I am trying to authenticate with a Windows AD server (Windows 2003 Server) using the Apache common-httpclient API. This problem occurs when trying to do a basic authentication (and ntlm) using a NETBIOS name with an ampersand (&) in. When passing the username with a netbios name that has no ampersand it (which is perfectly legitimate according to Microsoft) the authentication works but when using an ampersand in it fails returning a 401 error code (Credentials failed). The version of the library I am testing with is 3.1 although 3.0 fails as well. I have tried to Google the issue but have found nothing and I was wondering if anyone else has come across this or may be able to help me out with the issue. I have tried escaping the character with a leading \ but this did not work either. Like I say it works with NETBIOS names that don't have an ampersand but ones with fail.