commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Dever <>
Subject Re: [HttpClient] Method to determine required credential type
Date Wed, 25 Sep 2002 11:00:58 GMT
Is there a case for returning a class object, as opposed to just returning
"Basic", "Digest" or "NTLM" (or null).

Adrian Sutton wrote:

> HttpClient has the ability to use different Credential classes for different
> authentication schemes (and is required for NTLM), however there is
> currently no way to find out which class is required when authenticating
> without pulling out the WWW-Authenticate header and parsing it.
> Would people agree to adding a method that returns the Class required for
> authentication?  I'd suggest it should go into HttpState since that's where
> the credentials are set.  It would have the following cases:
> No authentication required (because a request hasn't yet been made or
> because there was no 401 response): return null.
> Basic or Digest: return UsernamePasswordCredentials.class
> NTLM authentication: return NTCredentials.class
> Unsupported authentication scheme: null
> Others to be added as more authentication schemes are added.  This
> functionality will be essential when pluggable authentication modules comes
> in but would be useful even now.  I can get to work coding this if the idea
> is worthwhile (and I haven't missed something in the current docs).

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message