JERSEY-2428: SslContext and HostVerifier not passed on nonPreemptive auth

Petr Janouch · Petr Janouch · commit 4451b36d71b7 · 2015-12-10T17:36:34.000+01:00
Change-Id: Idffc4ce26044a657b482d49e8d5c00a5b6288b6e
diff --git a/core-client/src/main/java/org/glassfish/jersey/client/authentication/HttpAuthenticationFeature.java b/core-client/src/main/java/org/glassfish/jersey/client/authentication/HttpAuthenticationFeature.java
@@ -57,6 +57,9 @@
  *  then the request is repeated with authentication information. This mode has negative impact on the performance.
  *  The advantage is that it does not send credentials when they are not needed. This mode must
  *  be combined with usage of SSL/TLS as the password is send only BASE64 encoded.
+ *  <p/>
+ *  Please note that when you use non-preemptive authentication, Jersey client will make 2 requests to a resource,
+ *  which also means that all registered filters will be invoked twice.
  *  </li>
  *  <li><b>DIGEST:</b> Http digest authentication. Does not require usage of SSL/TLS.</li>
  *  <li><b>UNIVERSAL:</b> Combination of basic and digest authentication. The feature works in non-preemptive
diff --git a/core-client/src/main/java/org/glassfish/jersey/client/authentication/HttpAuthenticationFilter.java b/core-client/src/main/java/org/glassfish/jersey/client/authentication/HttpAuthenticationFilter.java
@@ -294,7 +294,8 @@ private void updateCache(ClientRequestContext request, boolean success, Type ope
      * {@code false} otherwise).
      */
     static boolean repeatRequest(ClientRequestContext request, ClientResponseContext response, String newAuthorizationHeader) {
-        Client client = ClientBuilder.newClient(request.getConfiguration());
+        Client client = request.getClient();
+
         String method = request.getMethod();
         MediaType mediaType = request.getMediaType();
         URI lUri = request.getUri();
diff --git a/tests/e2e/src/test/java/org/glassfish/jersey/tests/e2e/client/connector/ssl/SslConnectorConfigurationTest.java b/tests/e2e/src/test/java/org/glassfish/jersey/tests/e2e/client/connector/ssl/SslConnectorConfigurationTest.java
@@ -141,4 +141,31 @@ public void testSSLAuth1() throws Exception {
 
         assertTrue(caught);
     }
+
+    /**
+     * Test that a response to an authentication challenge has the same SSL configuration as the original request.
+     */
+    @Test
+    public void testSSLWithNonPreemptiveAuth() throws Exception {
+        final SSLContext sslContext = getSslContext();
+
+        final ClientConfig cc = new ClientConfig().connectorProvider(connectorProvider);
+        final Client client = ClientBuilder.newBuilder()
+                .withConfig(cc)
+                .sslContext(sslContext)
+                .build();
+
+        // client basic auth demonstration
+        HttpAuthenticationFeature authFeature = HttpAuthenticationFeature.basicBuilder()
+                .nonPreemptive()
+                .credentials("user", "password")
+                .build();
+
+        client.register(authFeature);
+        final WebTarget target = client.target(Server.BASE_URI).register(new LoggingFilter());
+
+        final Response response = target.path("/").request().get(Response.class);
+
+        assertEquals(200, response.getStatus());
+    }
 }
