RFR: 8340182: Java HttpClient does not follow default retry limit of 3 retries [v4]
p-nima
duke at openjdk.org
Wed Jun 11 10:29:35 UTC 2025
On Tue, 10 Jun 2025 15:10:36 GMT, Daniel Fuchs <dfuchs at openjdk.org> wrote:
>> test/jdk/java/net/httpclient/HttpClientAuthRetryLimitTest.java line 136:
>>
>>> 134: } else {
>>> 135: assertEquals(0, totalRequestCount - 1);
>>> 136: }
>>
>> Ok - so now we're getting somewhere. This lets me think that the change in the AuthenticationFilter is not right. The specification says:
>>
>>> jdk.httpclient.auth.retrylimit (default: 3)
>>> The number of attempts the Basic authentication filter will attempt to retry a failed authentication.
>>
>> When I read this, I expect that if the limit is 0, no retries, then the Authenticator will be called once, and if the authentication fails with these credentials, then the request will fail.
>> If the limit is 1, then we will retry once, which means the Authenticator should be called twice, and so on.
>>
>> So maybe we should always assert that totalRequestCount == `Math.max(RETRY_LIMIT, 0) + 1`?
>
> @Michael-Mc-Mahon Is my interpretation above correct?
@dfuch As per my understanding, the current changes do reflect the correct behaviour, as when the request comes in it first goes through the authenticator. If the authentication fails we need to consider this failure in no of retries. (as the client should not try to get the credentials again)
@Michael-Mc-Mahon if you could please provide some additional context on this and if my interpretation is correct.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/25490#discussion_r2139779099
More information about the net-dev
mailing list