• The authentication schemes that are supported by HTTPClient

Basic

  • The basic authentication is defined in RFC 2617
  • It is not secure as it passes the credentials in clear text form
  • The security of basic authentication scheme can be enhanced by combining it with enhanced by combining it with TLS/SSL encryption
  • The getRequestingPrompt () method returns the Basic authentication realm as given by the server

Digest

  • Digest authentication scheme is defined in RFC 2617
  • It is more secure than the Basic authentication and suited for applications that do not require security through TLS/SSL
  • The getRequestingPrompt() method returns the Digest authentication realm as given by the server

NTLM

  • NTLM authentication scheme is defined by Microsoft and is more secure than Basic and less secure than Digest authentication
  • NTLM is used with proxies or servers and not both at the same time

HTTP Authentication Schemes (Cont’d)

HTTP Negotiate (SPNEGO)

  • HTTP Negotiate enables any GSS authentication to be used as a HTTP authentication protocol
  • At present, it supports only HTLM and Kerberos
  • Kerberos 5 Configuration: When SPNEGO calls the Kerberos V5 loginmodule to perform real work

The code used to configure Kerberos using Java system property java.security.krb5.c. is