HttpClient ships with several AuthScheme
implementations:

  • Basic:
    Basic authentication scheme as defined in RFC 2617. This authentication
    scheme is insecure, as the credentials are transmitted in clear text.
    Despite its insecurity Basic authentication scheme is perfectly adequate if
    used in combination with the TLS/SSL encryption.

  • Digest.
    Digest authentication scheme as defined in RFC 2617. Digest authentication
    scheme is significantly more secure than Basic and can be a good choice for
    those applications that do not want the overhead of full transport security
    through TLS/SSL encryption.

  • NTLM:
    NTLM is a proprietary authentication scheme developed by Microsoft and
    optimized for Windows platforms. NTLM is believed to be more secure than
    Digest.

  • SPNEGO:
    SPNEGO (Simple and
    Protected GSSAPI
    Negotiation Mechanism) is a GSSAPI
    "pseudo mechanism" that is used to negotiate one of a number of possible
    real mechanisms. SPNEGO's most visible use is in Microsoft's HTTP
    Negotiate
    authentication extension. The negotiable
    sub-mechanisms include NTLM and Kerberos supported by Active Directory.
    At present HttpClient only supports the Kerberos sub-mechanism.

  • Kerberos:
    Kerberos authentication implementation.

发表回复