HTTP Authentication issue

[suru]

Hi,
I am using "Authenticator" to do http authentication, for URL's which
require
http authentication.

Code is as follow:

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.Authenticator;
import java.net.MalformedURLException;
import java.net.PasswordAuthentication;
import java.net.URL;

public class AuthDemo {
public static void main(String args[]) throws MalformedURLException,
IOException {
String urlString = "";
String username = "";
String password = "";
Authenticator.setDefault(new MyAuthenticator(username, password));
URL url = new URL(urlString);
InputStream content = (InputStream) url.getContent();
BufferedReader in = new BufferedReader(new InputStreamReader
(content));
String line;
while ((line = in.readLine()) != null) {
System.out.println(line);
}
System.out.println("Done.");
}

static class MyAuthenticator extends Authenticator {
private String username, password;

public MyAuthenticator(String user, String pass) {
username = user;
password = pass;
}

protected PasswordAuthentication getPasswordAuthentication() {
System.out.println("Requesting Host : " + getRequestingHost());
System.out.println("Requesting Port : " + getRequestingPort());
System.out.println("Requesting Prompt : " + getRequestingPrompt
());
System.out.println("Requesting Protocol: "
+ getRequestingProtocol());
System.out.println("Requesting Scheme : " + getRequestingScheme
());
System.out.println("Requesting Site : " + getRequestingSite());
return new PasswordAuthentication(username, password.toCharArray
());
}
}
}


Even after specified proper url, username & password, i am still
getting HTTP 401 i.e. unauthorised http error.
I have observed that MyAuthenticator::getPasswordAuthentication() is
not getting called.

Setup Details:
Machine OS: Red Hat Linux
JRE: 1.5.0_05-b05

Can anyone comment this issue?

Thanks,
Suraj

 

[Albert]

Le 12/11/2009 07:17, suru a écrit :

Hi,
I am using "Authenticator" to do http authentication, for URL's which
require
http authentication.

Even after specified proper url, username& password, i am still
getting HTTP 401 i.e. unauthorised http error.
I have observed that MyAuthenticator::getPasswordAuthentication() is
not getting called.

Setup Details:
Machine OS: Red Hat Linux
JRE: 1.5.0_05-b05

Can anyone comment this issue?

Authenticator seems to be used for two kind of connections:
1/ PROXY
2/ "origin" server

The 2/ means Socks (V5) connection if you search in the jdk source code.

So for HTTP connection, you need something else (if i'm right).

 

[Roedy Green]

Can anyone comment this issue?

I have some notes on it and sample code.
see http://mindprod.com/jgloss/authentication.html
--
Roedy Green Canadian Mind Products
http://mindprod.com

Without deviation from the norm, progress is not possible.
~ Frank Zappa (born: 1940-12-21 died: 1993-12-04 at age: 52)

 

[suru]

Thanks for reply.

I am following same guidelines as mentioned in
http://mindprod.com/jgloss/authentication.html

still facing same issue,

here are the more guidelines for use of Authenticator,
http://java.sun.com/javase/6/docs/technotes/guides/net/http-auth.html

Thanks,
Suraj

 

[Arne Vajhøj]

I am using "Authenticator" to do http authentication, for URL's which
require
http authentication.

Code is as follow:

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.Authenticator;
import java.net.MalformedURLException;
import java.net.PasswordAuthentication;
import java.net.URL;

public class AuthDemo {
public static void main(String args[]) throws MalformedURLException,
IOException {
String urlString = "";
String username = "";
String password = "";
Authenticator.setDefault(new MyAuthenticator(username, password));
URL url = new URL(urlString);
InputStream content = (InputStream) url.getContent();
BufferedReader in = new BufferedReader(new InputStreamReader
(content));
String line;
while ((line = in.readLine()) != null) {
System.out.println(line);
}
System.out.println("Done.");
}

static class MyAuthenticator extends Authenticator {
private String username, password;

public MyAuthenticator(String user, String pass) {
username = user;
password = pass;
}

protected PasswordAuthentication getPasswordAuthentication() {
System.out.println("Requesting Host : " + getRequestingHost());
System.out.println("Requesting Port : " + getRequestingPort());
System.out.println("Requesting Prompt : " + getRequestingPrompt
());
System.out.println("Requesting Protocol: "
+ getRequestingProtocol());
System.out.println("Requesting Scheme : " + getRequestingScheme
());
System.out.println("Requesting Site : " + getRequestingSite());
return new PasswordAuthentication(username, password.toCharArray
());
}
}
}


Even after specified proper url, username & password, i am still
getting HTTP 401 i.e. unauthorised http error.
I have observed that MyAuthenticator::getPasswordAuthentication() is
not getting called.

Setup Details:
Machine OS: Red Hat Linux
JRE: 1.5.0_05-b05

Can anyone comment this issue?

Does the site really use HTTP BASIC authentication (or one of the
more sophisticated HTTP authentication)?

This method does not work with FORM based login.

Arne

PS: Why is getPasswordAuthentication protected and not
public ??

 

[Roedy Green]

Even after specified proper url, username & password, i am still
getting HTTP 401 i.e. unauthorised http error.
I have observed that MyAuthenticator::getPasswordAuthentication() is
not getting called.

to track this down, you might want to use a TCP/IP sniffer such as
WireShark. Do the logon manually and watch what sorts of messages get
sent back and forth. Then do it with your authenticator.

You might find a clue at
http://mindprod.com/jgloss/authentication.html
--
Roedy Green Canadian Mind Products
http://mindprod.com

Without deviation from the norm, progress is not possible.
~ Frank Zappa (born: 1940-12-21 died: 1993-12-04 at age: 52)

 

[Roedy Green]

protected PasswordAuthentication getPasswordAuthentication() {

One simple thing you can do is run this in a debugger and see if this
method is ever being called. It seems to me most likely sun in never
triggering your method. The class library does not see the pattern to
request basic authentication.

I suspect you will have to abandon the that easy approach, watch what
your browser does, and mimic it at the HTTP level.

Another possibly approach is to see if there is some third party
add-on to support your style of authentication.
--
Roedy Green Canadian Mind Products
http://mindprod.com

Without deviation from the norm, progress is not possible.
~ Frank Zappa (born: 1940-12-21 died: 1993-12-04 at age: 52)

 

[Teraposa Lunodas]

Authenticator seems to be used for two kind of connections:
1/ PROXY
2/ "origin" server

The 2/ means Socks (V5) connection if you search in the jdk source
code.

So for HTTP connection, you need something else (if i'm right).