Hi,
Thanks for the pointers.
> Just to mention a few:
>
https://urldefense.com/v3/__https://www.baeldung.com/java-9-http-client__;!!ACWV5N9M2RV99hQ!MbomkSmr-rXolK88z_JdINs3IEG8MTH_B7DHDq6wYgUeJQvZNGT7Iwb3yFswd57S1l85R53Yo_zq8zIvWdw$
>
https://urldefense.com/v3/__https://developer.ibm.com/tutorials/java-theory-and-practice-3/__;!!ACWV5N9M2RV99hQ!MbomkSmr-rXolK88z_JdINs3IEG8MTH_B7DHDq6wYgUeJQvZNGT7Iwb3yFswd57S1l85R53Yo_zqgE8E3ik$
"An Authenticator is an object that negotiates credentials
(HTTP authentication) for a connection.
It provides different authentication schemes (such as basic or
digest authentication)."
I believe that's a misunderstanding: you will notice that the text
talks about the Authenticator - not the HttpClient. But I do agree
that this text is misleading (even WRT Authenticator).
HttpURLConnection does support digest authentication out of the box.
It was a choice we made to not support any authentication scheme out
of the box, except Basic, in the new API.
As I said Digest can be easily implemented at the application level
if you need it, by handling the 401/407 responses at the application
level.
best regards,
-- daniel
