JDK 14 issue in BasicAuthenticator
Michael McMahon
michael.x.mcmahon at oracle.com
Mon Dec 16 08:30:15 UTC 2019
I'll fix this. Thanks for reporting and filing the bug.
- Michael.
On 16/12/2019 08:17, Alan Bateman wrote:
> On 15/12/2019 16:52, Simone Bordet wrote:
>> Hi,
>>
>> the Jetty integration with HttpServerProvider is failing a couple of
>> tests in JDK 14 (they pass in earlier JDKs).
>>
>> This is due to the fact that com.sun.net.httpserver.BasicAuthenticator
>> has been changed to report the charset in the WWW-Authenticate header
>> (see line 100).
>> The header produced is:
>>
>> Basic realm="Test" charset="UTF-8"
>>
>> which is invalid, since parameters must be separated by commas. The
>> right format would be:
>>
>> Basic realm="Test", charset="UTF-8"
>>
>> See https://tools.ietf.org/html/rfc7235#appendix-C.
>>
>> Furthermore, there is some code duplication between lines 98-101 and
>> 123-125.
>> The second set of lines lacks the charset parameter that the first set
>> of lines added, so there is a chance to factor those lines to a common
>> method.
>>
>> I'm a JDK author and I can open a bug about this.
>>
> Thanks for reporting this, it's good to catch this so that it can be
> investigated. Also a reminder that we need as many people as possible
> trying out the early access builds. I've created JDK-8235976, linked
> it to your mail here, and also added you to the list of watchers (as
> you have a JBS login).
>
> -Alan
More information about the net-dev
mailing list