Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 362447

Summary: Maximum nonce age updatability broken
Product: [RT] Jetty Reporter: Matthew Long <mlong8006>
Component: otherAssignee: Jesse McConnell <jesse.mcconnell>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: P3    
Version: unspecified   
Target Milestone: 7.5.x   
Hardware: All   
OS: All   
Whiteboard:
Attachments:
Description Flags
DigestAuthenticator patch for updatable max nonce age none

Description Matthew Long CLA 2011-10-31 00:51:49 EDT 
Build Identifier: 8.0.4.v20111024

The issue of an updatable maximum nonce age was raised in https://bugs.eclipse.org/bugs/show_bug.cgi?id=326734 and the suggested solution was to extend the DigestAuthenticator class in order to set the maxNonceAge field.
This field has been made private, breaking the suggested solution.
In addition the alternative method of setting the maximum nonce age is not thread safe.
It would be nice if a setter could be added for the max nonce age, or the field made protected again.

Reproducible: Always

Steps to Reproduce:
N/A
Comment 1 Matthew Long CLA 2011-10-31 01:05:24 EDT 
Created attachment 206188 [details]
DigestAuthenticator patch for updatable max nonce age

I've attached a suggested patch to add a setter to the DigestAuthenticator and add thread safety to the field.
Comment 2 Jesse McConnell CLA 2011-11-02 17:39:58 EDT 
fixed on master, will be merged to jetty 8 on next merge