RFR: 8270290: NTLM authentication fails if HEAD request is used [v2]
Alex Kasko
akasko at openjdk.java.net
Wed Aug 25 14:21:59 UTC 2021
> When HEAD request is used with a proxy (or a server) that requires NTLM, authentication fails when server returns large (8kb+) body along with NTLMSSP_CHALLENGE response.
>
> Proposed fix is to check for ongoing NTLM auth in `reset()` and consume the response body in this case.
>
> Alternatively the whole check for `HEAD` method in `reset()` can be dropped.
Alex Kasko has updated the pull request incrementally with one additional commit since the last revision:
fix direct server and plain http proxy auth that became inadvertently broken
-------------
Changes:
- all: https://git.openjdk.java.net/jdk/pull/4753/files
- new: https://git.openjdk.java.net/jdk/pull/4753/files/c1c100d8..6027655d
Webrevs:
- full: https://webrevs.openjdk.java.net/?repo=jdk&pr=4753&range=01
- incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=4753&range=00-01
Stats: 133 lines in 2 files changed: 75 ins; 32 del; 26 mod
Patch: https://git.openjdk.java.net/jdk/pull/4753.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/4753/head:pull/4753
PR: https://git.openjdk.java.net/jdk/pull/4753
More information about the net-dev
mailing list