Up to now it was possible to access updatecenters with user authentication due
to handling code inside NbAuthenticator. The last changes seem to correct those
perhaps unwanted side effects, but now it is not possible to enter
authentication information on an authentication challenge sent from the server.
Since there is no eays way to do this now a quick solution would be appreciated.
I found this issue while trying to help someone on the dev@openide list who wanted to do the same thing. From my
research, I found this is a somewhat common request but has no good solution so I have voted for the issue to reflect that.
The approaches that seem possible without this RFE seem to be (just speculation as I have not tried either one):
1. You could create and register an instance of UpdateProvider. When that UpdateProvider is requested to provide
information, it could attempt to authenticate the user, then parse the data from the update center URL (e.g. the XML
file) and then return the requested information. This would be cumbersome but would allow a lot of flexibility (the
update center info could actually reside in a database, for example).
2. You could create a ModuleInstall class which registers your own java.net.Authenticator as the default, and it could
pay attention to the requested URL. If the URL for your password-protected update center was requested, then it could
prompt for authentication for that UC; otherwise it could delegate to the normal org.netbeans.core.NbAuthenticator that
NetBeans installs. But since the NbAuthenticator is not part of a public API, you would have to access it via
reflection and this would be fragile. It also might not work well (or at least be more difficult) if the user has a
password-protected proxy server.
Reassigning to the new "autoupdate/*" owner dlipin.
Give me some testcase or a way to reproduce the problem, please.