HTTPCLIENT-1129: Do not modify auth state on redirect if not redirecting to another host
git-svn-id: https://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk@1181901 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Oleg Kalnichevski
parent
09f10b0f6e
commit
2278378495
|
|
@ -53,19 +53,15 @@ public class AuthState {
|
|||
|
||||
private Queue<AuthOption> authOptions;
|
||||
|
||||
/**
|
||||
* Default constructor.
|
||||
*
|
||||
*/
|
||||
public AuthState() {
|
||||
super();
|
||||
this.state = AuthProtocolState.UNCHALLENGED;
|
||||
}
|
||||
|
||||
/**
|
||||
* Invalidates the authentication state by resetting its parameters.
|
||||
* Resets authentication state.
|
||||
*/
|
||||
public void invalidate() {
|
||||
public void reset() {
|
||||
this.state = AuthProtocolState.UNCHALLENGED;
|
||||
this.authOptions = null;
|
||||
this.authScheme = null;
|
||||
|
|
@ -73,6 +69,16 @@ public class AuthState {
|
|||
this.credentials = null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Invalidates the authentication state by resetting its parameters.
|
||||
*
|
||||
* @deprecated use {@link #reset()}
|
||||
*/
|
||||
@Deprecated
|
||||
public void invalidate() {
|
||||
reset();
|
||||
}
|
||||
|
||||
@Deprecated
|
||||
public boolean isValid() {
|
||||
return this.authScheme != null;
|
||||
|
|
@ -85,7 +91,7 @@ public class AuthState {
|
|||
*/
|
||||
public void setAuthScheme(final AuthScheme authScheme) {
|
||||
if (authScheme == null) {
|
||||
invalidate();
|
||||
reset();
|
||||
return;
|
||||
}
|
||||
this.authScheme = authScheme;
|
||||
|
|
|
|||
|
|
@ -58,9 +58,6 @@ abstract class RequestAuthenticationBase implements HttpRequestInterceptor {
|
|||
final HttpContext context) throws HttpException, IOException {
|
||||
AuthScheme authScheme = authState.getAuthScheme();
|
||||
Credentials creds = authState.getCredentials();
|
||||
if (this.log.isDebugEnabled()) {
|
||||
this.log.debug("Authentication protocol state: " + authState.getState());
|
||||
}
|
||||
switch (authState.getState()) {
|
||||
case FAILURE:
|
||||
return;
|
||||
|
|
|
|||
|
|
@ -83,6 +83,9 @@ public class RequestProxyAuthentication extends RequestAuthenticationBase {
|
|||
this.log.debug("Proxy auth state not set in the context");
|
||||
return;
|
||||
}
|
||||
if (this.log.isDebugEnabled()) {
|
||||
this.log.debug("Proxy auth state: " + authState.getState());
|
||||
}
|
||||
process(authState, request, context);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -74,6 +74,9 @@ public class RequestTargetAuthentication extends RequestAuthenticationBase {
|
|||
this.log.debug("Target auth state not set in the context");
|
||||
return;
|
||||
}
|
||||
if (this.log.isDebugEnabled()) {
|
||||
this.log.debug("Target auth state: " + authState.getState());
|
||||
}
|
||||
process(authState, request, context);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -76,6 +76,9 @@ public class ResponseAuthCache implements HttpResponseInterceptor {
|
|||
HttpHost target = (HttpHost) context.getAttribute(ExecutionContext.HTTP_TARGET_HOST);
|
||||
AuthState targetState = (AuthState) context.getAttribute(ClientContext.TARGET_AUTH_STATE);
|
||||
if (target != null && targetState != null) {
|
||||
if (this.log.isDebugEnabled()) {
|
||||
this.log.debug("Target auth state: " + targetState.getState());
|
||||
}
|
||||
if (isCachable(targetState)) {
|
||||
if (target.getPort() < 0) {
|
||||
SchemeRegistry schemeRegistry = (SchemeRegistry) context.getAttribute(
|
||||
|
|
@ -101,6 +104,9 @@ public class ResponseAuthCache implements HttpResponseInterceptor {
|
|||
HttpHost proxy = (HttpHost) context.getAttribute(ExecutionContext.HTTP_PROXY_HOST);
|
||||
AuthState proxyState = (AuthState) context.getAttribute(ClientContext.PROXY_AUTH_STATE);
|
||||
if (proxy != null && proxyState != null) {
|
||||
if (this.log.isDebugEnabled()) {
|
||||
