On Sun, 29 Sep 2024 16:46:06 GMT, Michael McMahon <micha...@openjdk.org> wrote:
> This fix relaxes the constraints on user set authentication headers. > Currently, any user set authentication headers are filtered out, if the > HttpClient has an Authenticator set. The reason being that the authenticator > is expected to manage authentication. With this fix, it will be possible to > use pre-emptive authentication through user set headers, even if an > authenticator is set. The expected use case is where the authenticator would > manage either proxy or server authentication and the user set headers would > manage server authentication if the authenticator is managing proxy (or vice > versa). > If the pre-emptive authentication fails, then this behavior is disabled on > further retries and it would be up to the authenticator to provide the right > credentials then. > > Thanks, > Michael Would there be any merit to adding something to Builder.authenticator(Authenticator) to document the behavior? I don't think know if this would be an API note or impNote. I'm mostly wondering where a developer might read about how/when it is used. ------------- PR Comment: https://git.openjdk.org/jdk/pull/21249#issuecomment-2381454362
