From 2278378495276ea66cbd02f556714e82bfd7e1cb Mon Sep 17 00:00:00 2001 From: Oleg Kalnichevski Date: Tue, 11 Oct 2011 17:22:08 +0000 Subject: [PATCH] HTTPCLIENT-1129: Do not modify auth state on redirect if not redirecting to another host git-svn-id: https://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk@1181901 13f79535-47bb-0310-9956-ffa450edef68 --- .../java/org/apache/http/auth/AuthState.java | 20 +++++++---- .../protocol/RequestAuthenticationBase.java | 3 -- .../protocol/RequestProxyAuthentication.java | 3 ++ .../protocol/RequestTargetAuthentication.java | 3 ++ .../client/protocol/ResponseAuthCache.java | 6 ++++ .../impl/client/DefaultRequestDirector.java | 36 +++++++++---------- .../http/impl/client/HttpAuthenticator.java | 10 +++--- 7 files changed, 47 insertions(+), 34 deletions(-) diff --git a/httpclient/src/main/java/org/apache/http/auth/AuthState.java b/httpclient/src/main/java/org/apache/http/auth/AuthState.java index e5eb38ab4..6b9e4354d 100644 --- a/httpclient/src/main/java/org/apache/http/auth/AuthState.java +++ b/httpclient/src/main/java/org/apache/http/auth/AuthState.java @@ -53,19 +53,15 @@ public class AuthState { private Queue authOptions; - /** - * Default constructor. - * - */ public AuthState() { super(); this.state = AuthProtocolState.UNCHALLENGED; } /** - * Invalidates the authentication state by resetting its parameters. + * Resets authentication state. */ - public void invalidate() { + public void reset() { this.state = AuthProtocolState.UNCHALLENGED; this.authOptions = null; this.authScheme = null; @@ -73,6 +69,16 @@ public class AuthState { this.credentials = null; } + /** + * Invalidates the authentication state by resetting its parameters. + * + * @deprecated use {@link #reset()} + */ + @Deprecated + public void invalidate() { + reset(); + } + @Deprecated public boolean isValid() { return this.authScheme != null; @@ -85,7 +91,7 @@ public class AuthState { */ public void setAuthScheme(final AuthScheme authScheme) { if (authScheme == null) { - invalidate(); + reset(); return; } this.authScheme = authScheme; diff --git a/httpclient/src/main/java/org/apache/http/client/protocol/RequestAuthenticationBase.java b/httpclient/src/main/java/org/apache/http/client/protocol/RequestAuthenticationBase.java index cbf552762..3b1833af6 100644 --- a/httpclient/src/main/java/org/apache/http/client/protocol/RequestAuthenticationBase.java +++ b/httpclient/src/main/java/org/apache/http/client/protocol/RequestAuthenticationBase.java @@ -58,9 +58,6 @@ abstract class RequestAuthenticationBase implements HttpRequestInterceptor { final HttpContext context) throws HttpException, IOException { AuthScheme authScheme = authState.getAuthScheme(); Credentials creds = authState.getCredentials(); - if (this.log.isDebugEnabled()) { - this.log.debug("Authentication protocol state: " + authState.getState()); - } switch (authState.getState()) { case FAILURE: return; diff --git a/httpclient/src/main/java/org/apache/http/client/protocol/RequestProxyAuthentication.java b/httpclient/src/main/java/org/apache/http/client/protocol/RequestProxyAuthentication.java index 00c48b6ec..9da3ede98 100644 --- a/httpclient/src/main/java/org/apache/http/client/protocol/RequestProxyAuthentication.java +++ b/httpclient/src/main/java/org/apache/http/client/protocol/RequestProxyAuthentication.java @@ -83,6 +83,9 @@ public class RequestProxyAuthentication extends RequestAuthenticationBase { this.log.debug("Proxy auth state not set in the context"); return; } + if (this.log.isDebugEnabled()) { + this.log.debug("Proxy auth state: " + authState.getState()); + } process(authState, request, context); } diff --git a/httpclient/src/main/java/org/apache/http/client/protocol/RequestTargetAuthentication.java b/httpclient/src/main/java/org/apache/http/client/protocol/RequestTargetAuthentication.java index 5f448c7ab..475b14bc4 100644 --- a/httpclient/src/main/java/org/apache/http/client/protocol/RequestTargetAuthentication.java +++ b/httpclient/src/main/java/org/apache/http/client/protocol/RequestTargetAuthentication.java @@ -74,6 +74,9 @@ public class RequestTargetAuthentication extends RequestAuthenticationBase { this.log.debug("Target auth state not set in the context"); return; } + if (this.log.isDebugEnabled()) { + this.log.debug("Target auth state: " + authState.getState()); + } process(authState, request, context); } diff --git a/httpclient/src/main/java/org/apache/http/client/protocol/ResponseAuthCache.java b/httpclient/src/main/java/org/apache/http/client/protocol/ResponseAuthCache.java index 15cfbfc4a..4ac0d8ada 100644 --- a/httpclient/src/main/java/org/apache/http/client/protocol/ResponseAuthCache.java +++ b/httpclient/src/main/java/org/apache/http/client/protocol/ResponseAuthCache.java @@ -76,6 +76,9 @@ public class ResponseAuthCache