We're developing a Java SE application that is to be deployed at corporate customer sites. Using http the application needs to access the Internet from time to time and does so using URL.openConnection(java.net.Proxy) which in effect means HttpURLConnection.
We are looking to give the application user the same experience that comes with the major browsers meaning that if the major browsers (IE, Firefox, Chrome) can pass through a given proxy then so should our application.
We are assuming that corporate proxy servers in this day and age use some form of promptless authentication (NTLM, SPNEGO). To this end we end have two concrete questions:
Can
HttpURLConnectionpass through a proxy that requires NTLMv2 authentication ?. Looking through the JDK source code it seems there's support for NTLM but nowhere can I find any documentation as to what version of NTLM is supported. I've trawled through all release notes since JDK5.Can
HttpURLConnectionpass through a proxy that uses SPNEGO-Kerberos authentication ? (without requiring changes to customer's desktops, e.g. forget about registry changes).
The target desktop platform for our application is Windows 7 (or later).
The JVM used is Oracle Java v7 or later.
In general there's no room for making changes to our customer's desktops for the sake of our application. It won't happen if it's a scenario that the major browsers can handle without changes. So we need to assess what Java can do for us. We are using a third-party library for some of the comms and this library in turn uses standard JDK classes (e.g. URL.openConnection()). We are aware that Apache HttpComponents Client (formerly Apache HttpClient) is an alternative and we are willing to rip out this third party library to be able to replace with Apache HttpComponents Client if that solution is truly better in terms of being a able to pass through a proxy.
