On Wed, 7 May 2025 14:39:35 GMT, kieran-farrell <d...@openjdk.org> wrote:
>> Clarificatiion of spec to outline that Authenticator.getRequestingURL() >> returns null in the event that the corresponding request does not specify a >> URL. > > kieran-farrell has updated the pull request incrementally with one additional > commit since the last revision: > > revert changes > Hello Michael @Michael-Mc-Mahon, while at it, do you think we should also > update the specification of > `Authenticator.requestPasswordAuthenticationInstance(...)` method to specify > that the `url` parameter to it can be null. Right now it just says: > > ```java > /** > * Ask this authenticator for a password. > * > * @param host The hostname of the site requesting authentication. > * @param addr The InetAddress of the site requesting authorization, > * or null if not known. > * @param port the port for the requested connection > * @param protocol The protocol that's requesting the connection > * ({@link java.net.Authenticator#getRequestingProtocol()}) > ... > * @param url The requesting URL that caused the authentication > ... > public PasswordAuthentication > requestPasswordAuthenticationInstance(String host, > InetAddress addr, > int port, > String protocol, > String prompt, > String scheme, > URL url, > RequestorType reqType) { > ``` I know this is a standalone class which can in theory be instantiated and these methods called with `null` arguments, but I wonder is it possible in practice for a real authentication to occur without a URL. I'm not sure it's worth investing too much time in fixing all these inconsistencies. ------------- PR Comment: https://git.openjdk.org/jdk/pull/25097#issuecomment-2890987453