On Wed, 7 May 2025 14:39:35 GMT, kieran-farrell <[email protected]> wrote:
>> Clarificatiion of spec to outline that Authenticator.getRequestingURL()
>> returns null in the event that the corresponding request does not specify a
>> URL.
>
> kieran-farrell has updated the pull request incrementally with one additional
> commit since the last revision:
>
> revert changes
> Hello Michael @Michael-Mc-Mahon, while at it, do you think we should also
> update the specification of
> `Authenticator.requestPasswordAuthenticationInstance(...)` method to specify
> that the `url` parameter to it can be null. Right now it just says:
>
> ```java
> /**
> * Ask this authenticator for a password.
> *
> * @param host The hostname of the site requesting authentication.
> * @param addr The InetAddress of the site requesting authorization,
> * or null if not known.
> * @param port the port for the requested connection
> * @param protocol The protocol that's requesting the connection
> * ({@link java.net.Authenticator#getRequestingProtocol()})
> ...
> * @param url The requesting URL that caused the authentication
> ...
> public PasswordAuthentication
> requestPasswordAuthenticationInstance(String host,
> InetAddress addr,
> int port,
> String protocol,
> String prompt,
> String scheme,
> URL url,
> RequestorType reqType) {
> ```
I know this is a standalone class which can in theory be instantiated and these
methods called with `null` arguments, but I wonder is it possible in practice
for a real authentication to occur without a URL. I'm not sure it's worth
investing too much time in fixing all these inconsistencies.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/25097#issuecomment-2890987453
