When using a request like new HttpGet("http://user:firstname.lastname@example.org/") HttpClient will send along Authorization: Basic header with the first request (even if the server uses Digest Access).
The expected behaviour is for HttpClient to send a request with no user credentials at all, wait for the server to send a 401 response. Then based on the supported auth scheme, send another request with the credentials in a scheme that is supported by the server.
|Field||Original Value||New Value|
|Fix Version/s||4.3 Beta2 [ 12324304 ]|
|Status||Open [ 1 ]||Resolved [ 5 ]|
|Resolution||Fixed [ 1 ]|
|Status||Resolved [ 5 ]||Closed [ 6 ]|
|Transition||Time In Source Status||Execution Times||Last Executer||Last Execution Date|
|26d 11h 27m||1||Oleg Kalnichevski||16/May/13 15:18|
|142d 5h 23m||1||Oleg Kalnichevski||05/Oct/13 20:42|