[SANTUARIO-336] Multiple race conditions in the ResolverDirectHttp implementation - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: Java 1.4.7, Java 1.5.2
Fix Version/s: Java 1.4.8, Java 1.5.3, Java 2.0.0
Component/s: Java
Security Level: Public (Public issues, viewable by everyone)
Labels:
None

Description

The ResolverDirectHttp class uses the old style proxy configuration via System.setProperty(). This is a VM wide setting and affects other VM users. This can not be fixed in 1.4.x because it depends on jdk 1.4 which doesn't support java.net.Proxy on URLConnection.openConnection().

The ResolverDirectHttp switches back the old proxy configuration if the resource could successfully fetched but if an exception happens the new proxy will still be set.

Additionally there is an error when Proxy-Authentication was used. The implementation provides support for Basic Authentication but doesn't set the Authentication type on the header:
Proxy-Authorization: <base64encodedUsernameAndPassword>

but should be

Proxy-Authorization: Basic <base64encodedUsernameAndPassword>

Attachments

Activity

People

Assignee:: Marc Giger

Reporter:: Marc Giger

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 31/Jul/12 16:32

Updated:: 16/Oct/12 14:03

Resolved:: 31/Jul/12 16:37