I am checking out the class org.apache.http.auth. Any more reference or example if anyone has?
2
-
2Is this a question about Android applications authentication or just about authentication for a general web app, which just might run on Android?jottos– jottos2009-12-28 08:02:08 +00:00Commented Dec 28, 2009 at 8:02
-
For web authentication(http authentication) for user credentials(username,password)Bohemian– Bohemian2009-12-28 08:18:34 +00:00Commented Dec 28, 2009 at 8:18
Add a comment
|
6 Answers
For me, it worked,
final String basicAuth = "Basic " + Base64.encodeToString("user:password".getBytes(), Base64.NO_WRAP);
Apache HttpCLient:
request.setHeader("Authorization", basicAuth);
HttpUrlConnection:
connection.setRequestProperty ("Authorization", basicAuth);
8 Comments
Robert Massaioli
The NO_WRAP flag! That was key. I was just using the default and wondering why I kept getting a 400.
Johnny Doe
Your answer saves me a lot of time. Thanx! My problem was really in wrong flag (DEFAULT).
Thiago Festa
Finally, after a long time... no_wrap FTW!
slott
wow - this NO_WRAP just ended my 5 hours problem solving against a server which had no logging... THANX!
LukeWaggoner
Thanks for the nice concise answer! Android Community FTW.
|
I've not met that particular package before, but it says it's for client-side HTTP authentication, which I've been able to do on Android using the java.net APIs, like so:
Authenticator.setDefault(new Authenticator(){
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication("myuser","mypass".toCharArray());
}});
HttpURLConnection c = (HttpURLConnection) new URL(url).openConnection();
c.setUseCaches(false);
c.connect();
Obviously your getPasswordAuthentication() should probably do something more intelligent than returning a constant.
If you're trying to make a request with a body (e.g. POST) with authentication, beware of Android issue 4326. I've linked a suggested fix to the platform there, but there's a simple workaround if you only want Basic auth: don't bother with Authenticator, and instead do this:
c.setRequestProperty("Authorization", "basic " +
Base64.encode("myuser:mypass".getBytes(), Base64.NO_WRAP));
9 Comments
Bohemian
Do u know any base64 encoding class present in android 2.0??
Chris Boyle
The platform has it in a few places, but oddly enough they don't expose it. They even left references to it in the docs of e.g.
android.util. I was using ksoap2-android when I found this, and they have an implementation that depends only on java.io, so you could just grab that class (subject to its license of course) from: kobjects.cvs.sourceforge.net/kobjects/kobjects/src/org/kobjects/…
Ken
How do you handle the event that the authentication fails, say because the supplied credentials are bad?
amit
Base64 is not available in older versions of Android. Any suggestions there?
Bachask8
i'm getting an error when trying to c.connect(); , it says IOException
|
You can manually insert http header to request:
HttpGet request = new HttpGet(...);
request.setHeader("Authorization", "Basic "+Base64.encodeBytes("login:password".getBytes()));
Comments
Manual method works well with import android.util.Base64, but be sure to set Base64.NO_WRAP on calling encode:
String basicAuth = "Basic " + new String(Base64.encode("user:pass".getBytes(),Base64.NO_WRAP ));
connection.setRequestProperty ("Authorization", basicAuth);
Comments
For my Android projects I've used the Base64 library from here:
It's a very extensive library and so far I've had no problems with it.
Comments
This works for me
URL imageUrl = new URL(url);
HttpURLConnection conn = (HttpURLConnection) imageUrl
.openConnection();
conn.setRequestProperty("Authorization", "basic " +
Base64.encode("username:password".getBytes()));
conn.setConnectTimeout(30000);
conn.setReadTimeout(30000);
conn.setInstanceFollowRedirects(true);
InputStream is = conn.getInputStream();
