Github user michael-o commented on the issue:
https://github.com/apache/httpcomponents-client/pull/66
@semancik. While I see the usecase in WinRM, I do not agree that it cannot
be achieved with Kerberos. It just seems to be tedious to maintain
resourced-based contrained delegation. CredSSP frees you from that with a high
cost, imho. But how do you utilize it with HTTP, you haven't made that clear.
Are you managing servers with custom code via SOAP?
> Obviously, this form of cooperation is not possible. Firstly, it is very
difficult to cooperate with HTTP client team. E.g. we cannot really agree on
basic issues, such as whether implementation of inherently stateful protocols
such as NTLM should be stateful or stateless (not to mention code formatting,
but that in fact is not a real problem).
Which issues did you face besides the disagreement on the protocol? NTLM is
stateful by default, it can't be anything less. It *is* bound to the TCP
connection. Period. There should be any other opinion on that.
> Therefore a better way would be to have authentication methods
pluggable. I think that should be the next milestone.
Don't we have this alreay in the client with auth schemes? You can plug
your own, can't you?
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
