8006153: HTTP protocol handler authenication should use Base64 API

Reviewed-by: chegar, alanb
2013-01-13 22:09:50 +00:00 · 2013-01-13 22:09:50 +00:00 · 7a8ddfee99
commit 7a8ddfee99
parent c7c2bd14d7
2 changed files with 8 additions and 21 deletions
--- a/jdk/src/share/classes/sun/net/www/protocol/http/BasicAuthentication.java
+++ b/jdk/src/share/classes/sun/net/www/protocol/http/BasicAuthentication.java
@ -31,8 +31,9 @@ import java.net.URISyntaxException;
 import java.net.PasswordAuthentication;
 import java.io.IOException;
 import java.io.OutputStream;
+import java.util.Base64;
+import java.util.Base64.Encoder;
 import sun.net.www.HeaderParser;
-import sun.misc.BASE64Encoder;

 /**
 * BasicAuthentication: Encapsulate an http server authentication using
@ -76,7 +77,7 @@ class BasicAuthentication extends AuthenticationInfo {
        System.arraycopy(nameBytes, 0, concat, 0, nameBytes.length);
        System.arraycopy(passwdBytes, 0, concat, nameBytes.length,
                         passwdBytes.length);
-        this.auth = "Basic " + (new BasicBASE64Encoder()).encode(concat);
+        this.auth = "Basic " + Base64.getEncoder().encodeToString(concat);
        this.pw = pw;
    }

@ -116,7 +117,7 @@ class BasicAuthentication extends AuthenticationInfo {
        System.arraycopy(nameBytes, 0, concat, 0, nameBytes.length);
        System.arraycopy(passwdBytes, 0, concat, nameBytes.length,
                         passwdBytes.length);
-        this.auth = "Basic " + (new BasicBASE64Encoder()).encode(concat);
+        this.auth = "Basic " + Base64.getEncoder().encodeToString(concat);
        this.pw = pw;
    }

@ -201,12 +202,5 @@ class BasicAuthentication extends AuthenticationInfo {
        /*should not reach here. If we do simply return npath*/
        return npath;
    }
-
-    /* It is never expected that the header value will exceed the bytesPerLine */
-    private class BasicBASE64Encoder extends BASE64Encoder {
-        @Override
-        protected int bytesPerLine() {
-            return (10000);
-        }
-    }
 }
+
--- a/jdk/src/share/classes/sun/net/www/protocol/http/NegotiateAuthentication.java
+++ b/jdk/src/share/classes/sun/net/www/protocol/http/NegotiateAuthentication.java
@ -28,10 +28,9 @@ package sun.net.www.protocol.http;
 import java.net.URL;
 import java.io.IOException;
 import java.net.Authenticator.RequestorType;
+import java.util.Base64;
 import java.util.HashMap;
 import sun.net.www.HeaderParser;
-import sun.misc.BASE64Decoder;
-import sun.misc.BASE64Encoder;
 import static sun.net.www.protocol.http.AuthScheme.NEGOTIATE;
 import static sun.net.www.protocol.http.AuthScheme.KERBEROS;

@ -151,9 +150,9 @@ class NegotiateAuthentication extends AuthenticationInfo {
            byte[] incoming = null;
            String[] parts = raw.split("\\s+");
            if (parts.length > 1) {
-                incoming = new BASE64Decoder().decodeBuffer(parts[1]);
+                incoming = Base64.getDecoder().decode(parts[1]);
            }
-            response = hci.scheme + " " + new B64Encoder().encode(
+            response = hci.scheme + " " + Base64.getEncoder().encodeToString(
                        incoming==null?firstToken():nextToken(incoming));

            conn.setAuthenticationProperty(getHeaderName(), response);
@ -201,12 +200,6 @@ class NegotiateAuthentication extends AuthenticationInfo {
        return negotiator.nextToken(token);
    }

-    class B64Encoder extends BASE64Encoder {
-        protected int bytesPerLine () {
-            return 100000;  // as big as it can be, maybe INT_MAX
-        }
-    }
-
    // MS will send a final WWW-Authenticate even if the status is already
    // 200 OK. The token can be fed into initSecContext() again to determine
    // if the server can be trusted. This is not the same concept as Digest's