If a client tries to access a https or http resource in one request
which requires ntlm proxy authentication and basic or digest server
authentication then the request fails.

This happens because the connection between the client and proxy
may have to be closed, even though ntlm would normally require the
connection to be kept open. In this case, the client needs to remember
the server authentication information and include it at the apprpriate time
with the proxy authorization when thr retry happens.

Problem does not occur if proxy auth and server auth occurs in
separate requests (because of caching).

-------

Actually, the problem is more general than as described above.
It happens with any kind of authentication (basic, digest, ntlm)
when both proxy and server need to be authenticated in the same
request.

An additional, but related problem occurs if during the authentication
to the proxy or server, incorrect credentials are supplied. If this happens,
the HttpURLConnection does not recover and throws an IOException to the
application. What should happen is that the request should be retried
(up to the retry limit) and the applications authenticator should be
queried for new credentials.

###@###.### 2002-11-25