Browse Source

Fix WWW-Authenticate auth-scheme comparison

The auth-scheme token (like "Basic" or "Digest") is not specified in a
case sensitive way. RFC2617 (http://tools.ietf.org/html/rfc2617) specifies
in section 1.2 the use of a "case-insensitive token to identify the
authentication scheme". Jetty, for example, uses "basic" as token.

Change-Id: I635a94eb0a741abcb3e68195da6913753bdbd889
Signed-off-by: Stefan Lay <stefan.lay@sap.com>
stable-0.10
Stefan Lay 14 years ago
parent
commit
20a5a34444
  1. 4
      org.eclipse.jgit.http.test/tst/org/eclipse/jgit/http/test/HttpClientTests.java
  2. 4
      org.eclipse.jgit/src/org/eclipse/jgit/transport/HttpAuthMethod.java

4
org.eclipse.jgit.http.test/tst/org/eclipse/jgit/http/test/HttpClientTests.java

@ -282,7 +282,7 @@ public class HttpClientTests extends HttpTestCase {
fail("connection opened even info/refs needs auth basic");
} catch (TransportException err) {
String exp = dumbAuthBasicURI + ": "
+ JGitText.get().authenticationNotSupported;
+ JGitText.get().notAuthorized;
assertEquals(exp, err.getMessage());
}
} finally {
@ -299,7 +299,7 @@ public class HttpClientTests extends HttpTestCase {
fail("connection opened even though service disabled");
} catch (TransportException err) {
String exp = smartAuthBasicURI + ": "
+ JGitText.get().authenticationNotSupported;
+ JGitText.get().notAuthorized;
assertEquals(exp, err.getMessage());
}
} finally {

4
org.eclipse.jgit/src/org/eclipse/jgit/transport/HttpAuthMethod.java

@ -85,9 +85,9 @@ abstract class HttpAuthMethod {
return NONE;
String type = hdr.substring(0, sp);
if (Basic.NAME.equals(type))
if (Basic.NAME.equalsIgnoreCase(type))
return new Basic();
else if (Digest.NAME.equals(type))
else if (Digest.NAME.equalsIgnoreCase(type))
return new Digest(hdr.substring(sp + 1));
else
return NONE;

Loading…
Cancel
Save