diff --git a/src/java/org/apache/http/auth/AuthScheme.java b/src/java/org/apache/http/auth/AuthScheme.java
new file mode 100644
index 000000000..520660818
--- /dev/null
+++ b/src/java/org/apache/http/auth/AuthScheme.java
@@ -0,0 +1,147 @@
+/*
+ * $HeadURL$
+ * $Revision$
+ * $Date$
+ *
+ * ====================================================================
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation. For more
+ * information on the Apache Software Foundation, please see
+ * .
+ *
+ */
+
+package org.apache.http.auth;
+
+import org.apache.http.Header;
+import org.apache.http.HttpMessage;
+
+/**
+ *
+ * This interface represents an abstract challenge-response oriented
+ * authentication scheme.
+ *
+ *
+ * An authentication scheme should be able to support the following
+ * functions:
+ *
+ * - Parse and process the challenge sent by the targer server
+ * in response to request for a protected resource
+ *
- Provide its textual designation
+ *
- Provide its parameters, if available
+ *
- Provide the realm this authentication scheme is applicable to,
+ * if available
+ *
- Generate authorization string for the given set of credentials,
+ * request method and URI as specificed in the HTTP request line
+ * in response to the actual authorization challenge
+ *
+ *
+ *
+ * Authentication schemes may ignore method name and URI parameters
+ * if they are not relevant for the given authentication mechanism
+ *
+ *
+ * Authentication schemes may be stateful involving a series of
+ * challenge-response exchanges
+ *
+ *
+ * @author Oleg Kalnichevski
+ * @author Adrian Sutton
+ *
+ * @since 2.0beta1
+ */
+
+public interface AuthScheme {
+
+ /**
+ * Processes the given challenge token. Some authentication schemes
+ * may involve multiple challenge-response exchanges. Such schemes must be able
+ * to maintain the state information when dealing with sequential challenges
+ *
+ * @param challenge the challenge string
+ *
+ * @since 3.0
+ */
+ void processChallenge(final Header header) throws MalformedChallengeException;
+
+ /**
+ * Returns textual designation of the given authentication scheme.
+ *
+ * @return the name of the given authentication scheme
+ */
+ String getSchemeName();
+
+ /**
+ * Returns authentication parameter with the given name, if available.
+ *
+ * @param name The name of the parameter to be returned
+ *
+ * @return the parameter with the given name
+ */
+ String getParameter(final String name);
+
+ /**
+ * Returns authentication realm. If the concept of an authentication
+ * realm is not applicable to the given authentication scheme, returns
+ * null.
+ *
+ * @return the authentication realm
+ */
+ String getRealm();
+
+ /**
+ * Tests if the authentication scheme is provides authorization on a per
+ * connection basis instead of usual per request basis
+ *
+ * @return true if the scheme is connection based, false
+ * if the scheme is request based.
+ *
+ * @since 3.0
+ */
+ boolean isConnectionBased();
+
+ /**
+ * Authentication process may involve a series of challenge-response exchanges.
+ * This method tests if the authorization process has been completed, either
+ * successfully or unsuccessfully, that is, all the required authorization
+ * challenges have been processed in their entirety.
+ *
+ * @return true if the authentication process has been completed,
+ * false otherwise.
+ *
+ * @since 3.0
+ */
+ boolean isComplete();
+
+ /**
+ * Produces an authorization string for the given set of {@link Credentials}.
+ *
+ * @param credentials The set of credentials to be used for athentication
+ * @param method The method being authenticated
+ * @throws AuthenticationException if authorization string cannot
+ * be generated due to an authentication failure
+ *
+ * @return the authorization string
+ *
+ * @since 3.0
+ */
+ Header authenticate(Credentials credentials, HttpMessage message) throws AuthenticationException;
+
+}
diff --git a/src/java/org/apache/http/auth/AuthenticationException.java b/src/java/org/apache/http/auth/AuthenticationException.java
new file mode 100644
index 000000000..095f89b5b
--- /dev/null
+++ b/src/java/org/apache/http/auth/AuthenticationException.java
@@ -0,0 +1,75 @@
+/*
+ * $HeadURL$
+ * $Revision$
+ * $Date$
+ *
+ * ====================================================================
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation. For more
+ * information on the Apache Software Foundation, please see
+ * .
+ *
+ */
+
+package org.apache.http.auth;
+
+import org.apache.http.ProtocolException;
+
+/**
+ * Signals a failure in authentication process
+ *
+ * @author Oleg Kalnichevski
+ *
+ * @since 2.0
+ */
+public class AuthenticationException extends ProtocolException {
+
+ private static final long serialVersionUID = -6794031905674764776L;
+
+ /**
+ * Creates a new AuthenticationException with a null detail message.
