diff --git a/twitter4j-core/src/main/java/twitter4j/conf/ConfigurationBase.java b/twitter4j-core/src/main/java/twitter4j/conf/ConfigurationBase.java
index 991a20e6b..782988a5f 100644
--- a/twitter4j-core/src/main/java/twitter4j/conf/ConfigurationBase.java
+++ b/twitter4j-core/src/main/java/twitter4j/conf/ConfigurationBase.java
@@ -79,6 +79,12 @@ class ConfigurationBase implements Configuration, java.io.Serializable {
     private String clientURL;
 
     public static final String DALVIK = "twitter4j.dalvik";
+
+    private static final String DEFAULT_OAUTH_REQUEST_TOKEN_URL = "http://twitter.com/oauth/request_token";
+    private static final String DEFAULT_OAUTH_AUTHORIZATION_URL = "http://twitter.com/oauth/authorize";
+    private static final String DEFAULT_OAUTH_ACCESS_TOKEN_URL = "http://twitter.com/oauth/access_token";
+    private static final String DEFAULT_OAUTH_AUTHENTICATION_URL = "http://twitter.com/oauth/authenticate";
+
     private static final String DEFAULT_REST_BASE_URL = "http://api.twitter.com/1/";
 
     private boolean IS_DALVIK;
@@ -111,10 +117,10 @@ protected ConfigurationBase() {
         setUserAgent("twitter4j http://twitter4j.org/ /" + Version.getVersion());
 
 
-        setOAuthRequestTokenURL("https://twitter.com/oauth/request_token");
-        setOAuthAuthorizationURL("https://twitter.com/oauth/authorize");
-        setOAuthAccessTokenURL("https://twitter.com/oauth/access_token");
-        setOAuthAuthenticationURL("https://twitter.com/oauth/authenticate");
+        setOAuthRequestTokenURL(DEFAULT_OAUTH_REQUEST_TOKEN_URL);
+        setOAuthAuthorizationURL(DEFAULT_OAUTH_AUTHORIZATION_URL);
+        setOAuthAccessTokenURL(DEFAULT_OAUTH_ACCESS_TOKEN_URL);
+        setOAuthAuthenticationURL(DEFAULT_OAUTH_AUTHENTICATION_URL);
 
         setRestBaseURL(DEFAULT_REST_BASE_URL);
         // search api tends to fail with SSL as of 12/31/2009
@@ -378,6 +384,18 @@ private void fixRestBaseURL() {
                 this.restBaseURL = fixURL(useSSL, restBaseURL);
             }
         }
+        if (DEFAULT_OAUTH_ACCESS_TOKEN_URL.equals(fixURL(false, oAuthAccessTokenURL))) {
+            this.oAuthAccessTokenURL = fixURL(useSSL, oAuthAccessTokenURL);
+        }
+        if (DEFAULT_OAUTH_AUTHENTICATION_URL.equals(fixURL(false, oAuthAuthenticationURL))) {
+            this.oAuthAuthenticationURL = fixURL(useSSL, oAuthAuthenticationURL);
+        }
+        if (DEFAULT_OAUTH_AUTHORIZATION_URL.equals(fixURL(false, oAuthAuthorizationURL))) {
+            this.oAuthAuthorizationURL = fixURL(useSSL, oAuthAuthorizationURL);
+        }
+        if (DEFAULT_OAUTH_REQUEST_TOKEN_URL.equals(fixURL(false, oAuthRequestTokenURL))) {
+            this.oAuthRequestTokenURL = fixURL(useSSL, oAuthRequestTokenURL);
+        }
     }
 
     public String getSearchBaseURL() {
@@ -410,6 +428,7 @@ public String getOAuthRequestTokenURL() {
 
     protected final void setOAuthRequestTokenURL(String oAuthRequestTokenURL) {
         this.oAuthRequestTokenURL = oAuthRequestTokenURL;
+        fixRestBaseURL();
     }
 
     public String getOAuthAuthorizationURL() {
@@ -418,6 +437,7 @@ public String getOAuthAuthorizationURL() {
 
     protected final void setOAuthAuthorizationURL(String oAuthAuthorizationURL) {
         this.oAuthAuthorizationURL = oAuthAuthorizationURL;
+        fixRestBaseURL();
     }
 
     public String getOAuthAccessTokenURL() {
@@ -426,6 +446,7 @@ public String getOAuthAccessTokenURL() {
 
     protected final void setOAuthAccessTokenURL(String oAuthAccessTokenURL) {
         this.oAuthAccessTokenURL = oAuthAccessTokenURL;
+        fixRestBaseURL();
     }
 
     public String getOAuthAuthenticationURL() {
@@ -434,6 +455,7 @@ public String getOAuthAuthenticationURL() {
 
     protected final void setOAuthAuthenticationURL(String oAuthAuthenticationURL) {
         this.oAuthAuthenticationURL = oAuthAuthenticationURL;
+        fixRestBaseURL();
     }
 
     public String getDispatcherImpl() {
diff --git a/twitter4j-core/src/test/java/twitter4j/conf/ConfigurationTest.java b/twitter4j-core/src/test/java/twitter4j/conf/ConfigurationTest.java
index 28ca0c6bb..af37ef505 100644
--- a/twitter4j-core/src/test/java/twitter4j/conf/ConfigurationTest.java
+++ b/twitter4j-core/src/test/java/twitter4j/conf/ConfigurationTest.java
@@ -338,8 +338,10 @@ public void testConfigurationBuilder() throws Exception {
         conf = builder.build();
         assertTrue(0 == conf.getRestBaseURL().indexOf("http://"));
         assertTrue(0 == conf.getSearchBaseURL().indexOf("http://"));
-        assertTrue(0 == conf.getOAuthAuthenticationURL().indexOf("https://"));
-        assertTrue(0 == conf.getOAuthAuthorizationURL().indexOf("https://"));
+        assertTrue(0 == conf.getOAuthAuthenticationURL().indexOf("http://"));
+        assertTrue(0 == conf.getOAuthAuthorizationURL().indexOf("http://"));
+        assertTrue(0 == conf.getOAuthAccessTokenURL().indexOf("http://"));
+        assertTrue(0 == conf.getOAuthRequestTokenURL().indexOf("http://"));
 
         builder = new ConfigurationBuilder();
         builder.setUseSSL(true);
@@ -348,14 +350,18 @@ public void testConfigurationBuilder() throws Exception {
         assertTrue(0 == conf.getSearchBaseURL().indexOf("http://"));
         assertTrue(0 == conf.getOAuthAuthenticationURL().indexOf("https://"));
         assertTrue(0 == conf.getOAuthAuthorizationURL().indexOf("https://"));
+        assertTrue(0 == conf.getOAuthAccessTokenURL().indexOf("https://"));
+        assertTrue(0 == conf.getOAuthRequestTokenURL().indexOf("https://"));
 
         builder = new ConfigurationBuilder();
         builder.setUseSSL(false);
         conf = builder.build();
         assertTrue(0 == conf.getRestBaseURL().indexOf("http://"));
         assertTrue(0 == conf.getSearchBaseURL().indexOf("http://"));
-        assertTrue(0 == conf.getOAuthAuthenticationURL().indexOf("https://"));
-        assertTrue(0 == conf.getOAuthAuthorizationURL().indexOf("https://"));
+        assertTrue(0 == conf.getOAuthAuthenticationURL().indexOf("http://"));
+        assertTrue(0 == conf.getOAuthAuthorizationURL().indexOf("http://"));
+        assertTrue(0 == conf.getOAuthAccessTokenURL().indexOf("http://"));
+        assertTrue(0 == conf.getOAuthRequestTokenURL().indexOf("http://"));
 
         builder = new ConfigurationBuilder();
         builder.setOAuthConsumerKey("key");
@@ -363,15 +369,18 @@ public void testConfigurationBuilder() throws Exception {
         conf = builder.build();
         assertTrue(0 == conf.getRestBaseURL().indexOf("http://"));
         assertTrue(0 == conf.getSearchBaseURL().indexOf("http://"));
-        assertTrue(0 == conf.getOAuthAuthenticationURL().indexOf("https://"));
-        assertTrue(0 == conf.getOAuthAuthorizationURL().indexOf("https://"));
+        assertTrue(0 == conf.getOAuthAuthenticationURL().indexOf("http://"));
+        assertTrue(0 == conf.getOAuthAuthorizationURL().indexOf("http://"));
+        assertTrue(0 == conf.getOAuthAccessTokenURL().indexOf("http://"));
+        assertTrue(0 == conf.getOAuthRequestTokenURL().indexOf("http://"));
 
         RequestToken rt = new RequestToken("key","secret");
 
         // TFJ-328 RequestToken.getAuthenticationURL()/getAuthorizationURL() should return URLs starting with https:// for security reasons
-        assertTrue(0 == rt.getAuthenticationURL().indexOf("https://"));
-        assertTrue(0 == rt.getAuthorizationURL().indexOf("https://"));
-
+        assertTrue(0 == rt.getAuthenticationURL().indexOf("http://"));
+        assertTrue(0 == rt.getAuthorizationURL().indexOf("http://"));
+        assertTrue(0 == conf.getOAuthAccessTokenURL().indexOf("http://"));
+        assertTrue(0 == conf.getOAuthRequestTokenURL().indexOf("http://"));
     }
 
     private void writeFile(String path, String content) throws IOException {