extension-repository-http: implemented HTTP proxy authentification. #13
Conversation
HttpClientBuilder.useSystemProperties method do not takes into account login and password for authentification against proxy. This change allows to use http.proxyUser and http.proxyPassword JVM system properties to authentificate against proxy server.
|
This looks like a bug on HTTPClient side to me. |
|
Why do you say a bug thomas? The doc at http://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache/http/impl/client/HttpClientBuilder.html clearly lists what it handles and |
|
Also, even if it were a bug, we still need to work around it. |
|
I say a bug because it does not make much sense for useSystemProperties() to not handled something as standard as http.proxyUser and http.proxyPassword. IMO they were just forgotten and should be reported, if it was on purpose there would be a note about those two properties in the documentation. |
|
Thanks for the contribution @nE0sIghT by the way but I would like to understand why HTTPClient does not support this in the first place before reimplementing on our side the proxy. Also note that this workaround only works for HTTP and not HTTPS proxy from what I understand (at least the standard properties for https are supposed to be https.proxyUser and https.proxyPassword) |
|
To say the truth http.proxy(User|Password) never was some standard as I know. I do not think this must be fixed in commons HTTP client. |
It also talk about https.proxyHost and https.proxyPort. For proxyUser the closest from a standard documentation I could find is http://www.ibm.com/support/knowledgecenter/was_beta/com.ibm.websphere.base.doc/ae/twbs_configwbsclient2webproxy.html which is also talking about http.* vs https.*. |
| } | ||
|
|
||
| proxy = new HttpHost(proxyHost, port); | ||
| httpClientBuilder.setProxy(proxy); |
There was a problem hiding this comment.
Seems to me setting the right credential provider should be enough. Setting the proxy is supposed to be useSystemProperties() job, then it will ask the credential provider if it needs authentication.
There was a problem hiding this comment.
Agreed. However we need to construct proxy HttpHost object to pass it to credential provider.
This part is not clear for me if auto detected system proxy used.
I think the proper way is to extract all auto detected system proxies (as commons HTTP client do it) and set credentials for each of them.
There was a problem hiding this comment.
A much simpler alternative to all that might be to just set a default java.net.Authenticator which return whatever is indicated in http.proxyUser/Pass if called with RequestorType.PROXY. But probably in a different module since it will apply to everything so that you can get rid of it if you want to provide a different one for your setup.
Others had this idea. For inspiration on how to implement it: https://svn.apache.org/repos/asf/ant/ivy/core/trunk/src/java/org/apache/ivy/util/url/IvyAuthenticator.java
There was a problem hiding this comment.
Looks nice! I think this is a best method.
|
@sdumitriu |
|
@nE0sIghT True, but the example is how this could be accomplished globally, not just for extension-repository-http, and in a manner that doesn't add complexity. The authenticator itself is as simple as possible, and it should indeed check the authenticator type, and could be extended to take into account different http and https settings. |
|
Yep this is a good illustration of what I was talking about, plus it's already XWiki style :) But this one is missing a few things IMO:
|
HttpClientBuilder.useSystemProperties method do not takes into account login and password for authentification against proxy.
This change allows to use http.proxyUser and http.proxyPassword JVM system properties to authentificate against proxy server.