Details
-
Bug
-
Resolution: Fixed
-
P3
-
9
-
b150
Description
The HTTP protocol supports the standard Basic and Digest authentication and optionally NTLM and SPNEGO if it can load the classes via reflection:
sun.net.www.protocol.http.NTLMAuthenticationProxy
->sun.net.www.protocol.http.ntlm.NTLMAuthentication
sun.net.www.protocol.http.Negotiator
->sun.net.www.protocol.http.spnego.NegotiatorImpl
The use of reflection is problematic when we move to modules because the classes that it loads with Class.forName will be module-private.
This bug requests that this implementation be re-examined to see if it can be changed so that the authentication schemes are pluggable, perhaps using ServiceLoader, and so that the additional authentication schemes are supported as now when the Kerberos module is installed.
If pluggable authentication is added then it should be done so in conjunction with the proposed new HTTP client which may also benefit from having pluggable authentication support.
sun.net.www.protocol.http.NTLMAuthenticationProxy
->sun.net.www.protocol.http.ntlm.NTLMAuthentication
sun.net.www.protocol.http.Negotiator
->sun.net.www.protocol.http.spnego.NegotiatorImpl
The use of reflection is problematic when we move to modules because the classes that it loads with Class.forName will be module-private.
This bug requests that this implementation be re-examined to see if it can be changed so that the authentication schemes are pluggable, perhaps using ServiceLoader, and so that the additional authentication schemes are supported as now when the Kerberos module is installed.
If pluggable authentication is added then it should be done so in conjunction with the proposed new HTTP client which may also benefit from having pluggable authentication support.
Attachments
Issue Links
- duplicates
-
-
- Closed
-
- relates to
-
-
- Closed
-