Transparent NTLM Authentication with java.net.UrlConnection - how does it work?

Question

Edit: Okay, so after a lot of research and gaining a lot more understanding, I now have a much more specific question! I've scrapped my original question.

Since JRE 1.4_02 (I think? Based on this: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4857110), java.net.UrlConnection has supported transparent NTLM authentication on Windows OS which is a requirement for my application. I would prefer to use org.apache.HttpClient. I have tried to find a way to implement this though it does not seem to be possible using pure Java?

I posted to the HttpComponents mailing list here http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/201312.mbox/%3C1388419389.31252.40.camel%40ubuntu%3E and received a response with a link to some source code for the current beta snapshot which had experimental support for transparent NTLM authentication but it is via JNA libraries that are apparently dependant on JRE 1.6 - as of httpcomponents-client 4.3.2 release the trunk will be switched to 1.6 (one of the main reasons being to support this feature) as per Oleg on the hc.apache.org mailing list.

But how does java.net.URLConnection do it in JRE 1.5? Would anyone be able to point me to some source code so I can see how the mechanism works so I can somehow implement that into the org.apache.HttpClient that is compatible with JRE 1.5 (the runtime environment I am limited to at my workplace)?

Thanks for any help!

-Rob