FULL PRODUCT VERSION :
Java(TM) SE Runtime Environment (build 1.6.0-beta2-b86)
Java HotSpot(TM) Client VM (build 1.6.0-beta2-b86, mixed mode, sharing)

ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows 2000 [Version 5.00.2195]

A DESCRIPTION OF THE PROBLEM :
The original requestPasswordAuthentication methods in java.net.Authenticator no longer work in JDK 1.6 beta2. However the requestPasswordAuthentication method newly added in JDK 1.5 works fine.

The method fails inside DeployAuthenticator with the following exception.

java.lang.NullPointerException
at com.sun.deploy.security.DeployAuthenticator.getPath(Unknown Source)
at com.sun.deploy.security.CredentialManager.buildConnectionKey(Unknown Source)
at com.sun.deploy.security.DeployAuthenticator.getPasswordAuthentication(Unknown Source)
at java.net.Authenticator.requestPasswordAuthentication(Unknown Source)
at TestAuthenticatorApplet$1.run(TestAuthenticatorApplet.java:15)
at java.security.AccessController.doPrivileged(Native Method)
at TestAuthenticatorApplet.start(TestAuthenticatorApplet.java:12)
at sun.applet.AppletPanel.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)

Please run the attached applet with the plugin that comes with JDK1.6 beta2.



REPRODUCIBILITY :
This bug can be reproduced always.

---------- BEGIN SOURCE ----------
import java.security.*;
import javax.swing.*;
import java.net.*;

public class TestAuthenticatorApplet extends JApplet {
    public void init() {
        System.out.println(">>>init");
    }
    public void start() {
        System.out.println(">>>start");
        try {
            AccessController.doPrivileged(new PrivilegedAction() {
                public Object run() {
                    try {
                        PasswordAuthentication a = Authenticator.requestPasswordAuthentication(
                            "localhost",
                            InetAddress.getLocalHost(),
                            80,
                            "http",
                            "TestRealm",
                            "BASIC"
                        );
                        System.out.println(">>>a.username="+a.getUserName()+",a.password="+new String(a.getPassword()));
                        return a;
                    } catch (Exception e) {
                        e.printStackTrace();
                        return null;
                    }
                }
            });
        } catch (Exception ex) {
            ex.printStackTrace();
        }
    }
    public void stop() {
        System.out.println(">>>stop");
    }
    public void destroy() {
        System.out.println(">>>destroy");
    }
}



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD>
<TITLE> Test Authenticator </TITLE>
</HEAD>
<BODY>
    <table width="100%" height="100%" border="1">
      <tr>
        <td>
<OBJECT classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93" WIDTH="100%" HEIGHT="100%">
<PARAM NAME="ARCHIVE" VALUE="test-authenticator.jar">
<PARAM NAME="CODE" VALUE="TestAuthenticatorApplet">
<PARAM NAME="WIDTH" VALUE="100%">
<PARAM NAME="HEIGHT" VALUE="100%">
</OBJECT>
        </td>
      </tr>
    </table>
</BODY>
</HTML>

---------- END SOURCE ----------

CUSTOMER SUBMITTED WORKAROUND :
Use the following new requestPasswordAuthentication method added in JDK 1.5.

public static PasswordAuthentication requestPasswordAuthentication(
String host,
InetAddress addr,
int port,
String protocol,
String prompt,
String scheme,
URL url,
RequestorType reqType)

Release Regression From : mustang
The above release value was the last known release where this
bug was not reproducible. Since then there has been a regression.