HttpClient has the ability to use different Credential classes for different authentication schemes (and is required for NTLM), however there is currently no way to find out which class is required when authenticating without pulling out the WWW-Authenticate header and parsing it.
Would people agree to adding a method that returns the Class required for authentication? I'd suggest it should go into HttpState since that's where the credentials are set. It would have the following cases: No authentication required (because a request hasn't yet been made or because there was no 401 response): return null. Basic or Digest: return UsernamePasswordCredentials.class NTLM authentication: return NTCredentials.class Unsupported authentication scheme: null Others to be added as more authentication schemes are added. This functionality will be essential when pluggable authentication modules comes in but would be useful even now. I can get to work coding this if the idea is worthwhile (and I haven't missed something in the current docs). Adrian Sutton, Software Engineer Ephox Corporation www.ephox.com This email and any files transmitted with it are confidential and intended solely for the use of the individual to whom they are addressed. Opinions contained in this email do not necessarily reflect the opinions of Ephox Corporation. If you have received this email in error please notify the sender immediately and delete all copies of the correspondence from your computer and/or computer network. No warranty is given that this message upon its receipt is virus free and the sender in this respect accepts no liability. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>