Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

HTTP Authentication issue

2 views
Skip to first unread message

suru

unread,
Nov 12, 2009, 1:17:00 AM11/12/09
to
Hi,
I am using "Authenticator" to do http authentication, for URL's which
require
http authentication.

Code is as follow:

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.Authenticator;
import java.net.MalformedURLException;
import java.net.PasswordAuthentication;
import java.net.URL;

public class AuthDemo {
public static void main(String args[]) throws MalformedURLException,
IOException {
String urlString = "";
String username = "";
String password = "";
Authenticator.setDefault(new MyAuthenticator(username, password));
URL url = new URL(urlString);
InputStream content = (InputStream) url.getContent();
BufferedReader in = new BufferedReader(new InputStreamReader
(content));
String line;
while ((line = in.readLine()) != null) {
System.out.println(line);
}
System.out.println("Done.");
}

static class MyAuthenticator extends Authenticator {
private String username, password;

public MyAuthenticator(String user, String pass) {
username = user;
password = pass;
}

protected PasswordAuthentication getPasswordAuthentication() {
System.out.println("Requesting Host : " + getRequestingHost());
System.out.println("Requesting Port : " + getRequestingPort());
System.out.println("Requesting Prompt : " + getRequestingPrompt
());
System.out.println("Requesting Protocol: "
+ getRequestingProtocol());
System.out.println("Requesting Scheme : " + getRequestingScheme
());
System.out.println("Requesting Site : " + getRequestingSite());
return new PasswordAuthentication(username, password.toCharArray
());
}
}
}


Even after specified proper url, username & password, i am still
getting HTTP 401 i.e. unauthorised http error.
I have observed that MyAuthenticator::getPasswordAuthentication() is
not getting called.

Setup Details:
Machine OS: Red Hat Linux
JRE: 1.5.0_05-b05

Can anyone comment this issue?

Thanks,
Suraj

Albert

unread,
Nov 12, 2009, 6:34:13 AM11/12/09
to
Le 12/11/2009 07:17, suru a �crit :

> Hi,
> I am using "Authenticator" to do http authentication, for URL's which
> require
> http authentication.

> Even after specified proper url, username& password, i am still


> getting HTTP 401 i.e. unauthorised http error.
> I have observed that MyAuthenticator::getPasswordAuthentication() is
> not getting called.
>
> Setup Details:
> Machine OS: Red Hat Linux
> JRE: 1.5.0_05-b05
>
> Can anyone comment this issue?

Authenticator seems to be used for two kind of connections:
1/ PROXY
2/ "origin" server

The 2/ means Socks (V5) connection if you search in the jdk source code.

So for HTTP connection, you need something else (if i'm right).

Roedy Green

unread,
Nov 12, 2009, 7:29:36 PM11/12/09
to
On Wed, 11 Nov 2009 22:17:00 -0800 (PST), suru
<suraj....@gmail.com> wrote, quoted or indirectly quoted someone
who said :

>Can anyone comment this issue?

I have some notes on it and sample code.
see http://mindprod.com/jgloss/authentication.html
--
Roedy Green Canadian Mind Products
http://mindprod.com

Without deviation from the norm, progress is not possible.
~ Frank Zappa (born: 1940-12-21 died: 1993-12-04 at age: 52)

suru

unread,
Nov 13, 2009, 4:59:43 AM11/13/09
to
Thanks for reply.

I am following same guidelines as mentioned in
http://mindprod.com/jgloss/authentication.html

still facing same issue,

here are the more guidelines for use of Authenticator,
http://java.sun.com/javase/6/docs/technotes/guides/net/http-auth.html

Thanks,
Suraj

Arne Vajhøj

unread,
Nov 15, 2009, 7:33:51 PM11/15/09
to

Does the site really use HTTP BASIC authentication (or one of the
more sophisticated HTTP authentication)?

This method does not work with FORM based login.

Arne

PS: Why is getPasswordAuthentication protected and not
public ??

Roedy Green

unread,
Nov 16, 2009, 11:51:40 AM11/16/09
to
On Wed, 11 Nov 2009 22:17:00 -0800 (PST), suru
<suraj....@gmail.com> wrote, quoted or indirectly quoted someone
who said :

>Even after specified proper url, username & password, i am still


>getting HTTP 401 i.e. unauthorised http error.
>I have observed that MyAuthenticator::getPasswordAuthentication() is
>not getting called.

to track this down, you might want to use a TCP/IP sniffer such as
WireShark. Do the logon manually and watch what sorts of messages get
sent back and forth. Then do it with your authenticator.

You might find a clue at

Roedy Green

unread,
Nov 17, 2009, 2:23:36 PM11/17/09
to
On Wed, 11 Nov 2009 22:17:00 -0800 (PST), suru
<suraj....@gmail.com> wrote, quoted or indirectly quoted someone
who said :

> protected PasswordAuthentication getPasswordAuthentication() {

One simple thing you can do is run this in a debugger and see if this
method is ever being called. It seems to me most likely sun in never
triggering your method. The class library does not see the pattern to
request basic authentication.

I suspect you will have to abandon the that easy approach, watch what
your browser does, and mimic it at the HTTP level.

Another possibly approach is to see if there is some third party
add-on to support your style of authentication.

Teraposa Lunodas

unread,
Nov 24, 2009, 8:17:01 AM11/24/09
to
0 new messages