RFR: 8270290: NTLM authentication fails if HEAD request is used [v2]
Daniel Fuchs
dfuchs at openjdk.java.net
Thu Sep 30 14:01:40 UTC 2021
On Wed, 25 Aug 2021 14:21:59 GMT, Alex Kasko <akasko at openjdk.org> wrote:
>> When HEAD request is used with a proxy (or a server) that requires NTLM, authentication fails when server returns large (8kb+) body along with NTLMSSP_CHALLENGE response.
>>
>> Proposed fix is to check for ongoing NTLM auth in `reset()` and consume the response body in this case.
>>
>> Alternatively the whole check for `HEAD` method in `reset()` can be dropped.
>
> Alex Kasko has updated the pull request incrementally with one additional commit since the last revision:
>
> fix direct server and plain http proxy auth that became inadvertently broken
Marked as reviewed by dfuchs (Reviewer).
OK - the proposed change seems limited enough and I have observed no failures with this patch.
LGTM even though I can't help thinking that a server that replies with a body to a CONNECT request is broken.
@Michael-Mc-Mahon do you agree that we should still accept this patch?
-------------
PR: https://git.openjdk.java.net/jdk/pull/4753
More information about the net-dev
mailing list