The current implementation does not reflect the way GSS-API-based authentication should be done. It has several design flaws.
This is an umbrella task for:
1. Deprecate all old classes
2. Investigate how it has to be plugged into HttpClient
3. Reimplement from scratch
4. Thoroughly test all new stuff
5. Rewrite documentation
Design notes are canonically available under: https://wiki.apache.org/HttpComponents/IssueTracking/HTTPCLIENT-1625