Hello,

I'm using QNetworkAccessManager and connect its signal authenticationRequired to a slot which fills in the username and password to QAuthenticator object.

According to the documentation:

QNetworkAccessManager will cache the credentials internally and will send the same values if the server requires authentication again, without emitting the authenticationRequired() signal. If it rejects the credentials, this signal will be emitted again.

Now, suppose that user logins. Application sends request to an URL for login (e.g. http:\\www.a.com\login) and the username and password are provided by slot of authenticationRequired ().
The first time, the process success !!!! Of course !!

The problem is that if user logouts, then he login again with the same username but incorrect password. Now, because the url is not changed, the username is not changed then QNetworkAccessManager won't emit authenticationRequired(). Instead, QNetworkAccessManager retrieve the last password (the first password) and send it to the server. And because the cached password is correct, the user can login with an incorrect password. This is completely wrong.

Is there any idea how to solve the problem?

Thanks a lot

Hai

Hello,

The problem is that if user logouts, then he login again with the same username but incorrect password. Now, because the url is not changed, the username is not changed then QNetworkAccessManager won't emit authenticationRequired(). Instead, QNetworkAccessManager retrieve the last password (the first password) and send it to the server. And because the cached password is correct, the user can login with an incorrect password. This is completely wrong.

Is there any idea how to solve the problem?

Thanks a lot

Hai

This is a bug. For example, similar bug was reported here: http://bugreports.qt.nokia.com/browse/QTBUG-15566.
I think you should report about your problem to Qt's bug tracker.