On Mon, 8 Dec 2025 16:23:00 GMT, Daniel Fuchs <[email protected]> wrote:
>> Currently the HttpUrlConnection throws a generic "Authentication failure" >> exception when authentication fails locally. >> >> The authentication may fail for various reasons like: incorrect server >> challenge message, unavailable encryption/digest algorithms, encoding errors >> etc. The detailed failure information should be available to the user. >> Without it, the exception is next to impossible to diagnose, see >> [JDK-8347778](https://bugs.openjdk.org/browse/JDK-8347778) for example. >> >> This PR adds the original exception as the cause of the "Authentication >> failure" exception. >> >> The detailed exception messages are enabled by the "hostInfo" and >> "hostInfoExclSocket" categories of "jdk.includeInExceptions". Note that >> "hostInfoExclSocket" is enabled by default. >> >> Added a new test to verify that the exception details are present when >> jdk.includeInExceptions includes hostInfoExclSocket (default), and absent >> otherwise. Existing tier1-3 tests continue to pass. > > Since more than NTLM authentication has been improved, should we test the > other authentications too? Thanks @dfuch for the review. NTLM was the only authentication scheme where testing this was reasonably easy: - Basic doesn't throw exceptions, - Digest always suppresses the exceptions and relays the 401/407 response to the user, - I couldn't find any Kerberos / Negotiate tests I could adapt. I'll add the suggested assertion. ------------- PR Comment: https://git.openjdk.org/jdk/pull/28601#issuecomment-3628177440
