Apache httpclient 4.5.13 preemptive authentication or not

Question

I came across this code, which I am trying to refactor the deprecated usage of DefaultHttpClient to use HttpClientBuilder and trying to replicate the authentication part.

In HttpClientBuilder world I could use preemptive ( HttpClientContext.create().setAuthCache(new BasicAuthCache()) ) or not - setting the credentials provider directly to the builder ( httpClientBuilder.setDefaultCredentialsProvider(new BasicCredentialsProvider()) )

In here, I don't see this being specified in any way, so I debugged through the httpclient lib, but could not pull out a conclusion for sure. Could you tell me, whether below code is doing a preemptive or a non-preemptive authentication? (As I had to refactor older http client 3.x code, it was very expressive, since there was the .setAuthenticationPreemptive method, which was telling me clearly, what it was)

import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.params.HttpParams;
import org.apache.http.params.BasicHttpParams;

import org.apache.http.auth.params.AuthParams;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;

import org.apache.http.client.methods.HttpGet;
...

DefaultHttpClient client = new DefaultHttpClient(new BasicHttpParams());

HttpParams params = client.getParams();
AuthParams.setCredentialCharset(params, "UTF-8");

client.getCredentialsProvider()
        .setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("login","passwd"));
...
client.execute(new HttpGet("uri"));

Thanks you!

Answer 1

It looks like the simple answer is: above is an example of a non-preemptive authentication .

Why ? Because the only place where the preemptive one is setup is during the processing of the org.apache.http.client.protocol.RequestAuthCache interceptor, which looks for the set up AuthCache , which in above case is not set up.