Agreed. However, that still poses the same problem: how do we tell NTLM
authentication from all others? I do not see a way around that ugly test for the
2.0 branch at least:
if ("NTLM".equalsIgnoreCase(authscheme.getSchemeName())) {
// clean up
}
As far as HEAD CVS goes, there are more elegant solutions, which would require AuthScheme interface extension, though.
What are your thoughts?
Hi Oleg,
In HEAD I agree that we have better options. Most likely we will need to extend AuthScheme as you mention to include a flag for connection/request based authentication.
As far as 2.0 goes, I think that testing for NTLM is acceptable for now, but I think the patch as it is will not handle all cases. In particular I think NTLM proxy and Basic host will fail. This is because on the fourth request, when the proxy has authenticated, authscheme.getSchemeName() will return "BASIC", and the NTLM header will not be removed. The NTLM headers should only have a lifetime of a single request, we need some way to remove them every time. We may have to just explicitly remove any NTLM Proxy-Authentication or Authentication headers on every request.
Mike
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
