Bug 312228

Comment 1 Pawel Pogorzelski 2010-05-18 08:43:48 EDT

*** Bug 286631 has been marked as a duplicate of this bug. ***

Comment 2 Krzysztof Kazmierczyk 2010-06-08 10:57:22 EDT

Created attachment 171414 [details]
patch

This is continuation of the work on the patch prepared by Valentin: https://bugs.eclipse.org/bugs/attachment.cgi?id=168627

After talk with Pawel some time ago, we were afraid for blocking user by proxy server in a consequence of providing wrong username/password many times.
This patch resolves this problem using every Authentication data only once from the configuration.

Pawel, could you review this patch? Do you have any objections?

Comment 3 Pawel Pogorzelski 2010-06-09 06:09:30 EDT

Methods URL.toURI(), Authenticator.getRequestingURL() and Authenticator.getRequestorType() were added in Java 5.0. The plugin has J2SE-1.4 specified as execution environment. Can we get rid of these calls?

Another issue is the way the code checks if the credentials have been used before. I suppose we should return credentials only once per JVM lifespan for a given proxy server. The code you provided doesn't check the machine that requires authentication. This should be easy to add.

Comment 4 Krzysztof Kazmierczyk 2010-06-16 04:31:24 EDT

Created attachment 172021 [details]
second version of the patch

(In reply to comment #3)
> Methods URL.toURI(), Authenticator.getRequestingURL() and
> Authenticator.getRequestorType() were added in Java 5.0. The plugin has
> J2SE-1.4 specified as execution environment. Can we get rid of these calls?

URL.toURI() => new URI(URL.toString())

There are some problems with Authenticator.getRequestingURL() and Authenticator.getRequestorType(). To avoid using Authenticator.getRequestingURL() we can use IproxyService#getProxyData instead of IproxyService#select.
There is a problem with Authenticator.getRequestorType(). The only way to check if requestor is PROXY or SERVER is to check if requesting host and port is the same as requesting host and port is the same as given in authenticator

There are all methods and results of execution of Authenticator when connecting to proxy server on localhost:3128

"getRequestingHost()"		localhost	
"getRequestingProtocol()"	http	
"getRequestingPrompt()"		Squid proxy-caching web server	
"getRequestingSite()"	 	localhost/127.0.0.1
"getRequestingScheme()"		basic	
"getRequestingPort()"		3128

Attaching patch with the issues resolved.

Pawel, what do you think about that?

Comment 5 Pawel Pogorzelski 2010-06-16 06:56:00 EDT

(In reply to comment #4)
> The only way to check if requestor is PROXY or SERVER is to check if requesting
> host and port is the same as requesting host and port is the same as given in
> authenticator.
 
Not sure if I get this.

Comment 6 Pawel Pogorzelski 2010-06-28 09:10:38 EDT

(In reply to comment #4)
> There are some problems with Authenticator.getRequestingURL() and
> Authenticator.getRequestorType().

I've opened bug 318173 to investigate moving core.net to Java 5.0.

Comment 7 Pawel Pogorzelski 2010-07-07 08:35:01 EDT

*** Bug 197284 has been marked as a duplicate of this bug. ***

Comment 8 Scott Lewis 2012-04-03 10:38:29 EDT

Pawel, what does marking this bug as target milestone 4.3 mean?  Does it mean that the work won't be applied to 3.8 stream?

Comment 9 Pawel Pogorzelski 2012-04-03 10:44:29 EDT

Looks like it won't. Sim will confirm, he's assigned.

Comment 10 Scott Lewis 2012-04-03 13:46:27 EDT

(In reply to comment #9)
> Looks like it won't. Sim will confirm, he's assigned.

Do you mean it won't be applied to 3.8?  If so (it's not expected/intended to be applied to 3.8) I would request that choice be re-thought...as I know of commercial consumers that are wanting this/these fixes...but on 3.8 stream.

Comment 11 Szymon Brandys 2012-04-04 07:31:47 EDT

We do not have enough manpower in Eclipse Platform to work on that in 3.8. We need help, so if you can or you know someone who can work on that, please let me know and we re-consider it for 3.8 or 3.8.x.