JDK 14 issue in BasicAuthenticator
Simone Bordet
simone.bordet at gmail.com
Sun Dec 15 16:52:21 UTC 2019
Hi,
the Jetty integration with HttpServerProvider is failing a couple of
tests in JDK 14 (they pass in earlier JDKs).
This is due to the fact that com.sun.net.httpserver.BasicAuthenticator
has been changed to report the charset in the WWW-Authenticate header
(see line 100).
The header produced is:
Basic realm="Test" charset="UTF-8"
which is invalid, since parameters must be separated by commas. The
right format would be:
Basic realm="Test", charset="UTF-8"
See https://tools.ietf.org/html/rfc7235#appendix-C.
Furthermore, there is some code duplication between lines 98-101 and 123-125.
The second set of lines lacks the charset parameter that the first set
of lines added, so there is a chance to factor those lines to a common
method.
I'm a JDK author and I can open a bug about this.
Thanks!
--
Simone Bordet
---
Finally, no matter how good the architecture and design are,
to deliver bug-free software with optimal performance and reliability,
the implementation technique must be flawless. Victoria Livschitz
More information about the net-dev
mailing list