8209094: Improve web server connections

Reviewed-by: chegar, dfuchs, mschoene, igerasim
2025-09-20 11:04:34 +02:00 · 2018-10-05 08:54:10 +01:00 · 2018-10-05 08:54:10 +01:00 · ef75339a1e
commit ef75339a1e
parent 8f14f8b2a7
6 changed files with 170 additions and 13 deletions
--- a/src/java.base/share/classes/sun/net/www/protocol/http/ntlm/NTLMAuthenticationCallback.java
+++ b/src/java.base/share/classes/sun/net/www/protocol/http/ntlm/NTLMAuthenticationCallback.java
@ -33,8 +33,7 @@ import java.net.URL;
 * credentials without prompting) should only be tried with trusted sites.
 */
 public abstract class NTLMAuthenticationCallback {
-    private static volatile NTLMAuthenticationCallback callback =
-            new DefaultNTLMAuthenticationCallback();
+    private static volatile NTLMAuthenticationCallback callback;

    public static void setNTLMAuthenticationCallback(
            NTLMAuthenticationCallback callback) {
@ -50,10 +49,5 @@ public abstract class NTLMAuthenticationCallback {
     * transparent Authentication.
     */
    public abstract boolean isTrustedSite(URL url);
-
-    static class DefaultNTLMAuthenticationCallback extends NTLMAuthenticationCallback {
-        @Override
-        public boolean isTrustedSite(URL url) { return true; }
-    }
 }

--- a/src/java.base/share/conf/net.properties
+++ b/src/java.base/share/conf/net.properties
@ -1,5 +1,5 @@
 ############################################################
-#  	Default Networking Configuration File
+#       Default Networking Configuration File
 #
 # This file may contain default values for the networking system properties.
 # These values are only used when the system properties are not specified
@ -110,3 +110,23 @@ jdk.http.auth.tunneling.disabledSchemes=Basic
 #
 # jdk.httpclient.allowRestrictedHeaders=host
 #
+#
+# Transparent NTLM HTTP authentication mode on Windows. Transparent authentication
+# can be used for the NTLM scheme, where the security credentials based on the
+# currently logged in user's name and password can be obtained directly from the
+# operating system, without prompting the user. This property has three possible
+# values which regulate the behavior as shown below. Other unrecognized values
+# are handled the same as 'disabled'. Note, that NTLM is not considered to be a
+# strongly secure authentication scheme and care should be taken before enabling
+# this mechanism.
+#
+# Transparent authentication never used.
+#jdk.http.ntlm.transparentAuth=disabled
+#
+# Enabled for all hosts.
+#jdk.http.ntlm.transparentAuth=allHosts
+#
+# Enabled for hosts that are trusted in Windows Internet settings
+#jdk.http.ntlm.transparentAuth=trustedHosts
+#
+jdk.http.ntlm.transparentAuth=disabled