[WAGON-481] Sensitive (auth) information is not cleared when HttpClientWagon is disconnected
Project: http://git-wip-us.apache.org/repos/asf/maven-wagon/repo Commit: http://git-wip-us.apache.org/repos/asf/maven-wagon/commit/424a3ef2 Tree: http://git-wip-us.apache.org/repos/asf/maven-wagon/tree/424a3ef2 Diff: http://git-wip-us.apache.org/repos/asf/maven-wagon/diff/424a3ef2 Branch: refs/heads/jetty-8 Commit: 424a3ef2c16fb78ab0cd6daadb516a5d9b233bba Parents: 512bf76 Author: Michael Osipov <micha...@apache.org> Authored: Wed Dec 28 01:28:49 2016 +0100 Committer: Michael Osipov <micha...@apache.org> Committed: Tue Jan 3 21:35:05 2017 +0100 ---------------------------------------------------------------------- .../wagon/providers/http/AbstractHttpClientWagon.java | 12 ++++++++++++ 1 file changed, 12 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/maven-wagon/blob/424a3ef2/wagon-providers/wagon-http/src/main/java/org/apache/maven/wagon/providers/http/AbstractHttpClientWagon.java ---------------------------------------------------------------------- diff --git a/wagon-providers/wagon-http/src/main/java/org/apache/maven/wagon/providers/http/AbstractHttpClientWagon.java b/wagon-providers/wagon-http/src/main/java/org/apache/maven/wagon/providers/http/AbstractHttpClientWagon.java index 9ef9544..c693cd0 100755 --- a/wagon-providers/wagon-http/src/main/java/org/apache/maven/wagon/providers/http/AbstractHttpClientWagon.java +++ b/wagon-providers/wagon-http/src/main/java/org/apache/maven/wagon/providers/http/AbstractHttpClientWagon.java @@ -469,6 +469,18 @@ public abstract class AbstractHttpClientWagon { httpClientConnectionManager.closeIdleConnections( 0, TimeUnit.MILLISECONDS ); } + + if ( authCache != null ) + { + authCache.clear(); + authCache = null; + } + + if ( credentialsProvider != null ) + { + credentialsProvider.clear(); + credentialsProvider = null; + } } public static void setPersistentPool( boolean persistentPool )
