apache · bodewig · Dec 22, 2021 · Dec 20, 2021
diff --git a/manual/Tasks/get.html b/manual/Tasks/get.html
@@ -91,6 +91,12 @@ <h3>Parameters</h3>
     <td>password for basic HTTP authentication</td>
     <td>Yes if <var>username</var> is set</td>
   </tr>
+  <tr>
+    <td>authenticateOnRedirect</td>
+    <td>Whether the credentials should also be sent to the new location when a redirect is followed.<br/>
+    <em>since Ant 1.10.13</em></td>
+    <td>No; default is <q>true</q></td>
+  </tr>
   <tr>
     <td>maxtime</td>
     <td>Maximum time in seconds a single download may take, otherwise it will be interrupted and

diff --git a/src/main/org/apache/tools/ant/taskdefs/Get.java b/src/main/org/apache/tools/ant/taskdefs/Get.java
@@ -82,6 +82,7 @@ public class Get extends Task {
     private boolean ignoreErrors = false;
     private String uname = null;
     private String pword = null;
+    private boolean authenticateOnRedirect = true; // on by default for backward compatibility
     private long maxTime = 0;
     private int numberRetries = NUMBER_RETRIES;
     private boolean skipExisting = false;
@@ -405,6 +406,16 @@ public void setPassword(final String p) {
         this.pword = p;
     }
 
+    /**
+     * If true, credentials are set when following a redirect to a new location.
+     *
+     * @param v "true" to enable sending the credentials on redirect; "false" otherwise
+     * @since Ant 1.10.13
+     */
+    public void setAuthenticateOnRedirect(final boolean v) {
+        this.authenticateOnRedirect = v;
+    }
+
     /**
      * The time in seconds the download is allowed to take before
      * being terminated.
@@ -685,7 +696,7 @@ public void run() {
 
         private boolean get() throws IOException, BuildException {
 
-            connection = openConnection(source);
+            connection = openConnection(source, uname, pword);
 
             if (connection == null) {
                 return false;
@@ -735,7 +746,8 @@ private boolean redirectionAllowed(final URL aSource, final URL aDest) {
             return true;
         }
 
-        private URLConnection openConnection(final URL aSource) throws IOException {
+        private URLConnection openConnection(final URL aSource, final String uname,
+                                             final String pword) throws IOException {
 
             // set up the URL connection
             final URLConnection connection = aSource.openConnection();
@@ -795,7 +807,9 @@ private URLConnection openConnection(final URL aSource) throws IOException {
                     if (!redirectionAllowed(aSource, newURL)) {
                         return null;
                     }
-                    return openConnection(newURL);
+                    return openConnection(newURL,
+                        authenticateOnRedirect ? uname : null,
+                        authenticateOnRedirect ? pword : null);
                 }
                 // next test for a 304 result (HTTP only)
                 final long lastModified = httpConnection.getLastModified();