HTTPCLIENT-1338: (regression) Invalidated / stale DIGEST schemes do not get evicted from the auth cache

git-svn-id: https://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk@1467929 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Oleg Kalnichevski 2013-04-15 10:25:34 +00:00
parent e8c5d1bca4
commit 485f06bb27
4 changed files with 40 additions and 0 deletions

View File

@ -1,3 +1,12 @@
Changes since release 4.3 BETA1
-------------------
* [HTTPCLIENT-1338] (regression) Invalidated / stale DIGEST schemes do not get evicted from
the auth cache.
Contributed by Oleg Kalnichevski <olegk at apache.org>
Release 4.3 BETA1 Release 4.3 BETA1
------------------- -------------------

View File

@ -474,4 +474,14 @@ public class DigestScheme extends RFC2617Scheme {
return encode(tmp); return encode(tmp);
} }
@Override
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("DIGEST [complete=").append(complete)
.append(", nonce=").append(lastNonce)
.append(", nc=").append(nounceCount)
.append("]");
return builder.toString();
}
} }

View File

@ -75,6 +75,9 @@ public class HttpAuthenticator {
final HttpContext context) { final HttpContext context) {
if (authStrategy.isAuthenticationRequested(host, response, context)) { if (authStrategy.isAuthenticationRequested(host, response, context)) {
this.log.debug("Authentication required"); this.log.debug("Authentication required");
if (authState.getState() == AuthProtocolState.SUCCESS) {
authStrategy.authFailed(host, authState.getAuthScheme(), context);
}
return true; return true;
} else { } else {
switch (authState.getState()) { switch (authState.getState()) {

View File

@ -115,6 +115,24 @@ public class TestHttpAuthenticator {
Mockito.verify(this.authStrategy).isAuthenticationRequested(this.host, response, this.context); Mockito.verify(this.authStrategy).isAuthenticationRequested(this.host, response, this.context);
} }
@Test
public void testAuthenticationRequestedAfterSuccess() throws Exception {
final HttpResponse response = new BasicHttpResponse(HttpVersion.HTTP_1_1, HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
Mockito.when(this.authStrategy.isAuthenticationRequested(
Mockito.any(HttpHost.class),
Mockito.any(HttpResponse.class),
Mockito.any(HttpContext.class))).thenReturn(Boolean.TRUE);
this.authState.update(this.authScheme, this.credentials);
this.authState.setState(AuthProtocolState.SUCCESS);
Assert.assertTrue(this.httpAuthenticator.isAuthenticationRequested(
this.host, response, this.authStrategy, this.authState, this.context));
Mockito.verify(this.authStrategy).isAuthenticationRequested(this.host, response, this.context);
Mockito.verify(this.authStrategy).authFailed(this.host, this.authScheme, this.context);
}
@Test @Test
public void testAuthenticationNotRequestedUnchallenged() throws Exception { public void testAuthenticationNotRequestedUnchallenged() throws Exception {
final HttpResponse response = new BasicHttpResponse(HttpVersion.HTTP_1_1, HttpStatus.SC_OK, "OK"); final HttpResponse response = new BasicHttpResponse(HttpVersion.HTTP_1_1, HttpStatus.SC_OK, "OK");