- All Implemented Interfaces:
- org.apache.http.client.AuthCache
@ThreadSafe
public class HTTPAuthCache
extends org.apache.http.impl.client.BasicAuthCache
It turns out that the Apache httpclient code is not
well setup to handle dynamic credentials providers
such as UrlAuthenticatorDialog. These providers
will ask the user on the fly to provide a
set of credentials (typically username+pwd).
The provider can be set up to cache credentials
(again see UrlAuthenticatorDialog), but in the event
that the user gives bad credentials, the provider
cache clear function does not get called by AuthCache.
So, as a work-around, we use our own implementation
of BasicAuthCache that stores a list of credentials
providers and when the AuthCache.remove function is called,
it forwards it to the either the clear() function of the provider,
or, if it is an instance of HTTPCredentialsProvider, it will
call the remove function to provide finer-grain control.
This is an awful hack, but seems to be the simplest solution.