[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jgit-dev] HttpClientConnection.getHeaderFields to support multiple header values

Very interesting. The Jenkins git client plugin (uses JGit) has two different JGit implementations, one that uses native JGit and the other that uses Apache httpÂfor authentication of JGit. This bug may be the root reason why two different authentication implementations were used.

The TFS use case was the reason the Apache httpÂauthentication implementation was added.

Mark Waite

On Mon, Jun 18, 2018 at 7:38 PM Gabriel Couto <gmcouto@xxxxxxxxx> wrote:
Hello dear JGit devs,

I have come here to bring a patch for an old bug that might have never been reported.
We might see in the internet it is very hard to get JGit to connect to a TFS server, but today I have found the reason.

It is because ofÂHttpClientConnection.getHeaderFields. If a server replies with multiple WWW-Authenticate, it will consider only the last value read.
Except the correct behavior is to provide a list of all the values if same header key.

Because of this bug JGit will not even try other authentication methods if NTLM is the last one in the response header.

I have patched this with a Pull Request, that I kindly ask to be accepted:

I also have workarounds provided if anyone is facing a similar issue, and can't wait for the fix:

Gabriel Couto
jgit-dev mailing list
To change your delivery options, retrieve your password, or unsubscribe from this list, visit