue with 4.4 because of the new constructor AuthScope(final HttpHost origin, final String realm, final String schemeName). This constructor differs from the original constructor AuthScope(final String host, final int port, final String realm, final String schemeName) where the hostname is converted to lowercase. The example uses the latter constructor when it creates the AuthScope, so the hostname is lowercase. When a request is executed, BasicCredentialsProvider.matchCredentials(...) will try to compare this lowercase hostname with a newly created AuthScope that doesn't convert to lowercase, so it always returns false.

      The easy fix would be to convert the hostname to lowercase for the first constructor.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              dejuknow Dennis Ju
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: