Maven Wagon

preemptive auth in non-lightweight http wagon causes Unauthorized responses from some servers

Details

  • Type: Bug Bug
  • Status: Closed Closed
  • Priority: Blocker Blocker
  • Resolution: Fixed
  • Affects Version/s: 1.0-beta-5
  • Fix Version/s: 1.0-beta-6
  • Component/s: wagon-http
  • Labels:
    None
  • Number of attachments :
    0

Description

the http wagon uses preemptive authentication, which means that if you have a server entry with username and password in it that don't correspond to a user on the server you're trying to reach, that server will sometimes respond with Unauthorized regardless of whether authentication is even required to perform that operation on that target URL.

We should allow the configuration strategy from WAGON-269/WAGON-264 to configure the 'http.authentication.preemptive' httpclient parameter, and turn off preemptive authentication by default.

Issue Links

is depended upon by

Bug - A problem which impairs or prevents the functions of the product. MNG-4213 preemptive auth in non-lightweight http wagon causes Unauthorized responses from some servers

  • Blocker - Blocks development and/or testing work, production could not run
  • Closed - The issue is considered finished, the resolution is correct. Issues which are not closed can be reopened.

Activity

Hide
Permalink
John Casey added a comment -

fix-for: beta-6

Show
John Casey added a comment - fix-for: beta-6

People

  • Assignee:
    John Casey
    Reporter:
    John Casey
Vote (0)
Watch (0)

Dates

  • Created:
    Updated:
    Resolved: