stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

8048035: Ensure proper proxy protocols

Browse Source 
Reviewed-by: alanb, chegar
This commit is contained in:
Michael McMahon 2014-09-10 10:33:43 +01:00
parent 6888358c94
commit 4ed0514033
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
jdk/src/java.base/share/classes/sun/net/www/protocol/http/HttpURLConnection.java
View File

@ -337,6 +337,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
/* try auth without calling Authenticator. Used for transparent NTLM authentication */ /* try auth without calling Authenticator. Used for transparent NTLM authentication */
private boolean tryTransparentNTLMServer = true; private boolean tryTransparentNTLMServer = true;
private boolean tryTransparentNTLMProxy = true; private boolean tryTransparentNTLMProxy = true;
private boolean useProxyResponseCode = false;
/* Used by Windows specific code */ /* Used by Windows specific code */
private Object authObj; private Object authObj;
@ -2239,6 +2240,15 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
if (tryTransparentNTLMProxy) { if (tryTransparentNTLMProxy) {
tryTransparentNTLMProxy = tryTransparentNTLMProxy =
NTLMAuthenticationProxy.supportsTransparentAuth; NTLMAuthenticationProxy.supportsTransparentAuth;
/* If the platform supports transparent authentication
* then normally it's ok to do transparent auth to a proxy
* because we generally trust proxies (chosen by the user)
* But not in the case of 305 response where the server
* chose it. */
if (tryTransparentNTLMProxy && useProxyResponseCode) {
tryTransparentNTLMProxy = false;
}
} }
a = null; a = null;
if (tryTransparentNTLMProxy) { if (tryTransparentNTLMProxy) {
@ -2610,6 +2620,10 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
requests.set(0, method + " " + getRequestURI()+" " + requests.set(0, method + " " + getRequestURI()+" " +
httpVersion, null); httpVersion, null);
connected = true; connected = true;
// need to remember this in case NTLM proxy authentication gets
// used. We can't use transparent authentication when user
// doesn't know about proxy.
useProxyResponseCode = true;
} else { } else {
// maintain previous headers, just change the name // maintain previous headers, just change the name
// of the file we're getting // of the file we're getting