From 63d06f06cd51d4a2259d876dd1d1ae34ab2431e5 Mon Sep 17 00:00:00 2001 From: Oleg Kalnichevski Date: Tue, 24 Apr 2012 15:55:07 +0000 Subject: [PATCH] =?UTF-8?q?HTTPCLIENT-1186:=20State=20of=20newly=20created?= =?UTF-8?q?=20connections=20in=20the=20connection=20pool=20is=20not=20alwa?= =?UTF-8?q?ys=20correctly=20updated=20potentially=20allowing=20those=20con?= =?UTF-8?q?nections=20to=20be=20leased=20to=20users=20with=20a=20different?= =?UTF-8?q?=20security=20context=20Contributed=20by=20Ralf=20P=C3=B6hlmann?= =?UTF-8?q?=20?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit git-svn-id: https://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk@1329811 13f79535-47bb-0310-9956-ffa450edef68 --- RELEASE_NOTES.txt | 5 +++++ .../apache/http/impl/client/DefaultRequestDirector.java | 8 +++++--- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/RELEASE_NOTES.txt b/RELEASE_NOTES.txt index 549c68257..dad0f16bb 100644 --- a/RELEASE_NOTES.txt +++ b/RELEASE_NOTES.txt @@ -1,6 +1,11 @@ Changes since 4.2 BETA1 ------------------- +* [HTTPCLIENT-1186] State of newly created connections in the connection pool is not always + correctly updated potentially allowing those connections to be leased to users with a different + security context. + Contributed by Ralf Pöhlmann + * [HTTPCLIENT-1179] Upgraded Commons Codec dependency to version 1.6 Contributed by Oleg Kalnichevski diff --git a/httpclient/src/main/java/org/apache/http/impl/client/DefaultRequestDirector.java b/httpclient/src/main/java/org/apache/http/impl/client/DefaultRequestDirector.java index 28d653c34..bf05800c1 100644 --- a/httpclient/src/main/java/org/apache/http/impl/client/DefaultRequestDirector.java +++ b/httpclient/src/main/java/org/apache/http/impl/client/DefaultRequestDirector.java @@ -576,9 +576,11 @@ public class DefaultRequestDirector implements RequestDirector { roureq = followup; } - if (managedConn != null && userToken == null) { - userToken = userTokenHandler.getUserToken(context); - context.setAttribute(ClientContext.USER_TOKEN, userToken); + if (managedConn != null) { + if (userToken == null) { + userToken = userTokenHandler.getUserToken(context); + context.setAttribute(ClientContext.USER_TOKEN, userToken); + } if (userToken != null) { managedConn.setState(userToken); }