Invalidate credentials if the server rejects them.

net/http/http_auth_controller.h

Index: net/http/http_auth_controller.h
diff --git a/net/http/http_auth_controller.h b/net/http/http_auth_controller.h
index 0b7f4308d802ed35f1f62d48841b07004dfdeb82..c4fc15e4d747aed5d3350d2bd664a7d29c44a4f8 100644
--- a/net/http/http_auth_controller.h
+++ b/net/http/http_auth_controller.h
@@ -73,6 +73,12 @@ class HttpAuthController : public base::RefCounted<HttpAuthController>,
   virtual void DisableAuthScheme(HttpAuth::Scheme scheme);
 
  private:
+  // Actions for InvalidateCurrentHandler()
+  enum InvalidateHandlerAction {
+    INVALIDATE_HANDLER_AND_CACHED_CREDENTIALS,
+    INVALIDATE_HANDLER
+  };
+
   // So that we can mock this object.
   friend class base::RefCounted<HttpAuthController>;
 
@@ -84,7 +90,7 @@ class HttpAuthController : public base::RefCounted<HttpAuthController>,
   bool SelectPreemptiveAuth(const BoundNetLog& net_log);
 
   // Invalidates the current handler, including cache.

[wtc, 2011/02/22 23:17:32]

IMPORTANT: please update the comment.  "including cache"
is now true only if the 'action' argument is
INVALIDATE_HANDLER_AND_CACHED_CREDENTIALS.

[asanka, 2011/02/23 18:06:40]

I'll fix this in another CL, since I already landed this one.

-  void InvalidateCurrentHandler();
+  void InvalidateCurrentHandler(InvalidateHandlerAction action);
 
   // Invalidates any auth cache entries after authentication has failed.
   // The identity that was rejected is |identity_|.