Thanks for the pointers.
> Just to mention a few:
"An Authenticator is an object that negotiates credentials
(HTTP authentication) for a connection.
It provides different authentication schemes (such as basic or
I believe that's a misunderstanding: you will notice that the text
talks about the Authenticator - not the HttpClient. But I do agree
that this text is misleading (even WRT Authenticator).
HttpURLConnection does support digest authentication out of the box.
It was a choice we made to not support any authentication scheme out
of the box, except Basic, in the new API.
As I said Digest can be easily implemented at the application level
if you need it, by handling the 401/407 responses at the application