HttpClient ships with several AuthScheme
implementations:
-
Basic:
Basic authentication scheme as defined in RFC 2617. This authentication
scheme is insecure, as the credentials are transmitted in clear text.
Despite its insecurity Basic authentication scheme is perfectly adequate if
used in combination with the TLS/SSL encryption. -
Digest.
Digest authentication scheme as defined in RFC 2617. Digest authentication
scheme is significantly more secure than Basic and can be a good choice for
those applications that do not want the overhead of full transport security
through TLS/SSL encryption. -
NTLM:
NTLM is a proprietary authentication scheme developed by Microsoft and
optimized for Windows platforms. NTLM is believed to be more secure than
Digest. -
SPNEGO:
SPNEGO
(Simple and
ProtectedGSSAPI
Negotiation Mechanism) is aGSSAPI
"pseudo mechanism" that is used to negotiate one of a number of possible
real mechanisms. SPNEGO's most visible use is in Microsoft'sHTTP
authentication extension. The negotiable
Negotiate
sub-mechanisms include NTLM and Kerberos supported by Active Directory.
At present HttpClient only supports the Kerberos sub-mechanism. -
Kerberos:
Kerberos authentication implementation.