Return-Path: 
 <httpclient-user-return-2967-apmail-jakarta-httpclient-user-archive=jakarta.apache.org@jakarta.apache.org>
Delivered-To: apmail-jakarta-httpclient-user-archive@www.apache.org
Received: (qmail 68534 invoked from network); 18 Sep 2006 20:25:40 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur.apache.org with SMTP; 18 Sep 2006 20:25:40 -0000
Received: (qmail 69651 invoked by uid 500); 18 Sep 2006 20:25:39 -0000
Delivered-To: apmail-jakarta-httpclient-user-archive@jakarta.apache.org
Received: (qmail 69636 invoked by uid 500); 18 Sep 2006 20:25:38 -0000
Mailing-List: contact httpclient-user-help@jakarta.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:httpclient-user-help@jakarta.apache.org>
List-Unsubscribe: <mailto:httpclient-user-unsubscribe@jakarta.apache.org>
List-Post: <mailto:httpclient-user@jakarta.apache.org>
List-Id: "HttpClient User Discussion" <httpclient-user.jakarta.apache.org>
Reply-To: "HttpClient User Discussion" <httpclient-user@jakarta.apache.org>
Delivered-To: mailing list httpclient-user@jakarta.apache.org
Received: (qmail 69624 invoked by uid 99); 18 Sep 2006 20:25:38 -0000
Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 18 Sep 2006 13:25:38 -0700
X-ASF-Spam-Status: No, hits=1.9 required=10.0
	tests=DNS_FROM_RFC_ABUSE,DNS_FROM_RFC_POST,MSGID_FROM_MTA_HEADER,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (asf.osuosl.org: domain of mikewse@hotmail.com designates
 65.54.246.156 as permitted sender)
Received: from [65.54.246.156] (HELO bay0-omc2-s20.bay0.hotmail.com)
 (65.54.246.156)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 18 Sep 2006 13:25:34 -0700
Received: from hotmail.com ([64.4.38.80]) by bay0-omc2-s20.bay0.hotmail.com
 with Microsoft SMTPSVC(6.0.3790.1830);
	 Mon, 18 Sep 2006 13:25:14 -0700
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC;
	 Mon, 18 Sep 2006 13:25:13 -0700
Message-ID: <BAY116-DAV83F34FD692EBC2F3E28D1A42D0@phx.gbl>
Received: from 84.218.35.76 by BAY116-DAV8.phx.gbl with DAV;
	Mon, 18 Sep 2006 20:25:12 +0000
X-Originating-IP: [84.218.35.76]
X-Originating-Email: [mikewse@hotmail.com]
X-Sender: mikewse@hotmail.com
From: "Mike Wilson" <mikewse@hotmail.com>
To: "'HttpClient User Discussion'" <httpclient-user@jakarta.apache.org>
Subject: RE: NTLM Authentication credentials
Date: Mon, 18 Sep 2006 22:25:10 +0200
Message-ID: <002e01c6db60$89e7c8d0$0a01a8c0@mikedeskxp>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
In-Reply-To: <450EF587.1030306@dubioso.net>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962
Thread-Index: AcbbWZl4AfCVtLNHQhmuoCNehPp0qQAAT2gQ
X-OriginalArrivalTime: 18 Sep 2006 20:25:13.0691 (UTC)
 FILETIME=[8BE34AB0:01C6DB60]
X-Virus-Checked: Checked by ClamAV on apache.org
X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N

I think there is a problem that NTLM is such a small obscure detail for
many software developers that they don't realize that they exclude
Microsoft networks when choosing to develop with HttpClient. I have 
gone through an opinion transition myself when I started to work for a 
big corporation a couple of years ago. 
Before starting there I couldn't care less about NTLM, but after 
seeing the effect from the "inside", realizing how many Java programs
based on HttpClient are rendered unusable at work, it opened my eyes.
The very same programs would have worked fine if they had been using
the standard HttpURLConnection from the JDK (since 1.4.2).
And it's unfortunate that it is giving Java a bad name in these
communities.

So guys, please don't get me wrong. I am not saying that you are doing
a bad job. But please understand that there are tens of thousands of
developers and users working behind NTLM2 Microsoft proxy servers, that
can't use their HttpClient-based programs to the full extent. And
probably the creators of these programs weren't even aware of this 
limitation as they didn't sit behind an NTLM proxy themselves...

Having hit this limitation a number of times at work, I have been 
wondering if it would be possible to somehow have HttpClient use the
JDK's HttpURLConnection, instead of a plain socket? Then HttpClient
would get the same NTLM compatibility as the JDK for free.
I'm sure there are problems, but maybe this could be introduced as 
some kind of limited-functionality compatibility mode, transparent to
the calling application? The ideal thing would be if I could set a
global property on the command line to activate this mode and not 
having to rely on that the application is somehow "customized" for it.

Even if just doing some kind of hack that only works for 50% of the
cases, I think it would be highly appreciated by the users. 

Best regards
Mike


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org