Name: rmT116609 Date: 10/22/2003


A DESCRIPTION OF THE REQUEST :
The current Authenticator API makes it difficult to use HttpURLConnection
to fetch documents from a web site where different usernames / passwords
control access to different parts of the web. I woulds like an additional
method (or methods) on java.net.Authenticator that allow the authenticator
to find the 'path' component and/or the complete URL. It would be OK if
the methods returned 'null' in cases where the information is unavailable.

JUSTIFICATION :
Consider an application that has a table of URL/user/password tuple. Currently,
an application's Authenticator class can do one of two things:

  * It can look for a match in the table based on the host/port/protocol.
     If there are URLs with the same host/port/protocol that require different
     user/password combinations, this fails.

  * It can rely on the code that calls URL.getConnection to put the URL into
     a global (static) or thread local, and get the information it needs
     through the back door. This is messy. Also, it fails if the JRE code
     that calls the Authenticator caches the PasswordAuthentications keyed
     by host/port/protocol. [Is the JRE's authentication caching behaviour
     specified anywhere??]

With the proposed methods, the app's Authenticator can be implemented simply
and cleanly.
(Incident Review ID: 216094)
======================================================================