No 'opaque' causes NPE when attempting DigestAuthentication
Brought to you by:
russgold
Menu
▾
▴
#440 No 'opaque' causes NPE when attempting DigestAuthentication
-----------------------
Description:
-----------------------
it would appear that HttpUnit is expecting the "opaque" value to be set on the AuthenticationChallenge. However according to RFC 2109, the "opaque" key/value/pair is optional.
NullPointerException thrown when performing a request against a server using digest authentication.
-----------------------
Actual Results:
-----------------------
java.lang.NullPointerException
at com.meterware.httpunit.AuthenticationChallenge$DigestAuthenticationStrategy$Algorithm.quote(AuthenticationChallenge.java:185)
at com.meterware.httpunit.AuthenticationChallenge$DigestAuthenticationStrategy$Algorithm.append(AuthenticationChallenge.java:180)
at com.meterware.httpunit.AuthenticationChallenge$DigestAuthenticationStrategy$Algorithm.appendDigestParams(AuthenticationChallenge.java:131)
at com.meterware.httpunit.AuthenticationChallenge$DigestAuthenticationStrategy$Algorithm.appendParams(AuthenticationChallenge.java:121)
at com.meterware.httpunit.AuthenticationChallenge$DigestAuthenticationStrategy.createAuthenticationHeader(AuthenticationChallenge.java:239)
at com.meterware.httpunit.AuthenticationChallenge.createAuthenticationHeader(AuthenticationChallenge.java:69)
at com.meterware.httpunit.WebClient.createResponse(WebClient.java:652)
at com.meterware.httpunit.WebWindow.getResource(WebWindow.java:220)
at com.meterware.httpunit.WebWindow.getSubframeResponse(WebWindow.java:181)
at com.meterware.httpunit.WebWindow.getResponse(WebWindow.java:158)
at com.meterware.httpunit.WebWindow.updateWindow(WebWindow.java:199)
at com.meterware.httpunit.WebWindow.getSubframeResponse(WebWindow.java:183)
at com.meterware.httpunit.WebWindow.getResponse(WebWindow.java:158)
at com.meterware.httpunit.WebClient.getResponse(WebClient.java:122)
-----------------------
Expected Results:
-----------------------
- When building the response inside AuthenticationChallenge.DigestAuthenticationStrategy.Algorithm, the code should check to see if the opaque value is null, and if so, then don't try and use it in the response.
-----------------------
Code:
-----------------------
WebConversation wc = new WebConversation();
wc.setAuthentication(realm, usr, pass);
WebRequest req = new GetMethodWebRequest(url);
WebResponse resp = wc.getResponse(req);
Sorry, i may have been mistaken on the particular RFC... this one is more specifically related: RFC 2617
Jason - Thank you for your bug report.
http://httpunit.svn.sourceforge.net/viewvc/httpunit?view=revision&revision=1095
has the changes proposed by you.
Keep up the good work!
The change is now in the subversion repository and will be in the next build