Fixed a regression introduced by HTTPCLIENT-1545

* Initially a SEC_E_DOWNGRADE_DETECTED was thrown but this one is not available on Windows XP and tests never pass. Rather use SEC_E_TARGET_UNKNOWN.
* Hostnames must be in lower case when a SPN is provided

git-svn-id: https://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk@1639679 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Michael Osipov 2014-11-14 15:50:01 +00:00
parent 1964e9530a
commit 3a56fb37aa
1 changed files with 6 additions and 3 deletions

View File

@ -91,7 +91,7 @@ public class TestWindowsNegotiateScheme extends LocalServerTestBase {
Assume.assumeTrue("Test can only be run on Windows", WinHttpClients.isWinAuthAvailable());
// HTTPCLIENT-1545
// If a service principle name (SPN) from outside your Windows domain tree (e.g., HTTP/EXAMPLE.COM) is used,
// If a service principle name (SPN) from outside your Windows domain tree (e.g., HTTP/example.com) is used,
// InitializeSecurityContext will return SEC_E_DOWNGRADE_DETECTED (decimal: -2146892976, hex: 0x80090350).
// Because WindowsNegotiateScheme wasn't setting the completed state correctly when authentication fails,
// HttpClient goes into an infinite loop, constantly retrying the negotiate authentication to kingdom
@ -101,7 +101,7 @@ public class TestWindowsNegotiateScheme extends LocalServerTestBase {
final Registry<AuthSchemeProvider> authSchemeRegistry = RegistryBuilder.<AuthSchemeProvider>create()
.register(AuthSchemes.SPNEGO, new AuthSchemeProvider() {
public AuthScheme create(final HttpContext context) {
return new WindowsNegotiateSchemeGetTokenFail(AuthSchemes.SPNEGO, "HTTP/EXAMPLE.COM");
return new WindowsNegotiateSchemeGetTokenFail(AuthSchemes.SPNEGO, "HTTP/example.com");
}
}).build();
final CredentialsProvider credsProvider =
@ -129,7 +129,10 @@ public class TestWindowsNegotiateScheme extends LocalServerTestBase {
@Override
String getToken(final CtxtHandle continueCtx, final SecBufferDesc continueToken, final String targetName) {
dispose();
throw new Win32Exception(WinError.SEC_E_DOWNGRADE_DETECTED);
/* We will rather throw SEC_E_TARGET_UNKNOWN because SEC_E_DOWNGRADE_DETECTED is not
* available on Windows XP and this unit test always fails.
*/
throw new Win32Exception(WinError.SEC_E_TARGET_UNKNOWN);
}
}