Community
Participate
Working Groups
Current authentication code is not flexible (authenticator is a JVM wide setting) and fails in some places like handling cancel button (bug 295021) or prompting for credentials even if they're provided (bug 286631). This is a master bug to track investigation/fixes in the core.net authentication area. See bug 295030, comment 82 for a list of proposed changes.
*** Bug 286631 has been marked as a duplicate of this bug. ***
Created attachment 171414 [details] patch This is continuation of the work on the patch prepared by Valentin: https://bugs.eclipse.org/bugs/attachment.cgi?id=168627 After talk with Pawel some time ago, we were afraid for blocking user by proxy server in a consequence of providing wrong username/password many times. This patch resolves this problem using every Authentication data only once from the configuration. Pawel, could you review this patch? Do you have any objections?
Methods URL.toURI(), Authenticator.getRequestingURL() and Authenticator.getRequestorType() were added in Java 5.0. The plugin has J2SE-1.4 specified as execution environment. Can we get rid of these calls? Another issue is the way the code checks if the credentials have been used before. I suppose we should return credentials only once per JVM lifespan for a given proxy server. The code you provided doesn't check the machine that requires authentication. This should be easy to add.
Created attachment 172021 [details] second version of the patch (In reply to comment #3) > Methods URL.toURI(), Authenticator.getRequestingURL() and > Authenticator.getRequestorType() were added in Java 5.0. The plugin has > J2SE-1.4 specified as execution environment. Can we get rid of these calls? URL.toURI() => new URI(URL.toString()) There are some problems with Authenticator.getRequestingURL() and Authenticator.getRequestorType(). To avoid using Authenticator.getRequestingURL() we can use IproxyService#getProxyData instead of IproxyService#select. There is a problem with Authenticator.getRequestorType(). The only way to check if requestor is PROXY or SERVER is to check if requesting host and port is the same as requesting host and port is the same as given in authenticator There are all methods and results of execution of Authenticator when connecting to proxy server on localhost:3128 "getRequestingHost()" localhost "getRequestingProtocol()" http "getRequestingPrompt()" Squid proxy-caching web server "getRequestingSite()" localhost/127.0.0.1 "getRequestingScheme()" basic "getRequestingPort()" 3128 Attaching patch with the issues resolved. Pawel, what do you think about that?
(In reply to comment #4) > The only way to check if requestor is PROXY or SERVER is to check if requesting > host and port is the same as requesting host and port is the same as given in > authenticator. Not sure if I get this.
(In reply to comment #4) > There are some problems with Authenticator.getRequestingURL() and > Authenticator.getRequestorType(). I've opened bug 318173 to investigate moving core.net to Java 5.0.
*** Bug 197284 has been marked as a duplicate of this bug. ***
Pawel, what does marking this bug as target milestone 4.3 mean? Does it mean that the work won't be applied to 3.8 stream?
Looks like it won't. Sim will confirm, he's assigned.
(In reply to comment #9) > Looks like it won't. Sim will confirm, he's assigned. Do you mean it won't be applied to 3.8? If so (it's not expected/intended to be applied to 3.8) I would request that choice be re-thought...as I know of commercial consumers that are wanting this/these fixes...but on 3.8 stream.
We do not have enough manpower in Eclipse Platform to work on that in 3.8. We need help, so if you can or you know someone who can work on that, please let me know and we re-consider it for 3.8 or 3.8.x.
