All geek questions in one place

Base64 Encoding Basic Authentication Header Apache HTTP Client

Two related questions, I am using the Apache HTTP Client 4.x API. myHttpPost is an instance of HttpPost, and myHttpClient is an instance of HttpClient. I am trying to send a request using basic authentication. So I have HttpClient and create HttpPost.

The brute force method for setting the basic authentication header seems to be set in the HttpPost header.

String encoding = Base64Encoder.encode("username" + ":" + "password"); myHttpPost.setHeader("Authorization", "Basic " + encoding);

The above example came from another question (now it cannot find the link). As for the Base64Encoder class - what package will I find in it or where to download it?

The main question: I was hoping to make basic authentication a more aesthetic way using the following code:

 myHttpClient.getCredentialsProvider().setCredentials( new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, AuthScope.ANY_REALM, AuthPolicy.BASIC), new UsernamePasswordCredentials("username", "password") );

But this does not seem to work. So, is the first example above the correct path for basic authentication with Apache HTTP Client 4.0? Or there is a cleaner / easier way.

+4
source share
4 answers

Regarding the Base64Encoder class - which package will I find it in or where can I download it from?

Base64Encoder can come from different places, I could not find something that matches your static encode method.

As for the credentials, you need to install the scheme on Basic on AuthScope , for example:

 myHttpClient.getCredentialsProvider().setCredentials( new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, AuthScope.ANY_REALM, "basic"), new UsernamePasswordCredentials("username", "password") );

or

 myHttpClient.getCredentialsProvider().setCredentials( new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, AuthScope.ANY_REALM, AuthPolicy.BASIC), new UsernamePasswordCredentials("username", "password") );
+4
source

HttpClient does not attempt to authenticate using a source or proxy server unless explicitly polled. I suspect you would like HttpClient authenticate proactively. Although proactive authentication is disabled by default (and I personally will prevent it from being used outside of secure or internal networks), you can force authentication using the example below

http://hc.apache.org/httpcomponents-client-ga/httpclient/examples/org/apache/http/examples/client/ClientPreemptiveBasicAuthentication.java

+1
source

I tried the solution proposed at http://hc.apache.org/httpcomponents-client-ga/httpclient/examples/org/apache/http/examples/client/ClientPreemptiveBasicAuthentication.java and it works for Base64 Encoding basic authentication. I think,

  // Create AuthCache instance AuthCache authCache = new BasicAuthCache(); // Generate BASIC scheme object and add it to the local // auth cache BasicScheme basicAuth = new BasicScheme(); authCache.put(target, basicAuth); // Add AuthCache to the execution context HttpClientContext localContext = HttpClientContext.create(); localContext.setAuthCache(authCache);

does a miracle :) since without this I always get the "401 unauthorized" HTTP response

+1
source

I know this is a really old post. But I just wanted to answer so that others would win in the future:

If you use a username that must be represented using the variable width encoding ( http://en.wikipedia.org/wiki/Variable-width_encoding ), make sure that you change the encoding used to form the bytes for (username: password) as follows: HttpParams params = new BasicHttpParams (); params.setParameter (AuthPNames.CREDENTIAL_CHARSET, HTTP.UTF_8);

The default encoding is HttpProtocolParams.HTTP_ELEMENT_CHARSET.

+1
source

Source: https://habr.com/ru/post/1384058/

More articles:


All Articles