RFR: 8270290: NTLM authentication fails if HEAD request is used
Alex Kasko
akasko at openjdk.java.net
Mon Jul 12 10:54:53 UTC 2021
On Mon, 12 Jul 2021 10:34:54 GMT, Alex Kasko <akasko at openjdk.org> wrote:
> When HEAD request is used with a proxy (or a server) that requires NTLM, authentication fails when server returns large (8kb+) body along with NTLMSSP_CHALLENGE response.
>
> Proposed fix is to check for ongoing NTLM auth in `reset()` and consume the response body in this case.
>
> Alternatively the whole check for `HEAD` method in `reset()` can be dropped.
Just for the reference, `reset()` calls during NTLM auth:
server auth:
https://github.com/openjdk/jdk/blob/8973867fb9568a3a527b763c9ce10cebdfb306d0/src/java.base/share/classes/sun/net/www/protocol/http/HttpURLConnection.java#L1849
proxy auth with plain HTTP:
https://github.com/openjdk/jdk/blob/8973867fb9568a3a527b763c9ce10cebdfb306d0/src/java.base/share/classes/sun/net/www/protocol/http/HttpURLConnection.java#L1762
proxy tunnel with HTTPS:
https://github.com/openjdk/jdk/blob/8973867fb9568a3a527b763c9ce10cebdfb306d0/src/java.base/share/classes/sun/net/www/protocol/http/HttpURLConnection.java#L2233
-------------
PR: https://git.openjdk.java.net/jdk/pull/4753
More information about the net-dev
mailing list