+ */
+ public AuthenticationException() {
+ super();
+ }
+
+ /**
+ * Creates a new AuthenticationException with the specified message.
+ *
+ * @param message the exception detail message
+ */
+ public AuthenticationException(String message) {
+ super(message);
+ }
+
+ /**
+ * Creates a new AuthenticationException with the specified detail message and cause.
+ *
+ * @param message the exception detail message
+ * @param cause the Throwable that caused this exception, or null
+ * if the cause is unavailable, unknown, or not a Throwable
+ *
+ * @since 3.0
+ */
+ public AuthenticationException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+}
diff --git a/src/java/org/apache/http/auth/Credentials.java b/src/java/org/apache/http/auth/Credentials.java
new file mode 100644
index 000000000..0477cb6e4
--- /dev/null
+++ b/src/java/org/apache/http/auth/Credentials.java
@@ -0,0 +1,44 @@
+/*
+ * $HeadURL$
+ * $Revision$
+ * $Date$
+ *
+ * ====================================================================
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation. For more
+ * information on the Apache Software Foundation, please see
+ * .
+ *
+ */
+
+package org.apache.http.auth;
+
+/**
+ * Authentication credentials.
+ *
+ * This is just a marker interface, the current implementation has no methods.
+ *
+ * @author Unascribed
+ * @author Mike Bowler
+ *
+ * @version $Revision$ $Date$
+ */
+public interface Credentials {
+}
diff --git a/src/java/org/apache/http/auth/InvalidCredentialsException.java b/src/java/org/apache/http/auth/InvalidCredentialsException.java
new file mode 100644
index 000000000..8b8a8775b
--- /dev/null
+++ b/src/java/org/apache/http/auth/InvalidCredentialsException.java
@@ -0,0 +1,71 @@
+/*
+ * $HeadURL$
+ * $Revision$
+ * $Date$
+ *
+ * ====================================================================
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation. For more
+ * information on the Apache Software Foundation, please see
+ * .
+ *
+ */
+
+package org.apache.http.auth;
+
+/**
+ * Authentication credentials required to respond to a authentication
+ * challenge are invalid
+ *
+ * @author Oleg Kalnichevski
+ *
+ * @since 3.0
+ */
+public class InvalidCredentialsException extends AuthenticationException {
+
+ private static final long serialVersionUID = -4834003835215460648L;
+
+ /**
+ * Creates a new InvalidCredentialsException with a null detail message.
+ */
+ public InvalidCredentialsException() {
+ super();
+ }
+
+ /**
+ * Creates a new InvalidCredentialsException with the specified message.
+ *
+ * @param message the exception detail message
+ */
+ public InvalidCredentialsException(String message) {
+ super(message);
+ }
+
+ /**
+ * Creates a new InvalidCredentialsException with the specified detail message and cause.
+ *
+ * @param message the exception detail message
+ * @param cause the Throwable that caused this exception, or null
+ * if the cause is unavailable, unknown, or not a Throwable
+ */
+ public InvalidCredentialsException(String message, Throwable cause) {
+ super(message, cause);
+ }
+}
diff --git a/src/java/org/apache/http/auth/MalformedChallengeException.java b/src/java/org/apache/http/auth/MalformedChallengeException.java
new file mode 100644
index 000000000..f3556225d
--- /dev/null
+++ b/src/java/org/apache/http/auth/MalformedChallengeException.java
@@ -0,0 +1,75 @@
+/*
+ * $HeadURL$
+ * $Revision$
+ * $Date$
+ *
+ * ====================================================================
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation. For more
+ * information on the Apache Software Foundation, please see
+ * .
+ *
+ */
+
+package org.apache.http.auth;
+
+import org.apache.http.ProtocolException;
+
+/**
+ * Signals that authentication challenge is in some way invalid or
+ * illegal in the given context
+ *
+ * @author Oleg Kalnichevski
+ *
+ * @since 2.0
+ */
+public class MalformedChallengeException extends ProtocolException {
+
+ private static final long serialVersionUID = 814586927989932284L;
+
+ /**
+ * Creates a new MalformedChallengeException with a null detail message.
+ */
+ public MalformedChallengeException() {
+ super();
+ }
+
+ /**
+ * Creates a new MalformedChallengeException with the specified message.
+ *
+ * @param message the exception detail message
+ */
+ public MalformedChallengeException(String message) {
+ super(message);
+ }
+
+ /**
+ * Creates a new MalformedChallengeException with the specified detail message and cause.
+ *
+ * @param message the exception detail message
+ * @param cause the Throwable that caused this exception, or null
+ * if the cause is unavailable, unknown, or not a Throwable
+ *
+ * @since 3.0
+ */
+ public MalformedChallengeException(String message, Throwable cause) {
+ super(message, cause);
+ }
+}