this.log.debug("Proxy auth state: " + proxyState.getState());
|
||||
}
|
||||
if (isCachable(proxyState)) {
|
||||
if (authCache == null) {
|
||||
authCache = new BasicAuthCache();
|
||||
|
|
|
|||
|
|
@ -559,8 +559,18 @@ public class DefaultRequestDirector implements RequestDirector {
|
|||
managedConn.markReusable();
|
||||
} else {
|
||||
managedConn.close();
|
||||
invalidateAuthIfSuccessful(this.proxyAuthState);
|
||||
invalidateAuthIfSuccessful(this.targetAuthState);
|
||||
if (proxyAuthState.getState() == AuthProtocolState.SUCCESS
|
||||
&& proxyAuthState.getAuthScheme() != null
|
||||
&& proxyAuthState.getAuthScheme().isConnectionBased()) {
|
||||
this.log.debug("Resetting proxy auth state");
|
||||
proxyAuthState.reset();
|
||||
}
|
||||
if (targetAuthState.getState() == AuthProtocolState.SUCCESS
|
||||
&& targetAuthState.getAuthScheme() != null
|
||||
&& targetAuthState.getAuthScheme().isConnectionBased()) {
|
||||
this.log.debug("Resetting target auth state");
|
||||
targetAuthState.reset();
|
||||
}
|
||||
}
|
||||
// check if we can use the same connection for the followup
|
||||
if (!followup.getRoute().equals(roureq.getRoute())) {
|
||||
|
|
@ -1072,16 +1082,14 @@ public class DefaultRequestDirector implements RequestDirector {
|
|||
uri.getPort(),
|
||||
uri.getScheme());
|
||||
|
||||
// Unset auth scope
|
||||
targetAuthState.setState(AuthProtocolState.UNCHALLENGED);
|
||||
proxyAuthState.setState(AuthProtocolState.UNCHALLENGED);
|
||||
|
||||
// Invalidate auth states if redirecting to another host
|
||||
// Reset auth states if redirecting to another host
|
||||
if (!route.getTargetHost().equals(newTarget)) {
|
||||
targetAuthState.invalidate();
|
||||
this.log.debug("Resetting target auth state");
|
||||
targetAuthState.reset();
|
||||
AuthScheme authScheme = proxyAuthState.getAuthScheme();
|
||||
if (authScheme != null && authScheme.isConnectionBased()) {
|
||||
proxyAuthState.invalidate();
|
||||
this.log.debug("Resetting proxy auth state");
|
||||
proxyAuthState.reset();
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -1165,14 +1173,4 @@ public class DefaultRequestDirector implements RequestDirector {
|
|||
} // abortConnection
|
||||
|
||||
|
||||
private void invalidateAuthIfSuccessful(final AuthState authState) {
|
||||
AuthScheme authscheme = authState.getAuthScheme();
|
||||
if (authscheme != null
|
||||
&& authscheme.isConnectionBased()
|
||||
&& authscheme.isComplete()
|
||||
&& authState.getCredentials() != null) {
|
||||
authState.invalidate();
|
||||
}
|
||||
}
|
||||
|
||||
} // class DefaultClientRequestDirector
|
||||
|
|
|
|||
|
|
@ -100,12 +100,12 @@ public class HttpAuthenticator {
|
|||
case FAILURE:
|
||||
return false;
|
||||
case SUCCESS:
|
||||
authState.invalidate();
|
||||
authState.reset();
|
||||
break;
|
||||
case CHALLENGED:
|
||||
if (authScheme == null) {
|
||||
this.log.debug("Auth scheme is null");
|
||||
authState.invalidate();
|
||||
authState.reset();
|
||||
authState.setState(AuthProtocolState.FAILURE);
|
||||
return false;
|
||||
}
|
||||
|
|
@ -118,7 +118,7 @@ public class HttpAuthenticator {
|
|||
authScheme.processChallenge(challenge);
|
||||
if (authScheme.isComplete()) {
|
||||
this.log.debug("Authentication failed");
|
||||
authState.invalidate();
|
||||
authState.reset();
|
||||
authState.setState(AuthProtocolState.FAILURE);
|
||||
return false;
|
||||
} else {
|
||||
|
|
@ -126,7 +126,7 @@ public class HttpAuthenticator {
|
|||
return true;
|
||||
}
|
||||
} else {
|
||||
authState.invalidate();
|
||||
authState.reset();
|
||||
// Retry authentication with a different scheme
|
||||
}
|
||||
}
|
||||
|
|
@ -143,7 +143,7 @@ public class HttpAuthenticator {
|
|||
if (this.log.isWarnEnabled()) {
|
||||
this.log.warn("Malformed challenge: " + ex.getMessage());
|
||||
}
|
||||
authState.invalidate();
|
||||
authState.reset();
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue