RFR: 8372731: Detailed authentication failure messages [v2]

[Michael McMahon]

On Mon, 8 Dec 2025 19:25:23 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:

>> Currently the HttpUrlConnection throws a generic "Authentication failure" exception when authentication fails locally.
>> 
>> The authentication may fail for various reasons like: incorrect server challenge message, unavailable encryption/digest algorithms, encoding errors etc. The detailed failure information should be available to the user. Without it, the exception is next to impossible to diagnose, see [JDK-8347778](https://bugs.openjdk.org/browse/JDK-8347778) for example.
>> 
>> This PR adds the original exception as the cause of the "Authentication failure" exception.
>> 
>> The detailed exception messages are enabled by the "hostInfo" and "hostInfoExclSocket" categories of "jdk.includeInExceptions". Note that "hostInfoExclSocket" is enabled by default.
>> 
>> Added a new test to verify that the exception details are present when jdk.includeInExceptions includes hostInfoExclSocket (default), and absent otherwise. Existing tier1-3 tests continue to pass.
>
> Daniel Jeliński has updated the pull request incrementally with one additional commit since the last revision:
> 
>   Fail test if no exception is thrown

src/java.base/share/classes/sun/net/www/protocol/http/DigestAuthentication.java line 351:

> 349:             return null;
> 350:         }
> 351:     }

I was wondering if we should let the exception propagate in these cases as well. Though I think these methods get called primarily through pre-emptive authentication, which is less likely to fail (with an exception). So, maybe they are okay...

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/28601#discussion_r2614469045