[jboss-jira] [JBoss JIRA] (DROOLS-693) UrlResource does not handle Basic Authentication correctly

Michael Anstis created DROOLS-693: ------------------------------------- Summary: UrlResource does not handle Basic Authentication correctly Key: DROOLS-693 URL: https://issues.jboss.org/browse/DROOLS-693 Project: Drools Issue Type: Bug Affects Versions: 6.2.0.CR4 Reporter: Michael Anstis Assignee: Mark Proctor Fix For: 6.2.0.Final See the following forum posts: [drools-usage] Loading Kie jar via HTTP causing HTTP 500 Error [drools-usage] integrate external project jar (created by WB) into our web application These both do something similar to this: {code} KieServices ks = KieServices.Factory.get(); KieRepository kr = ks.getRepository(); UrlResource urlResource = (UrlResource) ks.getResources().newUrlResource("http://ip:9080/kie-drools-wb-distribution/maven2/com/ost/myproj/1.0/myproj-1.0.jar"); urlResource.setUsername("username"); urlResource.setPassword("password"); urlResource.setBasicAuthentication("enabled"); InputStream is = null; try { is = urlResource.getInputStream(); KieModule kModule = kr.addKieModule( ks.getResources().newInputStreamResource(is) ); ... {code} UrlResources's grabStream() and grabLastMod() methods do not Base64 encode the UID:PWD in accordance with HTTP Specification http://tools.ietf.org/html/rfc2617#page-5. I'd be tempted to further improve UrlResource to only append Basic Authentication information *if* Basic Authentication has been enabled on the UrlResource instance. -- This message was sent by Atlassian JIRA (v6.3.11#6341)