http://cr.openjdk.java.net/~chegar/8005638/webrev/
Also, a test to verify this all works as expected has been added. It could be cleaned up somewhat when a standard way to determine the profile has been added ( but this is not critical ).
-Chris.
With compact profiles imminent, see http://openjdk.java.net/jeps/161,
more heavy weight HTTP authentication schemes, like NTLM, Kerberos,
Negotiate, may not be in the smaller profiles. In such cases the HTTP
client, HttpURLConnection, should use the most secure scheme advertised
by the server, and also supported by the running JRE. This seems to work
with Kerberos and Negotiate, but there is an issue with NTLM.
- RFR 8005638: Less secure Authentication schemes should work ... Chris Hegarty
- Re: RFR 8005638: Less secure Authentication schemes sho... Alan Bateman
- Re: RFR 8005638: Less secure Authentication schemes... Chris Hegarty
- Re: RFR 8005638: Less secure Authentication sch... Alan Bateman
- Re: RFR 8005638: Less secure Authentication... Chris Hegarty