implements HttpResponseInterceptor { HttpHost target = (HttpHost) context.getAttribute(ExecutionContext.HTTP_TARGET_HOST); AuthState targetState = (AuthState) context.getAttribute(ClientContext.TARGET_AUTH_STATE); if (target != null && targetState != null) { + if (this.log.isDebugEnabled()) { + this.log.debug("Target auth state: " + targetState.getState()); + } if (isCachable(targetState)) { if (target.getPort() < 0) { SchemeRegistry schemeRegistry = (SchemeRegistry) context.getAttribute( @@ -101,6 +104,9 @@ public class ResponseAuthCache implements HttpResponseInterceptor { HttpHost proxy = (HttpHost) context.getAttribute(ExecutionContext.HTTP_PROXY_HOST); AuthState proxyState = (AuthState) context.getAttribute(ClientContext.PROXY_AUTH_STATE); if (proxy != null && proxyState != null) { + if (this.log.isDebugEnabled()) { + this.log.debug("Proxy auth state: " + proxyState.getState()); + } if (isCachable(proxyState)) { if (authCache == null) { authCache = new BasicAuthCache(); diff --git a/httpclient/src/main/java/org/apache/http/impl/client/DefaultRequestDirector.java b/httpclient/src/main/java/org/apache/http/impl/client/DefaultRequestDirector.java index 3cf9533b1..4834758b6 100644 --- a/httpclient/src/main/java/org/apache/http/impl/client/DefaultRequestDirector.java +++ b/httpclient/src/main/java/org/apache/http/impl/client/DefaultRequestDirector.java @@ -559,8 +559,18 @@ public class DefaultRequestDirector implements RequestDirector { managedConn.markReusable(); } else { managedConn.close(); - invalidateAuthIfSuccessful(this.proxyAuthState); - invalidateAuthIfSuccessful(this.targetAuthState); + if (proxyAuthState.getState() == AuthProtocolState.SUCCESS + && proxyAuthState.getAuthScheme() != null + && proxyAuthState.getAuthScheme().isConnectionBased()) { + this.log.debug("Resetting proxy auth state"); + proxyAuthState.reset(); + } + if (targetAuthState.getState() == AuthProtocolState.SUCCESS + && targetAuthState.getAuthScheme() != null + && targetAuthState.getAuthScheme().isConnectionBased()) { + this.log.debug("Resetting target auth state"); + targetAuthState.reset(); + } } // check if we can use the same connection for the followup if (!followup.getRoute().equals(roureq.getRoute())) { @@ -1072,16 +1082,14 @@ public class DefaultRequestDirector implements RequestDirector { uri.getPort(), uri.getScheme()); - // Unset auth scope - targetAuthState.setState(AuthProtocolState.UNCHALLENGED); - proxyAuthState.setState(AuthProtocolState.UNCHALLENGED); - - // Invalidate auth states if redirecting to another host + // Reset auth states if redirecting to another host if (!route.getTargetHost().equals(newTarget)) { - targetAuthState.invalidate(); + this.log.debug("Resetting target auth state"); + targetAuthState.reset(); AuthScheme authScheme = proxyAuthState.getAuthScheme(); if (authScheme != null && authScheme.isConnectionBased()) { - proxyAuthState.invalidate(); + this.log.debug("Resetting proxy auth state"); + proxyAuthState.reset(); } } @@ -1165,14 +1173,4 @@ public class DefaultRequestDirector implements RequestDirector { } // abortConnection - private void invalidateAuthIfSuccessful(final AuthState authState) { - AuthScheme authscheme = authState.getAuthScheme(); - if (authscheme != null - && authscheme.isConnectionBased() - && authscheme.isComplete() - && authState.getCredentials() != null) { - authState.invalidate(); - } - } - } // class DefaultClientRequestDirector diff --git a/httpclient/src/main/java/org/apache/http/impl/client/HttpAuthenticator.java b/httpclient/src/main/java/org/apache/http/impl/client/HttpAuthenticator.java index 715f805dc..363eabcb4 100644 --- a/httpclient/src/main/java/org/apache/http/impl/client/HttpAuthenticator.java +++ b/httpclient/src/main/java/org/apache/http/impl/client/HttpAuthenticator.java @@ -100,12 +100,12 @@ public class HttpAuthenticator { case FAILURE: return false; case SUCCESS: - authState.invalidate(); + authState.reset(); break; case CHALLENGED: if (authScheme == null) { this.log.debug("Auth scheme is null"); - authState.invalidate(); + authState.reset(); authState.setState(AuthProtocolState.FAILURE); return false; } @@ -118,7 +118,7 @@ public class HttpAuthenticator { authScheme.processChallenge(challenge); if (authScheme.isComplete()) { this.log.debug("Authentication failed"); - authState.invalidate(); + authState.reset(); authState.setState(AuthProtocolState.FAILURE); return false; } else { @@ -126,7 +126,7 @@ public class HttpAuthenticator { return true; } } else { - authState.invalidate(); + authState.reset(); // Retry authentication with a different scheme } } @@ -143,7 +143,7 @@ public class HttpAuthenticator { if (this.log.isWarnEnabled()) { this.log.warn("Malformed challenge: " + ex.getMessage()); } - authState.invalidate(); + authState.reset(); return false; } }