JDK 14 issue in BasicAuthenticator
Alan Bateman
Alan.Bateman at oracle.com
Mon Dec 16 08:17:26 UTC 2019
On 15/12/2019 16:52, Simone Bordet wrote:
> Hi,
>
> the Jetty integration with HttpServerProvider is failing a couple of
> tests in JDK 14 (they pass in earlier JDKs).
>
> This is due to the fact that com.sun.net.httpserver.BasicAuthenticator
> has been changed to report the charset in the WWW-Authenticate header
> (see line 100).
> The header produced is:
>
> Basic realm="Test" charset="UTF-8"
>
> which is invalid, since parameters must be separated by commas. The
> right format would be:
>
> Basic realm="Test", charset="UTF-8"
>
> See https://tools.ietf.org/html/rfc7235#appendix-C.
>
> Furthermore, there is some code duplication between lines 98-101 and 123-125.
> The second set of lines lacks the charset parameter that the first set
> of lines added, so there is a chance to factor those lines to a common
> method.
>
> I'm a JDK author and I can open a bug about this.
>
Thanks for reporting this, it's good to catch this so that it can be
investigated. Also a reminder that we need as many people as possible
trying out the early access builds. I've created JDK-8235976, linked it
to your mail here, and also added you to the list of watchers (as you
have a JBS login).
-Alan
More information about the net-dev
mailing list