Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8038079

Re-examine integration of SPNEGO authentication

XMLWordPrintable

    • b150

      The HTTP protocol supports the standard Basic and Digest authentication and optionally NTLM and SPNEGO if it can load the classes via reflection:

      sun.net.www.protocol.http.NTLMAuthenticationProxy
        ->sun.net.www.protocol.http.ntlm.NTLMAuthentication

      sun.net.www.protocol.http.Negotiator
        ->sun.net.www.protocol.http.spnego.NegotiatorImpl

      The use of reflection is problematic when we move to modules because the classes that it loads with Class.forName will be module-private.

      This bug requests that this implementation be re-examined to see if it can be changed so that the authentication schemes are pluggable, perhaps using ServiceLoader, and so that the additional authentication schemes are supported as now when the Kerberos module is installed.

      If pluggable authentication is added then it should be done so in conjunction with the proposed new HTTP client which may also benefit from having pluggable authentication support.

            prappo Pavel Rappo (Inactive)
            alanb Alan Bateman
            Votes:
            0 Vote for this issue
            Watchers:
            12 Start watching this issue

              Created:
              Updated:
              Resolved: