With using Community Edition Version 9.9 (build 65466), I tried to use the web_api with the java.net http client.
Now I have the problem that it first makes an unauthenticated call and gets a 401 response.
But this response is missing the WWW-Authenticate
header that is mandatory for such responses and aborts with an error instead of trying again with basic authentication.
SonarQube should properly set the WWW-Authenticate
header in 401 responses.