diff options
| author | Christian Pontesegger <christian.pontesegger@web.de> | 2016-04-20 08:31:18 +0200 |
|---|---|---|
| committer | Matthias Sohn <matthias.sohn@sap.com> | 2016-06-06 16:45:49 +0200 |
| commit | ac3d3af632b2b98e1ae176e4cd484934d1f49e1d (patch) | |
| tree | b1cb2859058b0d13aafd2423835b6af71bce05a8 /org.eclipse.jgit/src/org/eclipse/jgit/transport/HttpAuthMethod.java | |
| parent | 534fcb14795ac8cb1107cda9be1de4f5e1f38ea1 (diff) | |
| download | jgit-ac3d3af632b2b98e1ae176e4cd484934d1f49e1d.tar.gz jgit-ac3d3af632b2b98e1ae176e4cd484934d1f49e1d.zip | |
http transport does not use authentication fallback
Git servers supporting HTTP transport can send multiple WWW-Authenticate
challenges [1] for different authentication schemes the server supports.
If authentication fails now retry all authentication types proposed by
the server.
[1] https://tools.ietf.org/html/rfc2617#page-3
Bug: 492057
Change-Id: I01d438a5896f9b1008bd6b751ad9c7cbf780af1a
Signed-off-by: Christian Pontesegger <christian.pontesegger@web.de>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Diffstat (limited to 'org.eclipse.jgit/src/org/eclipse/jgit/transport/HttpAuthMethod.java')
| -rw-r--r-- | org.eclipse.jgit/src/org/eclipse/jgit/transport/HttpAuthMethod.java | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/org.eclipse.jgit/src/org/eclipse/jgit/transport/HttpAuthMethod.java b/org.eclipse.jgit/src/org/eclipse/jgit/transport/HttpAuthMethod.java index 998f280014..81e6904bff 100644 --- a/org.eclipse.jgit/src/org/eclipse/jgit/transport/HttpAuthMethod.java +++ b/org.eclipse.jgit/src/org/eclipse/jgit/transport/HttpAuthMethod.java @@ -51,6 +51,7 @@ import java.io.UnsupportedEncodingException; import java.net.URL; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; +import java.util.Collection; import java.util.Collections; import java.util.HashMap; import java.util.LinkedHashMap; @@ -149,9 +150,12 @@ abstract class HttpAuthMethod { * * @param conn * the connection that failed. + * @param ignoreTypes + * authentication types to be ignored. * @return new authentication method to try. */ - static HttpAuthMethod scanResponse(final HttpConnection conn) { + static HttpAuthMethod scanResponse(final HttpConnection conn, + Collection<Type> ignoreTypes) { final Map<String, List<String>> headers = conn.getHeaderFields(); HttpAuthMethod authentication = Type.NONE.method(EMPTY_STRING); @@ -165,6 +169,12 @@ abstract class HttpAuthMethod { try { Type methodType = Type.valueOf(valuePart[0].toUpperCase()); + + if ((ignoreTypes != null) + && (ignoreTypes.contains(methodType))) { + continue; + } + if (authentication.getType().compareTo(methodType) >= 0) { continue; } |