Index: java/org/apache/commons/httpclient/HttpMethodDirector.java =================================================================== RCS file: /home/cvspublic/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpMethodDirector.java,v retrieving revision 1.13 diff -u -r1.13 HttpMethodDirector.java --- java/org/apache/commons/httpclient/HttpMethodDirector.java 12 Jan 2004 23:03:12 -0000 1.13 +++ java/org/apache/commons/httpclient/HttpMethodDirector.java 14 Jan 2004 17:49:40 -0000 @@ -65,6 +65,7 @@ import java.io.IOException; import java.util.ArrayList; +import java.util.Collection; import java.util.Iterator; import java.util.List; import java.util.Map; @@ -137,12 +138,11 @@ /** Whether preemtive proxy authentication is attempted */ private boolean proxyAuthPreemptive = false; - //TODO: to be parameterized - private static final List AUTH_PREFERENCES = new ArrayList(3); + private static final List DEFAULT_AUTH_PREFS = new ArrayList(3); static { - AUTH_PREFERENCES.add(AuthPolicy.NTLM); - AUTH_PREFERENCES.add(AuthPolicy.DIGEST); - AUTH_PREFERENCES.add(AuthPolicy.BASIC); + DEFAULT_AUTH_PREFS.add(AuthPolicy.NTLM); + DEFAULT_AUTH_PREFS.add(AuthPolicy.DIGEST); + DEFAULT_AUTH_PREFS.add(AuthPolicy.BASIC); } public HttpMethodDirector( @@ -765,13 +765,20 @@ private AuthScheme processChallenge(final Map challenges) throws MalformedChallengeException, AuthenticationException { + + Collection authPrefs = (Collection) this.params.getParameter( + AuthPolicy.AUTH_SCHEME_PRIORITY); + if (authPrefs == null || authPrefs.isEmpty()) { + authPrefs = DEFAULT_AUTH_PREFS; + } + AuthScheme authscheme = null; String challenge = null; if (LOG.isDebugEnabled()) { LOG.debug("Supported authentication schemes in the order of preference: " - + AUTH_PREFERENCES); + + authPrefs); } - Iterator item = AUTH_PREFERENCES.iterator(); + Iterator item = authPrefs.iterator(); while (item.hasNext()) { String id = (String) item.next(); challenge = (String) challenges.get(id.toLowerCase()); Index: java/org/apache/commons/httpclient/auth/AuthPolicy.java =================================================================== RCS file: /home/cvspublic/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/auth/AuthPolicy.java,v retrieving revision 1.1 diff -u -r1.1 AuthPolicy.java --- java/org/apache/commons/httpclient/auth/AuthPolicy.java 10 Dec 2003 21:37:42 -0000 1.1 +++ java/org/apache/commons/httpclient/auth/AuthPolicy.java 14 Jan 2004 17:49:40 -0000 @@ -93,6 +93,18 @@ private static Map SCHEMES = Collections.synchronizedMap(new HashMap()); /** + * The key used to look up the list of supported {@link AuthScheme authentication + * schemes} in the order of preference. The scheme IDs are stored in a + * {@link Collection}. The first item in the collection represents the ID of the + * most preferred {@link AuthScheme authentication scheme}, the last item represents + * the ID of the least preferred one. If the collection is empty, the default sequence + * will apply: NTLM, Digest, Basic. + * + * @see org.apache.commons.httpclient.params.DefaultHttpParams + */ + public static final String AUTH_SCHEME_PRIORITY = "http.auth.scheme-priority"; + + /** * The NTLM scheme is a proprietary Microsoft Windows Authentication * protocol (considered to be the most secure among currently supported * authentication schemes). Index: java/org/apache/commons/httpclient/params/DefaultHttpParamsFactory.java =================================================================== RCS file: /home/cvspublic/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/params/DefaultHttpParamsFactory.java,v retrieving revision 1.6 diff -u -r1.6 DefaultHttpParamsFactory.java --- java/org/apache/commons/httpclient/params/DefaultHttpParamsFactory.java 13 Jan 2004 18:47:27 -0000 1.6 +++ java/org/apache/commons/httpclient/params/DefaultHttpParamsFactory.java 14 Jan 2004 17:49:41 -0000 @@ -68,6 +68,7 @@ import org.apache.commons.httpclient.HttpVersion; import org.apache.commons.httpclient.SimpleHttpConnectionManager; +import org.apache.commons.httpclient.auth.AuthPolicy; import org.apache.commons.httpclient.cookie.CookiePolicy; import org.apache.commons.httpclient.util.DateParser; @@ -128,6 +129,18 @@ ); params.setParameter(DateParser.KEY_DATE_PATTERNS, datePatterns); + ArrayList authSchemes = new ArrayList(); + authSchemes.addAll( + Arrays.asList( + new String[] { + AuthPolicy.NTLM, + AuthPolicy.DIGEST, + AuthPolicy.BASIC + } + ) + ); + params.setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, authSchemes); + // TODO: To be removed. Provided for backward compatibility String agent = null; try {