In the docs for the org.apache.commons.httpclient.NTLM class is the note:
@deprecated this class will be made package access for 2.0beta2
However the class is still public. At this stage of the release should we just leave the class public for 2.0 and remove it in 2.1 (or 3.0?) or should we make it package access as planned?
Also, could someone a little more familiar with JCE and particularly with alternate JCE implementations enlighten me as to whether or not some of the problems people are having with using non-Sun JVMs or non-Sun JCE implementations could be related to the static section in NTLM.java. In particular the lines:
String secProviderName = System.getProperty("httpclient.security.provider", "com.sun.crypto.provider.SunJCE");
java.security.Provider secProvider = (java.security.Provider)Class.forName(secProviderName).newInstance();
Security.addProvider(secProvider);
Since I don't think we actually document the property httpclient.security.provider anywhere (yet) I doubt people are setting it, and thus we'd be registering the SunJCE provider if it was anywhere on the class path. I'd imagine that may cause a few problems, but I know practically nothing about JCE so hopefully I'm wrong.
Regards,
Adrian Sutton. ---------------------------------------------- Intencha "tomorrow's technology today" Ph: 38478913 0422236329 Suite 8/29 Oatland Crescent Holland Park West 4121 Australia QLD www.intencha.com
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
