According to JENKINS-3796 this should work, but I cannot get the CLI to use HTTP basic auth by putting the details in the URL as directed - e.g:

java jar target/cli-1.495-SNAPSHOT-jar-with-dependencies.jar -s http://tim:test@example.com/jenkins help

I have modified the source to add some logging, and I get:

$ java -jar target/cli-1.495-SNAPSHOT-jar-with-dependencies.jar -s http://user:pass@example.com/jenkins help
14/12/2012 11:20:58 AM hudson.cli.CLI connectViaHttp
FINE: Trying to connect to http://user:pass@example.com/jenkins/ via HTTP
14/12/2012 11:20:58 AM hudson.cli.FullDuplexHttpStream <init>
INFO: FullDuplexHttpStream.init: target = http://user:pass@example.com/jenkins/cli, target.getUserInfo() = user:pass authorization = null

( ... followed by an irrelevant error about example.com not looking like jenkins)

Note that auth is null, despite the details being present in the URL.

After modifying Cli.java connectViaHtpp to not pass in the second (`authorization`) argument to the FullDuplexHttpStream constructor, I get the auth being pulled from the URL as desired:

$ java -jar target/cli-1.495-SNAPSHOT-jar-with-dependencies.jar -s http://user:pass@example.com/jenkins help
14/12/2012 11:23:18 AM hudson.cli.CLI connectViaHttp
FINE: Trying to connect to http://user:pass@example.com/jenkins/ via HTTP
14/12/2012 11:23:18 AM hudson.cli.FullDuplexHttpStream <init>
INFO: FullDuplexHttpStream.init: target = http://user:pass@example.com/jenkins/cli, target.getUserInfo() = user:pass authorization = Basic dXNlcjpwYXNz

I don't know if this is the right fix, but the current code (pulling auth only from the CLIConnectionFactory) is pointless in CLI code, as nothing ever calls authorization() on the CLIConnectionFactory (I may have missed something, but this is how I read it).

Unfortunately even with this patch I can't get my cli client to work, but my jenkins is reverse-proxied behind apache with https, so that may be another matter - it at least no longer fails immediately with HTTP 401.