Allow ant:get task to disable authentication on redirect.

see #173

3 files changed, 32 insertions, 3 deletions

diff --git a/WHATSNEW b/WHATSNEW
index 7ad9c455d..3c207a8e2 100644
--- a/WHATSNEW
+++ b/WHATSNEW
@@ -1,6 +1,15 @@
 Changes from Ant 1.9.16 TO Ant 1.9.17
 =====================================
 
+Changes that could break older environments:
+--------------------------------------------
+
+* <get> has a new attribute authenticateOnRedirect that can be used to
+  prevent Ant from sending the configured credentials when following a
+  redirect. It is false by default, which means builds that rely on
+  credentials being used on the redirected URI may break.
+  Github Pull Request #173
+
 Fixed bugs:
 -----------
 
diff --git a/manual/Tasks/get.html b/manual/Tasks/get.html
index a2c9b7e59..0ca90657b 100644
--- a/manual/Tasks/get.html
+++ b/manual/Tasks/get.html
@@ -98,6 +98,12 @@ plain text' authentication is used. This is only secure over an HTTPS link.
     <td align="center" valign="top">if username is set</td>
   </tr>  
   <tr>
+    <td>authenticateOnRedirect</td>
+    <td>Whether the credentials should also be sent to the new location when a redirect is followed.<br/>
+    <em>since Ant 1.9.17</em></td>
+    <td>No; default is <q>false</q></td>
+  </tr>
+  <tr>
     <td valign="top">maxtime</td>
     <td valign="top">Maximum time in seconds a single download may take,
       otherwise it will be interrupted and treated like a download
diff --git a/src/main/org/apache/tools/ant/taskdefs/Get.java b/src/main/org/apache/tools/ant/taskdefs/Get.java
index 1d4ba4f83..a939a70e6 100644
--- a/src/main/org/apache/tools/ant/taskdefs/Get.java
+++ b/src/main/org/apache/tools/ant/taskdefs/Get.java
@@ -78,6 +78,7 @@ public class Get extends Task {
     private boolean ignoreErrors = false;
     private String uname = null;
     private String pword = null;
+    private boolean authenticateOnRedirect = false;
     private long maxTime = 0;
     private int numberRetries = NUMBER_RETRIES;
     private boolean skipExisting = false;
@@ -403,6 +404,16 @@ public class Get extends Task {
     }
 
     /**
+     * If true, credentials are set when following a redirect to a new location.
+     *
+     * @param v "true" to enable sending the credentials on redirect; "false" otherwise
+     * @since Ant 1.9.17
+     */
+    public void setAuthenticateOnRedirect(final boolean v) {
+        this.authenticateOnRedirect = v;
+    }
+
+    /**
      * The time in seconds the download is allowed to take before
      * being terminated.
      *
@@ -649,7 +660,7 @@ public class Get extends Task {
 
         private boolean get() throws IOException, BuildException {
 
-            connection = openConnection(source);
+            connection = openConnection(source, uname, pword);
 
             if (connection == null) {
                 return false;
@@ -699,7 +710,8 @@ public class Get extends Task {
             return true;
         }
 
-        private URLConnection openConnection(final URL aSource) throws IOException {
+        private URLConnection openConnection(final URL aSource, final String uname,
+                                             final String pword) throws IOException {
 
             // set up the URL connection
             final URLConnection connection = aSource.openConnection();
@@ -753,7 +765,9 @@ public class Get extends Task {
                     if (!redirectionAllowed(aSource, newURL)) {
                         return null;
                     }
-                    return openConnection(newURL);
+                    return openConnection(newURL,
+                        authenticateOnRedirect ? uname : null,
+                        authenticateOnRedirect ? pword : null);
                 }
                 // next test for a 304 result (HTTP only)
                 final long lastModified = httpConnection.getLastModified();