Browse Source
Sun HttpURLConnection is able to handle authentication like SPNEGO without caller intervention. However, there are some restrictions: - do not need user direct input (user,password for example) - it doesn't work when request body is chunked/streamed (because it cannot be replayed) Unfortunately there is no real way to leverage HttpURLConnection authentication work as the authentication header is stripped off the request before returning to the caller. There's also no way to explicitly disable authentication in HttpURLConnection (SPNEGO auth will always be attempted if a valid token can be created by GSSAPI). This is an issue for jgit since it is expected that the first request will be used to detect authentication method, and reuse for the subsequent requests. This patch modifies TransportHTTP to detect authentication done in the background by HttpURLConnection and sets the jgit authentication method accordingly so it will always work for future requests (assuming that the authentication method used by HttpURLConnection is also supported by jgit). Bug: 428836 Change-Id: I79f3b70ca2b8377e20da8e6a01914e43e96595ce Signed-off-by: Laurent Goujon <lgoujon@twitter.com> Signed-off-by: Chris Aniszczyk <caniszczyk@gmail.com>stable-3.4
Laurent Goujon
11 years ago
committed by
Chris Aniszczyk
1 changed files with 8 additions and 0 deletions
Loading…
Reference in new issue