[
https://issues.apache.org/jira/browse/VFS-858?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17927409#comment-17927409
]
Gary D. Gregory commented on VFS-858:
-------------------------------------
Hello [~boris-petrov]
Thank you for your report.
I can see how the HC5 provider could have an issue but not the HC4 one since
creating a String should make a copy of the char array input.
It would be helpful if you could update the existing unit tests to demonstrate
the issue in HC5 and HC4.
TY!
> Cannot use authentication with the HTTP5 provider
> -------------------------------------------------
>
> Key: VFS-858
> URL: https://issues.apache.org/jira/browse/VFS-858
> Project: Commons VFS
> Issue Type: Bug
> Affects Versions: 2.10.0
> Reporter: Boris Petrov
> Priority: Critical
>
> Congrats on the new release!
> [This
> line|https://github.com/apache/commons-vfs/blob/rel/commons-vfs-2.10.0/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/http5/Http5FileProvider.java#L236]
> gets the password from the *UserAuthenticationData* directly, without
> copying, and saves it in an array. The method is called from
> [here|https://github.com/apache/commons-vfs/blob/rel/commons-vfs-2.10.0/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/http5/Http5FileProvider.java#L341].
> Then, a [few lines
> down|https://github.com/apache/commons-vfs/blob/rel/commons-vfs-2.10.0/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/http5/Http5FileProvider.java#L344],
> the authentication data is nulled which also cleans it in the
> credentials-provider that was passed to the http-client. And then the
> requests don't work.
> P.S. Actually, I can't seem to be able to use authentication with the HTTP4
> provider either where *String* is used for the password so I guess there is
> another problem. I'm only able to use that with the oldest HTTP provider.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
